urlscan.io logo urlscan.io
SecurityTrails logo

www.bagnet.org Open in urlscan Pro
136.243.146.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bagnet.org/
Submission: On January 05 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 16 countries across 87 domains to perform 689 HTTP transactions. The main IP is 136.243.146.78, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.bagnet.org.
TLS certificate: Issued by R3 on November 22nd 2022. Valid for: 3 months.
This is the only time www.bagnet.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 136.243.146.78 24940 (HETZNER-AS)
12 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
9 212.42.76.150 8856 (UKRNET Kiev)
16 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
16 65.9.66.34 16509 (AMAZON-02)
1 104.18.3.81 13335 (CLOUDFLAR...)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
2 2a00:1450:400... 15169 (GOOGLE)
2 144.76.176.42 24940 (HETZNER-AS)
24 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 185.184.8.90 204995 (RTB-HOUSE...)
15 2a02:2638:1::1a 44788 (ASN-CRITE...)
24 185.86.138.32 201081 (SMARTADSE...)
15 2602:803:c003... 26667 (RUBICONPR...)
1 162.55.101.208 24940 (HETZNER-AS)
15 185.64.189.112 62713 (AS-PUBMATIC)
2 21 216.52.2.19 32475 (SINGLEHOP...)
1 32 185.89.210.82 29990 (ASN-APPNEX)
44 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 107.178.244.119 15169 (GOOGLE)
4 18.66.15.71 16509 (AMAZON-02)
4 151.101.193.108 54113 (FASTLY)
15 185.89.210.141 29990 (ASN-APPNEX)
9 46.4.10.49 24940 (HETZNER-AS)
1 7 185.29.134.245 30419 (MEDIAMATH...)
3 92.123.37.164 16625 (AKAMAI-AS)
1 5 144.76.238.55 24940 (HETZNER-AS)
1 5 138.201.135.164 24940 (HETZNER-AS)
2 142.250.185.230 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
3 8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
4 4 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
2 2a0b:4d07:102::1 44239 (PROINITY ...)
4 18.130.53.249 16509 (AMAZON-02)
2 4 142.250.186.166 15169 (GOOGLE)
2 2 94.23.99.218 16276 (OVH)
2 54.76.176.197 16509 (AMAZON-02)
2 96.16.147.165 16625 (AKAMAI-AS)
8 23.203.124.180 16625 (AKAMAI-AS)
14 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
4 8 185.29.132.241 30419 (MEDIAMATH...)
6 34 172.217.19.98 15169 (GOOGLE)
6 6 52.57.221.29 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
3 4 37.157.6.247 198622 (ADFORM)
1 1 2600:9000:206... 16509 (AMAZON-02)
2 3 51.89.9.253 16276 (OVH)
5 5 185.83.142.19 29990 (ASN-APPNEX)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
24 99.86.4.27 16509 (AMAZON-02)
10 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 35.186.193.173 15169 (GOOGLE)
3 5 69.173.144.139 26667 (RUBICONPR...)
4 4 213.19.147.44 3356 (LEVEL3)
5 35.71.131.137 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
3 3 213.155.156.185 1299 (TWELVE99 ...)
1 35.186.253.211 15169 (GOOGLE)
4 172.217.18.2 15169 (GOOGLE)
3 65.9.66.42 16509 (AMAZON-02)
2 99.86.4.52 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a02:2638::c 44788 (ASN-CRITE...)
2 2a02:2638::21 44788 (ASN-CRITE...)
3 159.69.70.9 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 37.157.2.234 198622 (ADFORM)
3 6 185.64.189.115 62713 (AS-PUBMATIC)
2 2 172.64.154.237 13335 (CLOUDFLAR...)
2 2 35.157.17.37 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
17 37.157.6.236 198622 (ADFORM)
1 2 185.64.190.79 62713 (AS-PUBMATIC)
1 16 185.64.189.110 62713 (AS-PUBMATIC)
1 162.55.236.224 24940 (HETZNER-AS)
6 3.11.171.0 16509 (AMAZON-02)
5 23.35.236.201 16625 (AKAMAI-AS)
8 104.109.78.125 16625 (AKAMAI-AS)
1 178.250.2.151 44788 (ASN-CRITE...)
3 5 67.220.224.144 16509 (AMAZON-02)
1 1 44.194.228.115 14618 (AMAZON-AES)
5 5 52.30.188.40 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.139.57 201081 (SMARTADSE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.214.223.115 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.47.120 213230 (HETZNER-C...)
1 72.251.245.181 32475 (SINGLEHOP...)
1 1 141.95.171.139 16276 (OVH)
1 1 141.94.170.64 16276 (OVH)
2 52.17.55.60 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 34.98.67.61 396982 (GOOGLE-CL...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
4 198.47.127.20 62713 (AS-PUBMATIC)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 3 209.54.182.161 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 52.220.229.2 ()
1 2 52.73.105.161 14618 (AMAZON-AES)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 1 15.235.15.221 16276 (OVH)
689 105
40    136.243.146.78 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: bagnet.org
www.bagnet.org
12    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
28    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com
sinoptik.ua
sinst.fwdcdn.com
16    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net
randiul.com
1    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    144.76.176.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.42.176.76.144.clients.your-server.de
newportal.com.ua
24    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
15    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
1    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
15    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
15    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
24    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
15    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de
shb.richaudience.com
15    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
21    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
32    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
44    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
4    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
4    18.66.15.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-71.vie50.r.cloudfront.net
choices.truste.com
4    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
15    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
9    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal9000.redintelligence.net
7    185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
3    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de
hal900021.redintelligence.net
5    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
10    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
8    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
4    18.130.53.249 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
track.webgains.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
5994599.fls.doubleclick.net
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
2    96.16.147.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-165.deploy.static.akamaitechnologies.com
www.awin1.com
8    23.203.124.180 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
14    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
34    172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f2.1e100.net
cm.g.doubleclick.net
6    52.57.221.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-221-29.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:206e:e400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
24    99.86.4.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-27.fra6.r.cloudfront.net
choices.trustarc.com
10    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
3    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
3    65.9.66.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-42.fra56.r.cloudfront.net
analytics.webgains.io
2    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
hal900017.redintelligence.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    35.157.17.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-17-37.eu-central-1.compute.amazonaws.com
match.360yield.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
17    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
6    3.11.171.0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
api.webgains.io
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    44.194.228.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-228-115.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    52.30.188.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
2    52.17.55.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-55-60.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    2a05:d018:d29:3601:9a06:e26f:40d0:e9d8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
2    52.73.105.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-105-161.compute-1.amazonaws.com
a.audrte.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
74 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
ad.doubleclick.net — Cisco Umbrella Rank: 214
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 101602
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
581 KB
74 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
844 KB
64 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
cdn.adnxs.com — Cisco Umbrella Rank: 2150
ams3-ib.adnxs.com — Cisco Umbrella Rank: 5805
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com — Cisco Umbrella Rank: 670
330 KB
49 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739
image6.pubmatic.com — Cisco Umbrella Rank: 996
image8.pubmatic.com — Cisco Umbrella Rank: 933
image2.pubmatic.com — Cisco Umbrella Rank: 1316
ads.pubmatic.com — Cisco Umbrella Rank: 741
simage2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 1480
simage4.pubmatic.com — Cisco Umbrella Rank: 1564
aud.pubmatic.com — Cisco Umbrella Rank: 8381
53 KB
40 bagnet.org
www.bagnet.org
836 KB
32 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
eus.rubiconproject.com — Cisco Umbrella Rank: 832
token.rubiconproject.com — Cisco Umbrella Rank: 858
52 KB
25 adform.net
c1.adform.net — Cisco Umbrella Rank: 871
track.adform.net — Cisco Umbrella Rank: 3383
s1.adform.net — Cisco Umbrella Rank: 6770
189 KB
25 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1916
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
11 KB
24 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 1192
94 KB
22 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33053
hal900021.redintelligence.net — Cisco Umbrella Rank: 461486
hal900015.redintelligence.net — Cisco Umbrella Rank: 358852
hal900017.redintelligence.net — Cisco Umbrella Rank: 342426
495 KB
21 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
8 KB
20 gstatic.com
fonts.gstatic.com
www.gstatic.com
347 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.eu.criteo.net — Cisco Umbrella Rank: 5392
csm.eu.criteo.net — Cisco Umbrella Rank: 5670
317 KB
19 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 11057
ads.eu.criteo.com — Cisco Umbrella Rank: 5530
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7028
dis.criteo.com — Cisco Umbrella Rank: 903
51 KB
18 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 5630
pixel.mathtag.com — Cisco Umbrella Rank: 1380
sync.mathtag.com — Cisco Umbrella Rank: 679
11 KB
16 randiul.com
randiul.com — Cisco Umbrella Rank: 652556
55 KB
16 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
613 KB
15 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5452
3 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 23166
2 MB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
722 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
1 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
ajax.googleapis.com — Cisco Umbrella Rank: 520
41 KB
10 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28784
ad4m.at — Cisco Umbrella Rank: 9270
assets.ad4m.at — Cisco Umbrella Rank: 40645
633 KB
9 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 16387
api.webgains.io — Cisco Umbrella Rank: 45230
94 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 977
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
6 KB
8 fwdcdn.com
sinst.fwdcdn.com — Cisco Umbrella Rank: 170378
39 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
2 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 52562
medialead.de — Cisco Umbrella Rank: 52129
2 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 814
2 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
30 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 38402
54 KB
4 truste.com
choices.truste.com — Cisco Umbrella Rank: 1209
22 KB
4 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 6383
442 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20128
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30309
739 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6509
873 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
2 KB
3 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5103
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4330
310 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
829 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
156 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 7169
623 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1792
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2932
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1114
530 B
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12486
pixel.onaudience.com — Cisco Umbrella Rank: 4199
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3351
790 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
2 KB
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 48721
6 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1903
1 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 35086
ipac.ctnsnet.com — Cisco Umbrella Rank: 5807
925 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
951 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16669
1 KB
2 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 106822
624 B
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 195156
2 KB
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 51980
831 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393
static-de.ad4mat.net — Cisco Umbrella Rank: 155945
4 KB
2 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4289
sync.richaudience.com — Cisco Umbrella Rank: 2913
455 B
2 newportal.com.ua
newportal.com.ua
376 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 113835
i.bigmir.net — Cisco Umbrella Rank: 202250
1 KB
1 gammaplatform.com
cm-supply-web.gammaplatform.com
640 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
707 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4735
461 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3231
555 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 963
191 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1570
356 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3376
381 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 14488
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1952
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8778
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6635
278 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1202
225 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 821
511 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
611 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2379
350 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675
577 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 914
443 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1248
761 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
695 B
1 i.ua
r.i.ua — Cisco Umbrella Rank: 138845
3 KB
1 sinoptik.ua
sinoptik.ua — Cisco Umbrella Rank: 71330
918 B
0 everesttech.net Failed
sync-tm.everesttech.net Failed
689 87
Domain Requested by
44 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
www.bagnet.org
tpc.googlesyndication.com
40 www.bagnet.org www.bagnet.org
34 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
www.bagnet.org
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
32 ib.adnxs.com 1 redirects hb.adpone.com
acdn.adnxs.com
28 pagead2.googlesyndication.com www.bagnet.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
24 choices.trustarc.com choices.truste.com
choices.trustarc.com
www.bagnet.org
24 prg.smartadserver.com hb.adpone.com
22 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bagnet.org
21 ap.lijit.com 2 redirects hb.adpone.com
17 s1.adform.net track.adform.net
s1.adform.net
www.bagnet.org
16 randiul.com www.bagnet.org
randiul.com
16 www.googletagservices.com www.bagnet.org
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
15 ams3-ib.adnxs.com hb.adpone.com
randiul.com
cdn.adnxs.com
15 hbopenbid.pubmatic.com hb.adpone.com
15 fastlane.rubiconproject.com hb.adpone.com
15 bidder.criteo.com hb.adpone.com
15 prebid-eu.creativecdn.com hb.adpone.com
15 hb.adpone.com randiul.com
14 s0.2mdn.net www.bagnet.org
s0.2mdn.net
14 fonts.gstatic.com fonts.googleapis.com
12 fonts.googleapis.com www.bagnet.org
googleads.g.doubleclick.net
hal900021.redintelligence.net
hal900015.redintelligence.net
s0.2mdn.net
10 simage2.pubmatic.com ads.pubmatic.com
10 static.criteo.net ads.eu.criteo.com
hb.adpone.com
static.criteo.net
9 hal9000.redintelligence.net www.bagnet.org
hal900021.redintelligence.net
hal900015.redintelligence.net
8 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
8 sync.mathtag.com 4 redirects tags.mathtag.com
sync.mathtag.com
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
8 acdn.adnxs.com randiul.com
hb.adpone.com
8 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bagnet.org
8 sinst.fwdcdn.com sinoptik.ua
sinst.fwdcdn.com
7 pix.eu.criteo.net ads.eu.criteo.com
7 tags.mathtag.com 1 redirects randiul.com
www.bagnet.org
tags.mathtag.com
7 securepubads.g.doubleclick.net www.googletagservices.com
randiul.com
securepubads.g.doubleclick.net
www.bagnet.org
6 api.webgains.io analytics.webgains.io
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 x.bidswitch.net 6 redirects
6 www.gstatic.com googleads.g.doubleclick.net
5 match.prod.bidr.io 5 redirects
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
www.bagnet.org
5 ads.pubmatic.com hb.adpone.com
ads.pubmatic.com
5 match.adsrvr.org googleads.g.doubleclick.net
ads.pubmatic.com
www.bagnet.org
5 pixel.rubiconproject.com 3 redirects www.bagnet.org
5 secure.adnxs.com 5 redirects
5 hal900015.redintelligence.net 1 redirects randiul.com
hal900015.redintelligence.net
5 hal900021.redintelligence.net 1 redirects randiul.com
hal900021.redintelligence.net
5 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 track.adform.net hal900017.redintelligence.net
s1.adform.net
4 cdnjs.cloudflare.com ads.eu.criteo.com
s1.adform.net
4 googleads4.g.doubleclick.net www.bagnet.org
4 c1.adform.net 3 redirects ads.pubmatic.com
4 5994599.fls.doubleclick.net 2 redirects www.bagnet.org
4 track.webgains.com www.bagnet.org
as.ad4m.at
4 pv.medialead.de 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 cdn.adnxs.com hb.adpone.com
4 choices.truste.com hb.adpone.com
s0.2mdn.net
4 beacon.sojern.com hb.adpone.com
randiul.com
3 s.amazon-adsystem.com 2 redirects www.bagnet.org
3 ups.analytics.yahoo.com 3 redirects
3 hal900017.redintelligence.net hal9000.redintelligence.net
hal900017.redintelligence.net
3 analytics.webgains.io track.webgains.com
3 d5p.de17a.com 3 redirects
3 sync.1rx.io 3 redirects
3 onetag-sys.com 2 redirects googleads.g.doubleclick.net
3 pixel.mathtag.com www.bagnet.org
tags.mathtag.com
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com www.bagnet.org
adv.office-partner.de
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects www.bagnet.org
2 a.audrte.com 1 redirects www.bagnet.org
2 simage4.pubmatic.com ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
www.bagnet.org
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 image8.pubmatic.com 1 redirects www.bagnet.org
2 match.360yield.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 assets.ad4m.at as.ad4m.at
2 csm.eu.criteo.net ads.eu.criteo.com
2 cdn.track.production.webgains.team randiul.com
track.webgains.com
2 dsp.adfarm1.adition.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.awin1.com randiul.com
2 ad-server.eu randiul.com
2 medialead.de 2 redirects
2 adv.office-partner.de hal900021.redintelligence.net
hal900015.redintelligence.net
2 pb.media01.eu hal900021.redintelligence.net
hal900015.redintelligence.net
2 ad.doubleclick.net www.googletagservices.com
2 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 newportal.com.ua www.bagnet.org
2 www.google-analytics.com www.bagnet.org
www.google-analytics.com
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com www.bagnet.org
1 cm-supply-web.gammaplatform.com 1 redirects
1 px.ads.linkedin.com www.bagnet.org
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 odr.mookie1.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.richaudience.com www.bagnet.org
1 ajax.googleapis.com hal900017.redintelligence.net
1 rtb.openx.net googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 static-de.ad4mat.net as.ad4m.at
1 s.ad.smaato.net 1 redirects
1 p.rfihub.com 1 redirects
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com www.bagnet.org
1 prod-rtb.ad4mat.net www.bagnet.org
1 shb.richaudience.com hb.adpone.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 i.bigmir.net www.bagnet.org
1 c.bigmir.net 1 redirects
1 r.i.ua www.bagnet.org
1 sinoptik.ua www.bagnet.org
0 sync-tm.everesttech.net Failed ads.pubmatic.com
689 142

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
www.i.ua
www.bigmir.net
Subject Issuer Validity Valid
bagnet.org
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA		 2022-11-23 -
2023-11-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
randiul.com
Amazon		 2022-09-04 -
2023-10-02		 a year crt.sh
i.ua
R3		 2023-01-02 -
2023-04-02		 3 months crt.sh
pharmpedia.org
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.truste.com
Amazon		 2022-12-18 -
2024-01-16		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2023-01-01 -
2023-04-01		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 116 frames:

Primary Page: https://www.bagnet.org/
Frame ID: 707E1DC3D26F2470D0A27F15F5845F29
Requests: 75 HTTP requests in this frame

Frame: https://newportal.com.ua/traffic/100382.html
Frame ID: 3BFF398948731AC91F50742599FFC47A
Requests: 1 HTTP requests in this frame

Frame: https://newportal.com.ua/traffic/100378.html
Frame ID: F36EA8CA4D84A949E91FD859686BB336
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: FD4B00D04B1AEABE2BB4F04417AEC4FD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: FBDE96A3F1F8A8B7613C39DB19A9EA0D
Requests: 23 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=adwipcut&e=1610118725716
Frame ID: 2AB249533247771B3104A3AACBAD2145
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Frame ID: C26BB53316CFD8EC65FC8AA6C919C86F
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=xmzqpdlh&e=1610118725716
Frame ID: CDCAAA00724F6BC3F3E309250F9B3051
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=cvfhltc&e=1610118725716
Frame ID: 5C92560B3DE235088D8102D0C8CE8668
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=relqudtyen&e=1610118725716
Frame ID: 628EE25611FE072501F9903E75EE275A
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=ssamglrx&e=1610118725716
Frame ID: B05962572149592AAD6170EF266AF7FB
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Frame ID: 7CB6D15839BB42969A183C76AAB073F7
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=zrfcegujz&e=1610118725716
Frame ID: 62591E4635FCCA3E37DF0B291DA605F1
Requests: 10 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=rmrccaiz&e=1610118725716
Frame ID: EDD193A887A63A924875B5B30A8EF718
Requests: 9 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=blxiqpxyyl&e=1610118725716
Frame ID: C1B743524D7B0E06AC3A8078A261B6E3
Requests: 9 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=ayiumtcg&e=1610118725716
Frame ID: 60E09439A2D8EB6B4361EF47763186D6
Requests: 9 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=mtujveef&e=1610118725716
Frame ID: 1E151EEBDF16DCDDCC1B0E03B5ED7AE4
Requests: 9 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=jbcjsa&e=1610118725716
Frame ID: 33C4652442F8DD31FDFA8606755335F8
Requests: 9 HTTP requests in this frame

Frame: https://randiul.com/r/p.html?f=gmnwybg&e=1610118725716
Frame ID: FEBD8C6D31F0A0750971794C87416F4D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&adk=1812271804&adf=1573534164&lmt=1672896316&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.bagnet.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316284&bpp=7&bdt=283&idt=352&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=376
Frame ID: D149ADD52A10FF9EEDFCA3CD3876E7F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Frame ID: FF932096D8EEDA6B45FCB8211C154D4B
Requests: 15 HTTP requests in this frame

Frame: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 05CC714DE026871079180F6E6BC8288A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 9FCC2423989668EFCDD6336E5661DD92
Requests: 27 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=8681009602786294126&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Frame ID: FC482DA59E1BBD3AE16A8D7B220FAE43
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Frame ID: EA21A1B3677AB59D91839FF0E376A33A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Frame ID: 2DDF06E033481FDF145EDCD093548DC5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Frame ID: BC7BC8BD125909F0571357D23237CA3D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: B67739E2FE3D5CDDD0A85947B615F975
Requests: 25 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=2916402079752059002&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Frame ID: 6FBEF95AC64F83E6677D0C2FC33AA576
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: C11BE0D3FCA1AEBE49BAF40C3F7D504B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 643487981ED0DCE7F4BA39B5D55F3151
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3C831C15B7F98960D4349EF26C92FFA2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2B0BC0FD3C1B6A09EDE00A63E5096101
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Co5I7PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBOwBT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNWn5A_lwianZ3VFjM8VM4PyTMx5yKVI2SfAE6JtfIHiJw_Q7BGvyABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3NTMxNzI4NjQ4NTY1NjMYAA&sigh=kfJJCGQNTRM&uach_m=[UACH]&cid=CAQSOwDq26N9VNZDhPHOYx-1BBr2nJRWpIaaJsEarQaJVDJWuIYyrhLb45gww4th2Sky-cZ1MiS1TPWxUIcvGAEgEw
Frame ID: E7E7C17AAE6DE1FA52EFDF2B057B7F6A
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kzx8cnzrx4fn66gpbn97a1w5fjahz4gz0nvjqmjjp9w65y54m44se1xpx5fs0d1gxkqpppt8qpawrt8as5k5ptp76e5hv7t4kjj4s143h2w2cqfwe63tse0rq4cn2pay6texq7j9b2t5gqgh57186rwpetetppdw3hfr45jk7y8d4h5304hr8v870s1ymkkh63y4g38za22nc85pqa88c7k1wjtectf2ptch0rd5zamf9y9tjmert4wz0zc7vdfr9yv9c82j031zew8fycf1fz3tfj0es1b72n8czateyvabftprhf5yew99qxavb839tnkyqks14j0ra1dk7fveds3p34w26dcdmb306np9pcpjpggy6zymng1ybbyh6y63zmn3t1v85683j8jm7pnv31h966f3sqg756hzf9t3vgdxg6a9mw1751hzkg43266ma1as8hy74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%26client%3Dca-pub-9753172864856563%26adurl%3D
Frame ID: F95B0887C831D55741F729AFE4B4D575
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 98A3941265EA3B2DE3F8E582E95925DC
Requests: 9 HTTP requests in this frame

Frame: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D326351EEB4DE0332BA1CAFE3F8DF498
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Frame ID: E631DE6ABDC1DBD79B01570DBC6ED62C
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 537A1F446A4DF131772A038EE97B00CA
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=14577000018871800951433012195021&actionid=981741&produktid=&dt_url=
Frame ID: 036690C7A3D3B09020CF24B6FE26733B
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4D97A7B2DE7F1959A86AA049B1093749
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936
Frame ID: D421251FC3732417E288A7B7F7A80F0E
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Frame ID: 2ADAB2DB3F1513957CC5FB8DBECB5BA4
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Frame ID: 00CCE978C204CAF907A7AD6D97AE1A25
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77DBBF306DE600B42BD90FF42941556B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D14CDF876F24B64A3CBE2DBB7C010FB1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D0DF99E8F70BDC74BC064A5F0814A7B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9464AB6B5C6450361AAA10FDEA1612B8
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6295E3DA26591C93FB298646C765F744
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 96D9EF1692B70C251146A22067C76753
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 266CDD15FE56D85C6D5611D119DA55B5
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=77140700020302200951433012195015&actionid=981741&produktid=&dt_url=
Frame ID: CE323D926F85CDEC35C46F46705C08E0
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B60AD16259D70A916B7360C4DAFFAA29
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733
Frame ID: 0146B7A4EE53D27056A1058269BB66EA
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Frame ID: 163E925A9A516915B7B55638B1516972
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Frame ID: EE6B80314855BF18BE2648823DF6A9CB
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcCsCPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSpAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv610MiCnHtBwSXzwHSz8nPy8_oY29t4TvpR6VZknbYzd0b1Gwf0J-AEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMTI4NzU3MTY3ODEyNjYzGNztag&sigh=QdelCKRg0kQ&uach_m=[UACH]&cid=CAQSOwDq26N9s7xjcG7ykiGw_lbHWF1ZCEwhDrTJtYZDopkms53ZdR8dkmMYbqNOV5u0KJi0IIYMLslEZ-rVGAEgEw&tpd=AGWhJmtTIgWvpb4d_ziYgKBNc8g6CRHxhlC4KHPtVaRonYHqiNVhTDghD-vl6l-ln30jTYdlRxvIqStuWl1urCvXVn3AyGkEEtgBSh5ix7IX2UEyyrt6lEOwWfUrJD3P9zi5GwarEA9fFX1uDzHVaAtn5lHXt9O7l1mbU8HrEo-OTl2dZKTp91uGSii5IKU03Hrp3m2IYEq4qE95rvRCzs9yvQ6F5Rx-4DxJEoaycGQxFdhUBagGgBctmt5sI8Q8IIZTGOjwHchGd9Dh-NYkQcmbREu6ya4tLAxQhMTJq8aWM2eCbnL8NuoeRrpU_PrBzCyd2xOkvkWF_zDnHWstF-cLA1LoqI8UNPptT4A9r1_fzxWw2EZz_FRqjqAYtWrxMKMBC6O1pjLqW7mjC_n1W3Ryn9PtipVRPMwObVucc-yI9KLTWUKjZNpGr1gSvfsnysGKSk7Zz5baUQYI6yklqmNgYMCO0Nieaa78U1dGhW3IRRCppEC9hYqyiIjgceD5TD-SA_wNa60HHweAiCyFQB0J80w1osm_7y7PF8jo9bvBG_dlCZZiY7v4nBrOhxw-5ceHKhQbuv_d7E7AoQJ-X47nFK07_n3CuskA3TzxWtUyB4jd4_NwvuG0bLxBYgkgX0kN4EQEEaQ8KQ7fYcTXfSbaC36hyty0T3VBTZJE-P9cTJ_vIH86PxK0rJsPlNCexYt01BuV0RS3ddstiG_2_35KBpehahi9J81bX2w_Klmx-VUEqVuHjokB-ecAqUZfDypeEmmJIYuYqlsWojChyvIhIfsqJ0WkBPLL4_w-IjDVEREUqXd09DKjpiVum64LYxjS-NeMU-q3H0iADCDpZ9MvePJ0foVY-GUZRBEc6flbnuhPDvaldO6oAXP2TRGSc5owOtZSnhf58Y6ZOuUeeCRV6IWSxe7DXtkIypUfxbfsGIe1D3bdXkwhy4kvWxxPwBw69KAtKooBY_5TIUUcUJig7e0YrO3ORbpCHhaxMnuiu_nLyhpj8Q1a4seMApBQPq67BKGF0fbnmjgNgat2bb2snzN0D9gkPQEXviVqqxsXSmcjzxFLAO90BsNlxL-QSKtnpJ0elJGbmD-9an-wQCyOK-t6odyVhq3U1Zaygb9PDEAX8PMxLNLnQM10Fk9sog
Frame ID: D154A2C6DD9BF6902754614F0A69A4DD
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FEE1BF20B54A4E5F15494639E52A620B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Frame ID: 6FBCD33F916238D87A2B1C618D2D406A
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
Frame ID: DFD5A1DE24E85C8945C9185DCE62D42E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BF9840171A8D598D596B619AEB722952
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: E77E432ED189D5E3294B1F5487ABFCFC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 00CAFA745F5F7DFC603286B64C13D77E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 2FD7E98D3C8C8F739BE791226CFAF7AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D89A6C29CEE4479D08D7637C80F078A9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7A7BAAFCAC95F3FE86316B47CA5FF59B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Frame ID: FD4C85C46A57F9F76E33634EA50E3E60
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Frame ID: 4C40D6E13186C8559D28FD9D157F1A0E
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Frame ID: 8D49C6D86CBF0E616152AB7EECFE7343
Requests: 8 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=94664300020374206783189012195017&a=92b84b37
Frame ID: FE6823852AA48FA106D2FB34F2AB76A7
Requests: 10 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=3ab263b6-5f3e-4b00-b632-40c8677d4dba&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Frame ID: 2D708D82C8106D084A574EA782E50949
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32A53FFBD2749FE233B4A39BED319AF4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: F1CA3B9AFBCBB0985866DE5015A94524
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 88260AB724E2DC105214F49B0E832D92
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 9006C2EAA650EB5D5745BB5DFC05897B
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AE8CDA68C9EB48DD247826D543253E9F
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: B232FD321696C0B05608929475687BC6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F511ECB6C43C81C5B212EC593B8B9617
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 119881CDE81479439858586C5E6CE7FC
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: E27D7B795DCD95D64D7944839ED33D30
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 2A19FE92DB0BE2528E66F404ABA1544E
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2E0BDC891167B56355DF82720549002D
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12153847/12153847.js?ADFassetID=12153847&bv=516
Frame ID: 0A7D6479801EF4A3B75E07FAB6844C0F
Requests: 18 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: A5ACECBACBA39C051F88424D78C64240
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7066DFDDCF9C322AB49D299D00BF1FC2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 1D03921DEF48FAB18E4AEB3442CD292A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 62EB397510E11484B8CD19435708A150
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 39CF077E829B92F2609B599C9C6A8878
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F3E34A9477A58F93A942C9A15D655BE9
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 9A65CB6454C71FD6BE9DBAFCC46B4844
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 0D462576AACAC85610B0860FD4289222
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&gdpr=0&gdpr_consent=
Frame ID: 9F4A54BBDA57602C116F73FAC68C59AA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5DE4C79F691697A40550675DA7653286
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6436834816092358789
Frame ID: D1D081ECF99994506BD46A8391B4DCA6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2234DEDDA85B4FF4FF2E4CD6C29B5E03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5168865408581047783&gdpr=0&gdpr_consent=
Frame ID: DFA08E6A0DF63CF6DBBF5CFB30B4C253
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD
Frame ID: DA1203C1E7A2209F32837E22A17F33CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185034975419824280&gdpr=0&gdpr_consent=
Frame ID: 5B1912070B94628C1F23292EB1399720
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRW6SukGTWtfNlDgKeQlq7nVm6Y
Frame ID: 888E889EC96078286B52C2BA461E58A5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEpHU7HbL8AACDDHzZMyw&gdpr=0&gdpr_consent=
Frame ID: DC7CF61313F8782F952E14DF2EE18DE0
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: B19DFD3877739687A34D9269889482BB
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B2210745B456CAF178F0DCAA5A551279
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 35349D6D13FEAF17D9B8C0F9FCF7E0DF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6102371328
Frame ID: 0760FEBF98DF426CA23DEE60B525DF36
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0385316CF31DB0690D335340B223AACA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 08D59129C330851E15E5C75746CD95DE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F1C56D25010BD8029C0E1F982B607EEC
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhnRjRnYQhXRajnMb
Frame ID: A9F897DEAA0D54C39D8777DEC73CAEEF
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6F9C7796F360847C44C7A714EDF825DF
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 04DDC2197172F506742A970FC74642AD
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 36967C18B738DE188258FEB81C8F1E9F
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 18F1F0B5579CFF3A84B5285AEA9B362A
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 855419BDD48631D44A1D3A496C760F21
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cbqqygsx9vb
Frame ID: 4755C23FAAC1645FF2AB256B1B8816F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9789A9C0C12343089E8C3BAF30248BC2&gdpr=0&gdpr_consent=
Frame ID: 61990B872A7AF74352606FCDA90E45FF
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent=
Frame ID: EC391E2F605F43ADD02988B0ECDB2EF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Багнет: новости Украины и мира, аналитика, фоторепортажи

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

689
Requests

92 %
HTTPS

30 %
IPv6

87
Domains

142
Subdomains

105
IPs

16
Countries

8544 kB
Transfer

19245 kB
Size

102
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://c.bigmir.net/?v16935644&s16936083&t2&c1&n682004&w0&y0&d24&r1600 HTTP 302
  • https://i.bigmir.net/cnt/02.png
Request Chain 246
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWlRRNVl6VTJaamd0WVdaaVl5MDNZVE16TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2ODEwMDk2MDI3ODYyOTQxMjYvNjYyMjM5Ni80NTYyMzEyLzEzL2ZVc3YzNlpYTWJFSEJ6MjVQMGxsY2VFZ1VpWndpalpJeUozT0lIMVRXZGsvMS8xMy8wLzAvOTU2ODAzLzMxMTc3ODM5NzQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg2ODEwMDk2MDI3ODYyOTQxMjYvenJoLzAvMTk5LzI2Lzk5OS8zMjIvMTg1LjIxMy4xNTUuMC8wLjAwMC8xNjcyODk2MzE3LzE2NzI5MDg5MTcvMTMvMTAyNjQv/b4KpewG_PYLkttp0nj8yhwR643I&nodeid=3751&group=zrh&auctionid=8681009602786294126&pbs_auctionid=8681009602786294126&shardkey=8681009602786294126&sid=4562312&cid=6622396&bp=a_aefiia&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.139&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=8681009602786294126&node_id=3751&exch_id=13
Request Chain 261
  • https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 277
  • https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 332
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14577000018871800951433012195021&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=14577000018871800951433012195021&actionid=981741&produktid=&dt_url=
Request Chain 335
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936
Request Chain 337
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14577000018871800951433012195021 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14577000018871800951433012195021 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 350
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF6sqHgzneM4V4ArY8tNArc&google_cver=1&google_push=AavPq0MqXufaMOiERB5PvjJ0NzOWw_3bApAu1GilSguXZh9-ym9oQ5LhEu7i5lFmJ-1Ye5cU9cg83bIrjwivCMrNrlDj8SXG5MytLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0MqXufaMOiERB5PvjJ0NzOWw_3bApAu1GilSguXZh9-ym9oQ5LhEu7i5lFmJ-1Ye5cU9cg83bIrjwivCMrNrlDj8SXG5MytLw
Request Chain 351
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM024VYDR27kuTK_wd66I6k&google_cver=1&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDByJzxSzUCf_s HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM024VYDR27kuTK_wd66I6k&google_cver=1&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDByJzxSzUCf_s HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196424583295410&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDByJzxSzUCf_s&google_hm=oU2sosGhT1-WZVF9XWUljw==
Request Chain 352
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHBYerjNF9DdKcl3p74ruGU&google_cver=1&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb79AqF-19JkOWLMpC5WN4uJCLs HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHBYerjNF9DdKcl3p74ruGU&google_cver=1&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb79AqF-19JkOWLMpC5WN4uJCLs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA5ODk5ODAxMzQ4OTU0MzQ4Nw&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb79AqF-19JkOWLMpC5WN4uJCLs
Request Chain 353
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC3p4tHoYDGCT8aIcen9r0I&google_cver=1&google_push=AavPq0NvSYUVSOju-vvV4cvA2J9g096_Chs07o1JuBDR82NZ5Umj6Uzu_66uoH8z3MZB-8xKG57iNzLj2xVn5jRxkbgIrRNTFpCwYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NvSYUVSOju-vvV4cvA2J9g096_Chs07o1JuBDR82NZ5Umj6Uzu_66uoH8z3MZB-8xKG57iNzLj2xVn5jRxkbgIrRNTFpCwYw
Request Chain 354
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO6YrR7_XHuUWXGvi9NvbaM&google_cver=1&google_push=AavPq0MX0mr39IUfbx0wz75P9A8wc8cWM_OfYe0KkYXZlx6-nefa29Z6txPla7hwBqbTIu6Mxs-q63ZbpQhG1kNtyj8HDopeYCzivNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MX0mr39IUfbx0wz75P9A8wc8cWM_OfYe0KkYXZlx6-nefa29Z6txPla7hwBqbTIu6Mxs-q63ZbpQhG1kNtyj8HDopeYCzivNA
Request Chain 355
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NSb6XEYg2PYoFReJxy3pVf35AJwrxopigyeFPnaC0oGrS7ecRt_e-4RBhBfj-ASmdCs6Lc0z2dGwmPVi-cPAnAMKacTVScYVSY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NSb6XEYg2PYoFReJxy3pVf35AJwrxopigyeFPnaC0oGrS7ecRt_e-4RBhBfj-ASmdCs6Lc0z2dGwmPVi-cPAnAMKacTVScYVSY
Request Chain 369
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=77140700020302200951433012195015&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=77140700020302200951433012195015&actionid=981741&produktid=&dt_url=
Request Chain 372
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733
Request Chain 374
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=77140700020302200951433012195015 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=77140700020302200951433012195015 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 415
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF6sqHgzneM4V4ArY8tNArc&google_cver=1&google_push=AavPq0Nwdse0X7eqn6xXPEGW-dY1D5EKP-ftzKvF4Ooa-svX1l9WxGqv4aOCxMSxMicSDepqryBAcvdSuf9I_0iuFBlg2PNPdnktkQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0Nwdse0X7eqn6xXPEGW-dY1D5EKP-ftzKvF4Ooa-svX1l9WxGqv4aOCxMSxMicSDepqryBAcvdSuf9I_0iuFBlg2PNPdnktkQI
Request Chain 416
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJcHmaBFWR1NQ9lRQyglTQE&google_cver=1&google_push=AavPq0NdY_vIRuCbYtlHGkxpOrTqMQ6HZ3KXq98vNEvrUCiAMdLyjkcvM0C7TK1zNfoeqnQ17_-V8gWMXhGkoSYWgI5dVlTyr4lQf0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NdY_vIRuCbYtlHGkxpOrTqMQ6HZ3KXq98vNEvrUCiAMdLyjkcvM0C7TK1zNfoeqnQ17_-V8gWMXhGkoSYWgI5dVlTyr4lQf0g&google_hm=01G9oRiFSuqnwVvUV_q9bKY
Request Chain 417
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEItxWNsSsLNcOudodc2Xjvw&google_cver=1&google_push=AavPq0NHmRZ130VbwD16hJMATlpXwIGD58MsnlsjSidPrQ2OUhs93tNFvwe2r0gsxjEfrS9I_ADed96GzCCj7t7Bc-2KR5SCvxrsqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH&google_push=AavPq0NHmRZ130VbwD16hJMATlpXwIGD58MsnlsjSidPrQ2OUhs93tNFvwe2r0gsxjEfrS9I_ADed96GzCCj7t7Bc-2KR5SCvxrsqw
Request Chain 418
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKYWC3D7waPT8mnYp69sSO4&google_cver=1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672896318552 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ff641731-3b97-45eb-98b8-009aa3a1a9bd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs%26google_hm%3DA_9kFzE7l0XrmLgAmqOhqb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs&google_hm=A_9kFzE7l0XrmLgAmqOhqb0
Request Chain 419
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0PWuw7VQWp0RfqkcriVbdCxuoxE6qSK5uxSvXE8HpQkXi9CqCNX10-vn86lOGzGoLxeLPIEi9zKJ28RJVUl3tg07rgMOgfHCMTU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0PWuw7VQWp0RfqkcriVbdCxuoxE6qSK5uxSvXE8HpQkXi9CqCNX10-vn86lOGzGoLxeLPIEi9zKJ28RJVUl3tg07rgMOgfHCMTU
Request Chain 420
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEN0kaESd1917kb-ENh5YlLk&google_cver=1&google_push=AavPq0OknG4bLHzhDdh7IuPkw7-hXtAoDrQBWTXhINFHwKYOATnmxx5svddgcyE_RHegMPPqsnAc7NNZYO3tTtmfdRdQPoO6UgtaqGGK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
Request Chain 423
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMc1vgGfkcRIkU9CPBwRpzo&google_cver=1&google_push=AavPq0MKBst5dye8YGxP0Ud58IYcuCFVo6Kyh5-RFO3ugK-KqLZkyd6fJZAKrEwnjXlcgnbSQzQ_wl81HOZIaQ3crYOx0yc36Mn_VWI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNDk3NTQxOTgyNDI4MA%3D%3D&google_push=AavPq0MKBst5dye8YGxP0Ud58IYcuCFVo6Kyh5-RFO3ugK-KqLZkyd6fJZAKrEwnjXlcgnbSQzQ_wl81HOZIaQ3crYOx0yc36Mn_VWI
Request Chain 424
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDMHLS9jIwGfK7S_dr25sKM&google_cver=1&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUOdRILeYdc HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDMHLS9jIwGfK7S_dr25sKM&google_cver=1&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUOdRILeYdc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUOdRILeYdc
Request Chain 426
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO6YrR7_XHuUWXGvi9NvbaM&google_cver=1&google_push=AavPq0N191IdMclPiGZ6LRaveY59nm-VyZ_056_IEFUNpyPXEhhRLC1yCZstpFazniZ4KE2aO_jnSnPDfFs2jGLSY5YrZlWE4x1DiWAe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N191IdMclPiGZ6LRaveY59nm-VyZ_056_IEFUNpyPXEhhRLC1yCZstpFazniZ4KE2aO_jnSnPDfFs2jGLSY5YrZlWE4x1DiWAe HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 427
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0O9G1B3ZIxp83TCH_SpDOq0SWDG_p4j8cGOvujSdGRN0hi6nqzJ4kJqZaRKJMW4nvXWbZJhMS8x7gbYWe31cX8LjTDvS9nXcVsU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0O9G1B3ZIxp83TCH_SpDOq0SWDG_p4j8cGOvujSdGRN0hi6nqzJ4kJqZaRKJMW4nvXWbZJhMS8x7gbYWe31cX8LjTDvS9nXcVsU
Request Chain 428
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEN0kaESd1917kb-ENh5YlLk&google_cver=1&google_push=AavPq0Nr3GqL_5v71W58ViQspoUlTX1LAoRsWW04H73xr2MS1n_yK3n7229E6XjXvmmHnseROIqp19S-zGCTdMxptjpL7yIaawvPZ6gr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
Request Chain 456
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 458
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 507
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 529
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECL6iG2gvXf9xCfxOcDEzjw&google_cver=1&google_push=AavPq0PHDR3IfmR2LPxqB3Nnv_LXu0O7MErt6aDu9rYXV0GvgfgJ5vw__t5X3sDinsgb4TJIstQiOfnJGde_sVpTVtdFc0ut4d5I HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECL6iG2gvXf9xCfxOcDEzjw&google_cver=1&google_push=AavPq0PHDR3IfmR2LPxqB3Nnv_LXu0O7MErt6aDu9rYXV0GvgfgJ5vw__t5X3sDinsgb4TJIstQiOfnJGde_sVpTVtdFc0ut4d5I&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n0jiEs5BS4W-hQRVIjBZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PHDR3IfmR2LPxqB3Nnv_LXu0O7MErt6aDu9rYXV0GvgfgJ5vw__t5X3sDinsgb4TJIstQiOfnJGde_sVpTVtdFc0ut4d5I
Request Chain 530
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_cver=1&google_push=AavPq0Mq9f23Izg0Wmg8C85CJ_n5DC40Oakw0kewCFPLsIHVT-uvCfIdbnJM1WtP_E4K22mW6v7eivpkLTfc1neGNim_w2hjIg8 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_push=AavPq0Mq9f23Izg0Wmg8C85CJ_n5DC40Oakw0kewCFPLsIHVT-uvCfIdbnJM1WtP_E4K22mW6v7eivpkLTfc1neGNim_w2hjIg8&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_hm=Y7ZfP2gLFvBQGQHy4KRMRAAABKAAAAAB&google_nid=index&google_push=AavPq0Mq9f23Izg0Wmg8C85CJ_n5DC40Oakw0kewCFPLsIHVT-uvCfIdbnJM1WtP_E4K22mW6v7eivpkLTfc1neGNim_w2hjIg8
Request Chain 531
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBbc35kwQwHSgbEibWo2hxQ&google_cver=1&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi0MyvkNr8MMU HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBbc35kwQwHSgbEibWo2hxQ&google_cver=1&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi0MyvkNr8MMU&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi0MyvkNr8MMU&google_hm=F7xFsGZHNd3g5kA0TjqWRPrY
Request Chain 532
  • https://match.360yield.com/match/ebda?google_gid=CAESEHFewRShlbCyZMjm1D_ds7Q&google_cver=1&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggmGmp8Of6W57D0 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHFewRShlbCyZMjm1D_ds7Q&google_cver=1&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggmGmp8Of6W57D0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TFZhb2dRT_yCbFUA8-EK7w&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggmGmp8Of6W57D0
Request Chain 533
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEh7Y4FIE8iiGIHLp18neds&google_cver=1&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRNR7N54K8ddPuuyqdfssklQaqQarEQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEh7Y4FIE8iiGIHLp18neds&google_cver=1&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRNR7N54K8ddPuuyqdfssklQaqQarEQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naVhqLmU5RTJ1R0tjWDd6R28yX0QyeW1YNFVTRnNqMH5B&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRNR7N54K8ddPuuyqdfssklQaqQarEQ
Request Chain 534
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NCeTcnIKag1RtDQqQg7sccfL9UvN9Zt5Od0oAT13ofFgA9NklZQ1e7lwhbuzV9VgyZFXuS1EhkWKBflT71cLcj2xdL29-bwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NCeTcnIKag1RtDQqQg7sccfL9UvN9Zt5Od0oAT13ofFgA9NklZQ1e7lwhbuzV9VgyZFXuS1EhkWKBflT71cLcj2xdL29-bwg
Request Chain 558
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156383 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUY0OEUyMTItQ0U0MS00Qjg1LUJFODUtMDQ1NTIyMzA1OUE2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 615
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&gdpr=0&gdpr_consent=
Request Chain 617
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6436834816092358789
Request Chain 618
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 619
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5168865408581047783&gdpr=0&gdpr_consent=
Request Chain 620
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD
Request Chain 621
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185034975419824280&gdpr=0&gdpr_consent=
Request Chain 622
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRW6SukGTWtfNlDgKeQlq7nVm6Y
Request Chain 623
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcEhVN0hiTDhBQUNEREh6Wk15dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEpHU7HbL8AACDDHzZMyw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEpHU7HbL8AACDDHzZMyw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEpHU7HbL8AACDDHzZMyw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6507216594507974050&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEpHU7HbL8AACDDHzZMyw&gdpr=0&gdpr_consent=
Request Chain 625
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 626
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 627
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6102371328
Request Chain 631
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhnRjRnYQhXRajnMb
Request Chain 633
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n0jiEs5BS4W-hQRVIjBZpg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 636
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=859368618 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F48E212-CE41-4B85-BE85-0455223059A6
Request Chain 637
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENONRKfXj-jUXUM2VSyqpkQ&google_cver=1
Request Chain 639
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6098998013489543487
Request Chain 641
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14daca2-c1a1-4f5f-9665-517d5d65258f&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 643
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3fbsIglE2uUHQKBGILCeMi9hC48ebnU-~A&gdpr=0&gdpr_consent=
Request Chain 646
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3942149369651619473&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 647
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3237c3fc-d7b0-40d9-80f4-ace50fd98e6d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 648
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5168865408581047783
Request Chain 655
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CbUMzJYTRIW5yHtR45OGfw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CbUMzJYTRIW5yHtR45OGfw
Request Chain 656
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kCmRgkGGlms8EICKq5kXZw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xFckx7VE2oLVnRXsfhQHE5DDmJ6jpBd5oFd2oQ--~A
Request Chain 658
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH
Request Chain 659
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H8aFdLXLS1egV1S6dKxyjw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H8aFdLXLS1egV1S6dKxyjw
Request Chain 660
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkMmQ4ZWM1OTdkNWM3OWE3NmQ5ZmI1NTA3NTY2ZDU0MDM5NjBmMA
Request Chain 661
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPDj5du94qTFWWAwnpDnbnQ&google_cver=1
Request Chain 662
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCIN9VC2-C-CCUG
Request Chain 689
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cbqqygsx9vb
Request Chain 690
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9789A9C0C12343089E8C3BAF30248BC2&gdpr=0&gdpr_consent=
Request Chain 691
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9F48E212-CE41-4B85-BE85-0455223059A6 HTTP 302
  • https://a.audrte.com/p
Request Chain 692
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9F48E212-CE41-4B85-BE85-0455223059A6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9F48E212-CE41-4B85-BE85-0455223059A6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 693
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F48E212-CE41-4B85-BE85-0455223059A6&addseg=19,36,42
Request Chain 694
  • https://pixel.onaudience.com/?partner=214&mapped=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 697
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ab263b6-5f3e-4b00-b632-40c8677d4dba

689 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bagnet.org/ 		40 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
1bb546bcb0c9cb689fde73c67308b16401a42a68f2036ba7ecb028c8740ba0ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 04:14:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:16 GMT
jquery.formstyler.css
www.bagnet.org/public/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/css/jquery.formstyler.css
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
a257c5e9b522f9641dbc3c312f620026c8b09005d384b414b54e7ee23a6d1691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2016 19:29:58 GMT
server
nginx
etag
W/"581a3eb6-317b"
vary
Accept-Encoding
content-type
text/css
owl.carousel.css
www.bagnet.org/public/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/css/owl.carousel.css
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2016 19:30:03 GMT
server
nginx
etag
W/"581a3ebb-1721"
vary
Accept-Encoding
content-type
text/css
jquery-ui.css
www.bagnet.org/public/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/css/jquery-ui.css
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
cecf5c59ff7c288bf90cc6221756bd9612464308557b92ca54f27d1cd108f3cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2016 19:29:59 GMT
server
nginx
etag
W/"581a3eb7-8a14"
vary
Accept-Encoding
content-type
text/css
main.css
www.bagnet.org/public/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/css/main.css?100
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
7a13b5ee28d04ea04ed765326aeb4484662639ca9588b4605506883de4cc2be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
last-modified
Wed, 08 Feb 2017 08:23:03 GMT
server
nginx
etag
W/"589ad567-8511"
vary
Accept-Encoding
content-type
text/css
mobile.css
www.bagnet.org/public/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/css/mobile.css?4
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
2f6d0f2c87102fc9d353d82e4cde5785771a981a1139fdffb12821d9cc99f520

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 16:13:34 GMT
server
nginx
etag
W/"606742ae-4891"
vary
Accept-Encoding
content-type
text/css
js
www.googletagmanager.com/gtag/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39RKBNW0ZG
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
186fc6540fd2a8cec963428536070341c6513768cae47b50dd8582dc6eb03edb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76833
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 05 Jan 2023 05:25:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9753172864856563
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ceae2b40b4344daf7b77689773e6fb053afdebb0587daf007415cf316db7616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Origin
https://www.bagnet.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49601
x-xss-protection
0
server
cafe
etag
4621498894183256156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5447071101362623
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1617c24549476103dddf9b1eab7698dae57f60c5fc76dfe612b6556080bfcf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Origin
https://www.bagnet.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49574
x-xss-protection
0
server
cafe
etag
15337196460964260456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:16 GMT
logotype.jpg
www.bagnet.org/public/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/logotype.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
112a3fdba1826e68a56b328aefb4e49903ae8898d5cede468dd35ba5fd29e029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Fri, 09 Oct 2015 17:40:18 GMT
server
nginx
accept-ranges
bytes
etag
"5617fc02-2909"
content-length
10505
content-type
image/jpeg
119_97_63afcaf94cc7f.jpg
www.bagnet.org/storage/25/25/09/28/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/25/25/09/28/119_97_63afcaf94cc7f.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
2bf3a097a18d9596beb2f885fa3344d3dae4e3fa26b4411dcd3f32e70cc36995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Sat, 31 Dec 2022 05:39:05 GMT
server
nginx
etag
"63afcaf9-eeb"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3819
expires
Fri, 05 Jan 2024 05:25:16 GMT
119_97_63ad6af6b686f.jpg
www.bagnet.org/storage/28/21/25/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/28/21/25/09/119_97_63ad6af6b686f.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
3f5f5e45c26edb9908af49d747e18e9616546308c740683eea1efef21dae42f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 29 Dec 2022 10:24:54 GMT
server
nginx
etag
"63ad6af6-be7"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3047
expires
Fri, 05 Jan 2024 05:25:16 GMT
119_97_639b20ad20634.jpg
www.bagnet.org/storage/07/15/27/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/07/15/27/06/119_97_639b20ad20634.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
3945b761bff27ffe0d1dd499089323dcafa84d01ca98028bd18b8c4b89e7a07e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 15 Dec 2022 13:27:09 GMT
server
nginx
etag
"639b20ad-104c"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4172
expires
Fri, 05 Jan 2024 05:25:16 GMT
119_97_639ac4dd12690.jpg
www.bagnet.org/storage/29/10/09/14/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/29/10/09/14/119_97_639ac4dd12690.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
0fa511bab0f63441352b1ff4005a13c15929555e42587b76b636318de4c6aaa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 15 Dec 2022 06:55:25 GMT
server
nginx
etag
"639ac4dd-fdf"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4063
expires
Fri, 05 Jan 2024 05:25:16 GMT
informers_js.php
sinoptik.ua/ 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ua
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
00e4e9955a8460105fc5a7d38c2254810c0ede777ae41a7c749b76e7d9022031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-store, no-cache, must-revalidate
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-server-by
sinfe1
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
cache-control
must-revalidate, post-check=0, pre-check=0
expires
0
459_257_63a2bfdeb653b.jpg
www.bagnet.org/storage/16/18/07/25/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/16/18/07/25/459_257_63a2bfdeb653b.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
3b31d80d86e23a262ec7f36b13d7a71581cad83148ee6f16bb5198f1e9230c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 21 Dec 2022 08:12:14 GMT
server
nginx
etag
"63a2bfde-425a"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16986
expires
Fri, 05 Jan 2024 05:25:16 GMT
459_257_6371cbe878722.jpg
www.bagnet.org/storage/21/26/15/28/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/21/26/15/28/459_257_6371cbe878722.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
20dd157fd3857eba81a0750459d5814dc333c81654b98b441cff4d30427ad57f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Mon, 14 Nov 2022 05:02:32 GMT
server
nginx
etag
"6371cbe8-3687"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13959
expires
Fri, 05 Jan 2024 05:25:16 GMT
459_257_6351471193dab.jpg
www.bagnet.org/storage/15/19/09/13/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/15/19/09/13/459_257_6351471193dab.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
ed37c522753ff475093f338fb232f0ff5939c29d611ba911fd5162ce39356f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 20 Oct 2022 13:03:13 GMT
server
nginx
etag
"63514711-4da1"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19873
expires
Fri, 05 Jan 2024 05:25:16 GMT
459_257_62fb17dc4fc4e.jpg
www.bagnet.org/storage/07/24/14/27/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/07/24/14/27/459_257_62fb17dc4fc4e.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
09ab229153daf6f57acb79804e746c7b203ae218907287fe0e05b786b2fc723b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Tue, 16 Aug 2022 04:06:52 GMT
server
nginx
etag
"62fb17dc-527e"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21118
expires
Fri, 05 Jan 2024 05:25:16 GMT
459_257_62f35d967ce43.jpg
www.bagnet.org/storage/10/28/22/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/10/28/22/02/459_257_62f35d967ce43.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
240dea5d80e30be0f75d281ede00260a111d34907169a974fd4c21cc2054e377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 10 Aug 2022 07:26:14 GMT
server
nginx
etag
"62f35d96-2f49"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12105
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_63afcaf94cc7f.jpg
www.bagnet.org/storage/25/25/09/28/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/25/25/09/28/200_126_63afcaf94cc7f.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
ede3235b18c63a7dc1bea7d2f9a48479c0d49eb2931c28df824d0738a833ac7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Sat, 31 Dec 2022 05:39:05 GMT
server
nginx
etag
"63afcaf9-195b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6491
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_63ad6af6b686f.jpg
www.bagnet.org/storage/28/21/25/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/28/21/25/09/200_126_63ad6af6b686f.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
fb87ef201df5276112b6c3767e15b01bca03c7efd48e20305b69f3f9366c0859

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 29 Dec 2022 10:24:54 GMT
server
nginx
etag
"63ad6af6-12bf"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4799
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_639b20ad20634.jpg
www.bagnet.org/storage/07/15/27/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/07/15/27/06/200_126_639b20ad20634.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
4f5a8b01c56fe8df0414b002d4d0760cece48ec1ab3c27050de25033948a5cff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 15 Dec 2022 13:27:09 GMT
server
nginx
etag
"639b20ad-1e5b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7771
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_639ac4dd12690.jpg
www.bagnet.org/storage/29/10/09/14/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/29/10/09/14/200_126_639ac4dd12690.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
26eb69258b469aa77ab9cae33c35167b2272853faad9d91dc878122eb67c809d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 15 Dec 2022 06:55:25 GMT
server
nginx
etag
"639ac4dd-1ca5"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7333
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_63998617b8301.jpg
www.bagnet.org/storage/09/21/23/18/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/09/21/23/18/200_126_63998617b8301.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
141f2276657cc519a747e9d94754353a54a0964fdadd682ccd109da49b60ed15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 14 Dec 2022 08:15:19 GMT
server
nginx
etag
"63998617-1917"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6423
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_6398254757df3.jpg
www.bagnet.org/storage/07/05/02/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/07/05/02/11/200_126_6398254757df3.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
a89e1c0f30181e0ff3c36879cf5452023e25d1c11d25bf7ad8a6e19aadc04a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Tue, 13 Dec 2022 07:09:59 GMT
server
nginx
etag
"63982547-1af9"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6905
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_6398199f6308b.jpg
www.bagnet.org/storage/21/18/26/25/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/21/18/26/25/200_126_6398199f6308b.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
31907f79c2bc9dcfa521e9f05fddf7f709358d053fb1edcab82781fb1c49dbd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Tue, 13 Dec 2022 06:20:15 GMT
server
nginx
etag
"6398199f-14d2"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5330
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_639818d35e756.jpg
www.bagnet.org/storage/29/26/28/24/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/29/26/28/24/200_126_639818d35e756.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
2d8e22cf682187b130f9a53a9f43a137e48e8e6ffbc6cbd5a4053aca7ec55385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Tue, 13 Dec 2022 06:16:51 GMT
server
nginx
etag
"639818d3-123b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4667
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_6394b994c656f.jpg
www.bagnet.org/storage/02/03/03/25/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/02/03/03/25/200_126_6394b994c656f.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
ac74d930d8cd4848fa0f59b80ec09f6c98f515f1a0bec1a5fccef5e0e8502ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Sat, 10 Dec 2022 16:53:40 GMT
server
nginx
etag
"6394b994-18bc"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6332
expires
Fri, 05 Jan 2024 05:25:16 GMT
200_126_63903d46acd8c.jpg
www.bagnet.org/storage/06/25/03/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/storage/06/25/03/06/200_126_63903d46acd8c.jpg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
b4339a9ef4271f5f0458500a2e6e47cb59cf894c0c135a1b70dd37f26f92c64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 07 Dec 2022 07:14:14 GMT
server
nginx
etag
"63903d46-e29"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3625
expires
Fri, 05 Jan 2024 05:25:16 GMT
jquery.min.js
www.bagnet.org/public/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/jquery.min.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:29:47 GMT
server
nginx
accept-ranges
bytes
etag
"581a3eab-176f8"
content-length
95992
content-type
application/javascript
jquery-ui.js
www.bagnet.org/public/js/ 		460 KB
460 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/jquery-ui.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:29:33 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e9d-72e44"
content-length
470596
content-type
application/javascript
datepicker-ru.js
www.bagnet.org/public/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/datepicker-ru.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
954af88b6974f052d93f327e6971133d97dcf9d60ed2c61ba7e203c87a840642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:29:32 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e9c-59d"
content-length
1437
content-type
application/javascript
owl.carousel.min.js
www.bagnet.org/public/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/owl.carousel.min.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:29:42 GMT
server
nginx
accept-ranges
bytes
etag
"581a3ea6-5d52"
content-length
23890
content-type
application/javascript
responsiveslides.min.js
www.bagnet.org/public/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/responsiveslides.min.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:29:47 GMT
server
nginx
accept-ranges
bytes
etag
"581a3eab-d45"
content-length
3397
content-type
application/javascript
jquery.formstyler.js
www.bagnet.org/public/js/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/jquery.formstyler.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
84e413b7b1e5deb8289aad0364618577f20f3f7e47dbbf972a40c98b83aa2d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:29:33 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e9d-9869"
content-length
39017
content-type
application/javascript
main.js
www.bagnet.org/public/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bagnet.org/public/js/main.js?dd4ewwwwwwwwwwqqq4
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
58e7427adb0dd912ebeb016f7b2bfbbdaa0697bd9d331ea9f3e104bdb8625d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Thu, 14 Jul 2022 09:46:25 GMT
server
nginx
accept-ranges
bytes
etag
"62cfe5f1-e45"
content-length
3653
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27560
x-xss-protection
0
server
sffe
etag
"1442 / 317 of 1000 / last-modified: 1672873566"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 05:25:16 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bagnet.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:26:38 GMT
x-content-type-options
nosniff
age
35918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:26:38 GMT
top-bg.png
www.bagnet.org/public/images/bg/ 		1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/bg/top-bg.png
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
75ef6b47e6d0dcdc4fedcdcedc13266ef1212285251818f41da3a5d056465b1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Fri, 09 Oct 2015 17:40:20 GMT
server
nginx
accept-ranges
bytes
etag
"5617fc04-3f4"
content-length
1012
content-type
image/png
search.gif
www.bagnet.org/public/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/icons/search.gif
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
f3fa7287fa37d83dd0ae75ecfe1502ebada256a0e7b22b62c24fbaabd02e7010

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:28:36 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e64-5b0"
content-length
1456
content-type
image/gif
arrow-red.gif
www.bagnet.org/public/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/icons/arrow-red.gif
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
21d88522caa8a1b3d10f746188fac3ea28bf8d504bebd9a12f7652a931b0b31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:28:34 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e62-4b1"
content-length
1201
content-type
image/gif
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bagnet.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:26:36 GMT
x-content-type-options
nosniff
age
395920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 15:26:36 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bagnet.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 13:14:53 GMT
x-content-type-options
nosniff
age
490223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 13:14:53 GMT
informers2.css
sinst.fwdcdn.com/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by
Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 07:03:52 GMT
server
nginx
etag
W/"57469fd8-3d41"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Fri, 05 Jan 2024 05:25:16 GMT
t.js
randiul.com/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
gzip
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date
Thu, 05 Jan 2023 01:39:58 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
13519
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gmVjWw8rWQcTqPTWmFgujwFFDOPNqk3EVl1lEeojx-0Hix05PGo_Dw==
s
r.i.ua/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.i.ua/s?u13119&p61&n0.33119096957289673&c1&d24&w1600&h1200&r/www.bagnet.org/
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae1ee984c5a7c3c794f9e496325b0140b5efdcd00cf4cc6ebd3fb150b1b3c60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
no-cache, must-revalidate
cf-ray
7849cad85f3d9b76-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
02.png
i.bigmir.net/cnt/
Redirect Chain
  • https://c.bigmir.net/?v16935644&s16936083&t2&c1&n682004&w0&y0&d24&r1600
  • https://i.bigmir.net/cnt/02.png
829 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/02.png
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
b0aa183fd7ea4e99287a573281bcfe35d9804292c63e15a47a911eda79d90a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Sun, 02 Oct 2005 23:04:59 GMT
server
nginx
etag
"4340679b-33d"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
829
expires
Sun, 08 Jan 2023 05:25:16 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:16 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/02.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
arrow-small.gif
www.bagnet.org/public/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/icons/arrow-small.gif
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
4de7631c18ef549f0cec5c4a2f6bd84edea54bdac35a0916d6f0d54528c72443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:28:38 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e66-4b4"
content-length
1204
content-type
image/gif
icon.gif
www.bagnet.org/public/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/icons/icon.gif
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
5209b5210f9bee0f34bf2bac07abb463ea20756d4a6c37121eb1a9a2bf61d438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:28:36 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e64-5dc"
content-length
1500
content-type
image/gif
arrow-top.png
www.bagnet.org/public/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/icons/arrow-top.png
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
de899f0c51b9181418fa6fc4b96085ed14dad6e413a424eb198d7a77015f48cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:28:38 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e66-5f1"
content-length
1521
content-type
image/png
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bagnet.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:43:27 GMT
x-content-type-options
nosniff
age
34909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:43:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 05:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
39
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 05 Jan 2023 07:24:37 GMT
logo-t2.png
sinst.fwdcdn.com/img/informers/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/logo-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-512"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1298
expires
Fri, 05 Jan 2024 05:25:16 GMT
hlc-t2.png
sinst.fwdcdn.com/img/informers/ 		181 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/hlc-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Wed, 05 Nov 2014 09:28:02 GMT
server
nginx
etag
"5459eda2-b5"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
181
expires
Fri, 05 Jan 2024 05:25:16 GMT
term-t2.png
sinst.fwdcdn.com/img/informers/ 		406 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/term-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-196"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
406
expires
Fri, 05 Jan 2024 05:25:16 GMT
s-informers-t2.png
sinst.fwdcdn.com/img/informers/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/s-informers-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-8433"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
33843
expires
Fri, 05 Jan 2024 05:25:16 GMT
s-wind2.png
sinst.fwdcdn.com/img/informers/ 		185 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/s-wind2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
b56fd6fba6303d72dda87e55ce9bb70fdf0376de22e9d981e8d6fcc7f65f5c7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-b9"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
185
expires
Fri, 05 Jan 2024 05:25:16 GMT
frc-t1.png
sinst.fwdcdn.com/img/informers/ 		155 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-9b"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
155
expires
Fri, 05 Jan 2024 05:25:16 GMT
flc-t1.png
sinst.fwdcdn.com/img/informers/ 		148 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-94"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
148
expires
Fri, 05 Jan 2024 05:25:16 GMT
100382.html
newportal.com.ua/traffic/ Frame 3BFF 		91 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newportal.com.ua/traffic/100382.html
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
144.76.176.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.42.176.76.144.clients.your-server.de
Software
/
Resource Hash
e0536d69385e932647da2e698eb343f1fae1f41237cca261837eba456e3167bf

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Type
text/html
100378.html
newportal.com.ua/traffic/ Frame F36E 		91 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newportal.com.ua/traffic/100378.html
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
144.76.176.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.42.176.76.144.clients.your-server.de
Software
/
Resource Hash
e0536d69385e932647da2e698eb343f1fae1f41237cca261837eba456e3167bf

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Type
text/html
slider-ic.png
www.bagnet.org/public/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bagnet.org/public/images/icons/slider-ic.png
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/public/css/main.css?100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.146.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bagnet.org
Software
nginx /
Resource Hash
40db2796d60a7fa5c9ef4c0105361015ca8495486e92a9e857bc0b48b2919303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/public/css/main.css?100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
last-modified
Wed, 02 Nov 2016 19:28:36 GMT
server
nginx
accept-ranges
bytes
etag
"581a3e64-48e"
content-length
1166
content-type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9753172864856563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
816d884ab37398c30e9fc614a96a8a4ec2a538d46b7b87cbbb52edacbc918ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119973
x-xss-protection
0
server
cafe
etag
11385805668355977280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame FD4B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9753172864856563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 04:28:54 GMT
etag
10353107486223812946
expires
Thu, 19 Jan 2023 04:28:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hir2iwy87m32wy97ljy4y.json
randiul.com/c/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://randiul.com/c/hir2iwy87m32wy97ljy4y.json
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fa316afb5a89cf3988525391941e30431ee05a34db372edc0253f21fd6a38b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
588CH7Ekp2c5JHlWD3fYeFFiO28WhbV2
date
Wed, 04 Jan 2023 08:20:45 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
75871
x-cache
Hit from cloudfront
content-length
1694
last-modified
Thu, 10 Nov 2022 10:22:41 GMT
server
AmazonS3
etag
"fd877b83a921d1d89ab7743b2faac158"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
_J_-kptmEIKbUXtlvbTXbnPa0jzkdyvbCjr6hPwxLIXGOZsXTI-Yjg==
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-39RKBNW0ZG&gtm=2oebu0&_p=49020823&cid=118640274.1672896316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672896316&sct=1&seg=0&dl=https%3A%2F%2Fwww.bagnet.org%2F&dt=%D0%91%D0%B0%D0%B3%D0%BD%D0%B5%D1%82%3A%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D1%84%D0%BE%D1%82%D0%BE%D1%80%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%B6%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39RKBNW0ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bagnet.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 17:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Dec 2023 17:22:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		183 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bagnet.org
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d3261bb122769bc1abe4be6be6eea5424bb56d5d803d50931ee469173caf86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:16 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=49020823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bagnet.org%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B0%D0%B3%D0%BD%D0%B5%D1%82%3A%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D1%84%D0%BE%D1%82%D0%BE%D1%80%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%B6%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1213790752&gjid=1956232968&cid=118640274.1672896316&tid=UA-54800645-1&_gid=921727472.1672896317&_r=1&_slc=1&z=2060208252
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bagnet.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FBDE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27560
x-xss-protection
0
server
sffe
etag
"1442 / 311 of 1000 / last-modified: 1672873566"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 05:25:16 GMT
prebid7.19.0.js
hb.adpone.com/ Frame FBDE 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C49qE2H30VZKvFHky0MgurCpXbhiWjitDIShZ9UHuFrUuVvobiAdqu0QmxR%2FzX5ZAYt9Pa%2B9eZGw%2Bvfq%2BnYeFytjG9qXNBMrcQZGdPeFJJkfX%2FgpjkE3oX6fvaYyT%2BUMEhi0k%2Fo0e2v7XJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cada8bc02bb4-FRA
p.html
randiul.com/r/ Frame 2AB2 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=adwipcut&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
ETTC4jTEI2xUw--FnF3HwEjlvCj8yZFO-IXRnyXCS5tDKHPQkZip_g==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame C26B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
toz4oIV_cqrUrTLSxZacQDLFe39Aq3SwpoQLTgVN6KRJ66RTqrdUvQ==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame CDCA 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=xmzqpdlh&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
y1EGDSob64XZlW6mlDnEMNqGlISRn9mQkxm7E06EmfJsle0hCCp-gQ==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 5C92 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=cvfhltc&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
DLms9Yz27xspl-RLmNLllqQHPzdo2cDbe--hzrAmIJK7LGVg9vGaww==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 628E 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=relqudtyen&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
9LT7e7JNi1v7h7QA2LnsxlEPGSVXFCrfZ9WIShld-UVQiaYQHL74tg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame B059 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=ssamglrx&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
OI4JMghHL2FD5eLQaF0ip9Ynepce86_eMZY362-mGgaNsPC8JRcTnw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 7CB6 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
YUvICNFHVV_H-86rtrc5oW_ZNL0e-IO3Sdzz7w4yz2BziRtUxHEy4A==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 6259 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=zrfcegujz&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
2A6vdYNRn_CmYba6YuocwXlUZNVzOdxWhlGoGbDtzv3Mzqjg5E-nLA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame EDD1 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=rmrccaiz&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
IqIw2iiom6q-EWW_fHV4KvQ9ZNZ6TU-AcNFUzOWuCuT3_F6IwAQSeg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame C1B7 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=blxiqpxyyl&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
WlddxN_RmeCC8nTV4cdmUPdFMIzEemTZdkVOfcBCvdk7oKn1CUriXA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 60E0 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=ayiumtcg&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
4g86TyGuZOL9Wmm0PF_k5Yjfcx6UwDQeuwwyyCMYAwRAuQNNXIITkw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 1E15 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=mtujveef&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
vic09JuOb3s9XnRMn7lbo6La7EniIRqqEQyTx3o3UxOOM6mQoMqAMg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame 33C4 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=jbcjsa&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
wctt4_PhvpF9xBqn296Sp7OXPIUWsusW-pmuFccdi95m3ZCeliba_Q==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
randiul.com/r/ Frame FEBD 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randiul.com/r/p.html?f=gmnwybg&e=1610118725716
Requested by
Host: randiul.com
URL: https://randiul.com/t.js?i=hir2iwy87m32wy97ljy4y&cb=3905281672896316166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
content-encoding
gzip
content-type
text/html
date
Thu, 05 Jan 2023 05:18:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
MD34CMoOHClImKcOZo1NpRffa7ICCo4tMmZcEU-ph8tieMKvxk6DwA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
cookie.js
partner.googleadservices.com/gampad/ 		387 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bagnet.org&callback=_gfp_s_&client=ca-pub-9753172864856563&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b011b96319befc2ecdaee47e42ffdc1f8c4201a7d975a16beb305f5ec7bddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bagnet.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bagnet.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D149 		454 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&adk=1812271804&adf=1573534164&lmt=1672896316&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.bagnet.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316284&bpp=7&bdt=283&idt=352&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=376
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
407b45edce252fe70f26499418321e6288e415d3400fbf93ca95d594122ca0c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
88574
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
expires
Thu, 05 Jan 2023 05:25:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54800645-1&cid=118640274.1672896316&jid=1213790752&gjid=1956232968&_gid=921727472.1672896317&_u=IADAAEAAAAAAACAAI~&z=94958707
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 05 Jan 2023 05:25:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bagnet.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FF93 		102 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6c622c02a1fa5df52c36756ad6b7648d26f17a8db17911138793a129b8748ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
expires
Thu, 05 Jan 2023 05:25:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
prebid7.19.0.js
hb.adpone.com/ Frame 2AB2 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=adwipcut&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEbdjDxwuX5a3CN8U%2BM%2BpYlTXyqRZ%2FuexTM0w9T6aHq%2Bc19zfyp%2B5yO5cvEcah3MAlj4Jg09J8k9zCnoFvjYEeYTU6OE8NhckMJtaR4pZFTpIBvtsOolzTTIsIV8e%2BUq8mLIOKRaOFclXSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadbbd392bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame C26B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIG2YeC%2BVBYcwY3urNHo5u6hfQbD87EISWopXz5BXS5bUu%2FW4qFzb5B2fhrcRxXJ%2BfJtwLxialAzUCxX5Al4DPLeduQxzTlI2nX7%2BFCUpl9WVU0Y4bQDrIhgYnKDWj8MvyXe%2Bf8W3EgkNEA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadbcd452bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame CDCA 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=xmzqpdlh&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6QoYivwDTxblW2OlY51Im6n7KRSI09ZC8jOI5elpa82T8UhUNPich5yiDsDVmVLveRMc7SYhf12VWlYoSXX1Da3XGah3iGTZXGYihkdw2LD7%2Feh%2Fkc7sPFXCv8vkpKMjPSprgKz4eZuHkk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadbcd4b2bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 5C92 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=cvfhltc&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m61ZPwgVCMBx8jI3FJ%2BkBhDN6bQnp13v0sLvRNZaSN10Nel3RBa2vmucvCdzIx9QfIoED8rZri7DFBHLC6IWEK1Il2WF%2FbsiF17mHcS0AaXhT66Gufsd3fdYV340o5vH6I2TzCuNlS1MDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadbdd572bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 628E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=relqudtyen&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAZmIbLkmoNeq7rz3vTCFfD2gfXJs%2Fp%2FtkJnVr2HPYk33VtxH54XLPFn%2Fl%2FLz62pemrg7kpXRKAGhO0D9HKqZ6uchjnAqfZUR0oBUUf5Z%2BDaKq1tuLVVykY9aWTWZYt66ddD0B71a%2BXHX8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadbed642bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame B059 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ssamglrx&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ieUOhkd6j0n6p1mBqGmVxCoxsXZImjTMWOkeu4QXR7gFmywMt27VLPdA1OTMBUgH47iOUmumB%2Bo59OhUehcnMMssFfPWWVvGHs4MoLv7dzx6hRMDQzjLQ%2BSW6LpMj2ybQ4L0kLvZTA0vYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadbfd7b2bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7CB6 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjQeabRhrmyiTkur2p%2F73z1%2B0BQUWwm7yYSgXh6WC5jGktTanoSbbpq204tSaHGkdV3Zzs8gtDuQ9Ivscdeh%2BKCeAZsBYiYSUHaW4%2BDMMVqnCzw4D%2BuAtwLcZM2srDh8SPv5AfA86e7bycg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc0d862bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 6259 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=zrfcegujz&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYHAPJhmHXguxKuTKhs8QsIUyo7nbMSelIbEgvoqhQUi952rdwE3F4yf88j7nEZTNtJ9UZ46PexhUv5G%2BfpSjrf%2BFeTM%2BUS82DKuXfN5EAmw9oxkemtXL1uc9CFXl2ttAonF32oheHJcUrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc1d952bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame EDD1 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=rmrccaiz&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETWbl%2FRBYpz4NcMgQOVEqDFmGY7FzkBZgiVUmJrhyU0sFdBW0n31kJ77QS6SJ0aKi3guhBuBNXEsfrkCyYbnkvHbCP7MW4KZxyh46N4q8CsTTZf5xlEysXfdLfGtUhzxNG3yctHo51Ha3Gs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc1d9d2bb4-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame FBDE 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bagnet.org
date
Thu, 05 Jan 2023 05:25:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame FBDE 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=73806746007&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bagnet.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame FBDE 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bagnet.org
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FBDE 		371 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=%2F21671350435%2C22540091175%2F300x600-bagnet.org_._dekstop&tk_flint=pbjs_lite_v7.19.0&x_source.tid=508afaa9-83e4-4d0c-89e7-a64ecba18650&l_pb_bid_id=860bd4c80d6765&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5926382526680567
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
858a15bbfd20f452293e0ba16b8cf0aa1be0b285374e0fd9b4989ada9df46277

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bagnet.org
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
371
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ Frame FBDE 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:07 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bagnet.org
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame FBDE 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bagnet.org
date
Thu, 05 Jan 2023 05:25:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame FBDE 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bagnet.org
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame FBDE 		24 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c8d88167be7d9332553f9d5d4ef7ded0ed20a98f38d95bac2df57cc598c01abe

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:16 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bagnet.org
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame FBDE 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
667792603613217371e596c33eb33796142b25497f7e690037a472a824352d87
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
48fc0bb0-9ead-4ab5-b5f9-0a219d18504c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bagnet.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid7.19.0.js
hb.adpone.com/ Frame C1B7 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=blxiqpxyyl&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDoqcFelFSZWNL7h7FxB0s0RGj37YxuTw%2FkVbRTFV%2BT6y0oNS80Q9FGC4Q1BT4husDq69p5Qyn4yWKNKu7zGrRHE1vODn0d5EFWwYzRMPbblmpOXU5xYByWdGcQ4RGvwGTnrv8Yo9Cn30mE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc4db62bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 60E0 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ayiumtcg&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLuwZFkPH4CkkbPPs4XhDCm5JpTUuomuk95RmlH9%2BI5wkfhgLDitx9xGXCwJnfb%2F0jLVY81pHEH8ZJotuDkEy7p6p5vKgxUkHMAcYqg1w%2FvzEb1uqE83eb%2BWsmVGm2740mgA2FFe0PKR484%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc4dbb2bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 1E15 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=mtujveef&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q0UFat9N%2FFAiqsL7ULnONP6pEOVTFqgufz%2Fy40pp5ZlDZu7HxNz5cpLIEnZqEMx%2FWIaCUQmM4MQ5yuU8S7KT3t4P9ZMcHtIWaYyto71JJd11NvsCaIAAKI%2B%2FE6lkSfEy%2B7vu2YeUML%2F1yU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc5dc52bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 33C4 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=jbcjsa&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWLy9t1YsruB3gX%2FpjAu8cYjmYhxGA8txUDJZsUHPwt%2FiRh61nbujUY8eqYoy%2FBmqYuMZxPoJDy9brqYeLH%2BtvqZR42LY2gD1fE9YTT1NrpJ%2Fzmg7JNrrvBLRoPNkX%2BI9dQmTMVXQv8MyK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc6dcd2bb4-FRA
prebid7.19.0.js
hb.adpone.com/ Frame FEBD 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=gmnwybg&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8360NKCZAHV2KATV
age
1701
x-amz-id-2
6r5yLg+9FQO39yvZX2zU6igrxNKE+F2gqDl+SGCH2aPuwZtr30yiEcAsWnTKCehIX+JowBRYnpo=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcjF9qzaK9hLS759zRzYsKDk3nML8b7zfOLTAJqJmDCAiJInJSxi8w2eLPQtPX0%2F1fU01YX1Mb4FvqiUyjfhO8AwKjDMcCd7kdBhVahhnDLxBUONxK%2FL0WCZiZsVpSLonQ6GKfBSXcQmQ8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7849cadc8de52bb4-FRA
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ Frame FBDE 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 17:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Dec 2023 17:22:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame FBDE 		183 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bagnet.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d3261bb122769bc1abe4be6be6eea5424bb56d5d803d50931ee469173caf86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:17 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2AB2 		336 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316753&tk_flint=pbjs_lite_v7.19.0&x_source.tid=922eb05f-97a6-496b-9d3b-7e65c13aae5a&l_pb_bid_id=2cc0207662ded2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6754644975164792
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dd4fb09f6b657159b016614cc74e56d469306c2c396f535e522c83e6fd6e21c2

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2AB2 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5f908d086c97950c42ad70f26e33ac9395a6d1c9f1b40ef71afd48184e014d86
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
ec2cd370-71b1-44d1-9ca9-8075c718a14b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 2AB2 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2AB2 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame 2AB2 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
abbe00947e46f8ae1dfe1e9f18767a0d131bd20b04155eeb7efa86ebe11efea1

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ Frame 2AB2 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 2AB2 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=48132967169&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 2AB2 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame CDCA 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=52760155673&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CDCA 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316767&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d7b8f463-f203-4055-a311-401e041e1d03&l_pb_bid_id=47919beaa07445&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7219989039075569
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd236a5f0e28247ae28c60401d77aa57036f1d307707c61a980caf38ebd025ad

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame CDCA 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame CDCA 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame CDCA 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame CDCA 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1f773304f6a0b415af6b4e8532bf6cd0371e967b32649c5cf4b1351bcec34700
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
a0e19183-8f2f-47fb-b0a1-ae33a4326b9e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame CDCA 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b93ac3237cb72bd60a3050d4ac5ad2fcd423bd130dc17e6d85e5b5bbdae1a94b

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ Frame CDCA 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C26B 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C26B 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C26B 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316760&tk_flint=pbjs_lite_v7.19.0&x_source.tid=18cff919-deed-48e4-ae0e-9f05527e943d&l_pb_bid_id=67a8217acbfae2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5066442086434892
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a1083e748187fc77ca8ab61b1db9f8ff11f180f753080e748e63c0bae0875420

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame C26B 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=48406762085&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame C26B 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C26B 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ce21697b06d721f300398e6a005654c614a0b06445f1a9624eb525c024757735
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
091ddc1e-d5a5-430a-a750-466c22c1a334
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame C26B 		93 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
eee819387e5a74efb54ea69ef79f019e0bcfae13e219f16d8d840dca637aa818

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame C26B 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 5C92 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c64f571ec2636776914e8d263b3f7400d17d9636b3019ee67d2d106e798fe1d0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5C92 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 5C92 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 5C92 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5C92 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316775&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8715e003-b454-4c09-a6f4-c5d1b6fa7cb7&l_pb_bid_id=10847edbe0af9d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15859943434834434
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c379cf7f471f8ab201f611db861dc63bebb6460345f830e02fdb348d102b79c4

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 5C92 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=37392433587&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 5C92 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cc66480bf82ca8cc310db9fa7d3b3ab038bd2167521dbe5fe5cc95f51e7881c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
8e0220f8-6a17-4bca-ac43-a81e9bf519f1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 5C92 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame B059 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame B059 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f03d16fc8ad48c08f585fe8eaa6977d8d028ac91771245a6f57cbfb640ff069f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b427be75-6fe4-4fc3-b900-fec46f3772f3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame B059 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame B059 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame B059 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97485806220&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame B059 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B059 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316790&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bfb0911a-0ec0-4fb8-84b7-3230cc093bd2&l_pb_bid_id=14a7f06d6458f2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7854226480523454
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d2f06f250585942ab5e29dde7c7e25c17e0eadc0ac3e4a75a7bf8b1d7f9eb535

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame B059 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fb92a1b97b6e35f7d0987eb448dbd61afa81fb1a804719370a890166a0ce6e28

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7CB6 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316799&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e943e091-98fa-41cc-895c-4580f9c46c35&l_pb_bid_id=2d80ee19b8921c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9535250689822727
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2947fc4f115f8715cdf223f6094df070268f39932bd426b81625b30318c70684

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 7CB6 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 7CB6 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 7CB6 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0a740a9da41fe2a9792f29a67d483f317e2e553783a950d381008216810f0aef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5c4b6027-01d7-4b42-88a8-809fbc758cb8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 7CB6 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 7CB6 		94 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1683731e0ccea927000dda72832fd685be860cf6e71cfd13dd8edfdc64d358b5

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7CB6 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 7CB6 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56426781183&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid
ap.lijit.com/rtb/ Frame 6259 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
85b4ebe6754b9cef31547f1372c97ab87e1381213e9a82f54ad06382c8b5547a

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6259 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316808&tk_flint=pbjs_lite_v7.19.0&x_source.tid=eb7dce3d-6411-40f8-aa91-d0342a466e6d&l_pb_bid_id=42bc20408d8e54&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7745277511490627
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6cc18bb48d5e19c476262f1de93ceda4e08334cc5c703b68f4cee2b6de5dae25

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6259 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e35c96006c90e9827a14f712471830c17bf58ba452824f2581765779a78883e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
208890dd-c586-47a9-b855-a9098dd685dd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6259 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 6259 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=1661104877&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 6259 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 6259 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 6259 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 628E 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5ede1d9607eaa58e42e7cbaad8dd3ebd2ea55be7d086d846e11f8f3535a4a8c4

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ Frame 628E 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
63ae53f18d2d141b7a62d2bfc880c5e1e2e65c387bd9f27dcc6c9b06be59dddf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
e1337f6a-d836-487f-b459-c1f63aaaaa72
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 628E 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 628E 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 628E 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 628E 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316781&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ee51abf2-a312-4a7e-933c-7b08e26d223c&l_pb_bid_id=125d6297107027b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32824298156431664
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29fd6ff2f97ef81688e9f6b380dbc1dc173169f7ea6b0e4ae6c525cf7ef8e275

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 628E 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 628E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94408027162&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame C1B7 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ Frame C1B7 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C1B7 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2d411564bd40d53e105c51b97cdf1bb5da08c174bc5057c652cc4f37d2f0cf2e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
29b54a0b-c382-4635-96bc-f10dde836881
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C1B7 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316841&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bc52c730-a911-4d2f-b01e-a007004578ba&l_pb_bid_id=80b5e58bca2576&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8678812935225908
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bdb734191c9aa80c88735c5d50ce563dce2e9f35173cd745cb34f1d22db41a57

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C1B7 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame C1B7 		94 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4df2e689080a301c1eddb6d336d93044030aef526e9650c9f8c3c0a3758027b6

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cdb
bidder.criteo.com/ Frame C1B7 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=63695333610&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid
ap.lijit.com/rtb/ Frame EDD1 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
db09805c043ee65740a855ff215ce419bbe277a94a66f3dfc4152a8c86f2f4a1

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ Frame EDD1 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
67153397f59fdb0fde160204c09fff522600ceffd4755f0b5d95291ab5d90734
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
111a9f80-1bf8-4793-9f5d-635c047be81c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame EDD1 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=42067329465&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EDD1 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame EDD1 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame EDD1 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EDD1 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316815&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ffc41423-2eb7-46ef-814d-b0f4ad7004c1&l_pb_bid_id=1492c2e4844d38d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1522029532807614
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
14eec6feddb11747aaeb1bf12aa61fd4d539cb74a3a84ce104facf014717d7bb

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 60E0 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60E0 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316848&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ac0b1c67-6443-4078-824b-ab2696abd3e3&l_pb_bid_id=420e58ec914d35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4941973164246791
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
00ce7879747c78d08727e6ccfeed8b69929f14e09e15a5d66df3d0cd31b159c7

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 60E0 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
027482634bb49ba2e1d84ef9ba6386e6db80cda270a7d298d226d2e891eee6cd

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame 60E0 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 60E0 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 60E0 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=79572149928&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 60E0 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef8aa6f9caf4629cf848f4160f7bb1776a6418fad2eeef26bdbec04cb231d245
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
891d7388-0e55-45b1-9969-1b4c085ec1f3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame FF93 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 04:52:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FF93 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
4744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:06:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame FF93 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:05:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FF93 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FF93 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF93 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
148b897ed20242fb53e65c70a8c63c89.js
www.gstatic.com/mysidia/ Frame FF93 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 19:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14307
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 19:06:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:37:16 GMT
v1
prg.smartadserver.com/prebid/ Frame 1E15 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1E15 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 1E15 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=91232885996&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1E15 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316856&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5b085d11-9988-4a7b-9462-22eee0439503&l_pb_bid_id=8e1b426945158&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3044593885642597
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb251dfa865d100230c384bf20c40b2e60586ad86cfe0f6570302d1a6575d931

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 1E15 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
848f886c75b60e23d66079b1b26a2841600639035a1b8411a3704d918c44fa54

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ Frame 1E15 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8c2359c3c50d73f32c6bb02bee0f09a2d43fbe8b40b01ef41c937d0a57e2728e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
fc3e11f1-0113-4bf9-933d-c9b1dccd5175
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 1E15 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 33C4 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=32664560366&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 33C4 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 33C4 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 33C4 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316863&tk_flint=pbjs_lite_v7.19.0&x_source.tid=920d34b1-ed87-45e6-a1f8-6b5496cf249f&l_pb_bid_id=89704eb7266b9b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12367454510775455
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2ea06483f95caa1df5bc9654290c3ac75bcbfa9f53cb7421efc8e1826b3e90fb

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 33C4 		93 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
909b05a91fd8b53e7773163efcb408c6d45c6cf987eaba31bb2a65f44f1f7cee

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ Frame 33C4 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
27b48d21ad53b1d45e58225d561f710045543f355e89b209c08c43260d4100b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
9ae0a87c-b972-4b6c-b868-008f6f29f4a4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 33C4 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame FEBD 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame FEBD 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=96914652271&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://randiul.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame FEBD 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://randiul.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame FEBD 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d1d285fe57d0920caf73be8b4d864cc93e93267119892dfcba0deebaf9fbd7b3

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame FEBD 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://randiul.com
date
Thu, 05 Jan 2023 05:25:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FEBD 		336 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1949604&size_id=10&p_pos=atf&rp_schain=1.0,1!adpone.com,44b4c406c673930a857f,1,,,&rf=bagnet.org&tg_i.page=https%3A%2F%2Fwww.bagnet.org%2F&tg_i.domain=bagnet.org&tg_i.pbadslot=adpn-adtag-1672896316881&tk_flint=pbjs_lite_v7.19.0&x_source.tid=676d928c-afaf-448d-b670-9a98beb147ee&l_pb_bid_id=12b38c25716b3cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02967895129668996
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
82c977ab5220ef4fda8f71424453f077699086b52fce93443a37559642bdace3

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://randiul.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
336
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame FEBD 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fcfd869a9acc58a85ed2de548a86c3095b03b582805a5c1c4c78f78a9b67e3de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
264b9f9c-f0c7-4561-841c-aa5c87f3500c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FF93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPIkTPF-2Y_3qLv-3x_APnpSN-AK888KSbrac89zcENzZHhABINrA8ChgleKQgqAHoAHCssmkA8gBCakCBmGgCJTKsT6oAwHIA8sEqgT0AU_Qk3bt3iAgRmGtGE771_H_YZ8nHRMzjYsAYZBM0OGvBEKqs6Zn04jwniQ-aS2mFnlapf-GXm-IQVdukux6_xeYCEpl3oCut2in9zTDTo4hG9qCxpssMkDE52qAvjEd9iQ5GbvFwDW2vhUyqSEzWLCPkzuzVbvF0vMBTSNoQQfguODVEqmW_Q1WOx8-I0mW43oE1Uv9SN7KYhMayaKkUiNp4nrPbTN4zZt2UI4Ftr0TgdcKF81oO0ri3rUNUkr-7ab8HP_bZL9yfy6eB3RXByXxSxbia_wA2vRj0xVus6ZfK7DQP1wf4wsVyEwgqQzzts4hZJHABLzX36abBJIFBAgEGAGSBQQIBRgEoAYugAemzbZbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxuAI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNTQ0NzA3MTEwMTM2MjYyMxgA&sigh=IBdAursq1fA&uach_m=[UACH]&cid=CAQSGwDq26N9yTrkV906sPBOxoWzuDdDgdRzkHHoRxgBIBM&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:17 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82a8010356f27fae7f3fb59d7cab3b49973591533206f149fa5f4e1fd83d9361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52349
x-xss-protection
0
server
cafe
etag
7554780724842037355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 05:25:17 GMT
integrator.js
adservice.google.de/adsid/ Frame FBDE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bagnet.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FBDE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bagnet.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FBDE 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=416874039351052&correlator=4180525824041242&eid=31071186%2C31068367%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=21671350435%3A22540091175%2C300x600-bagnet.org_._dekstop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=4068109590&sfv=1-0-40&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D2061e5795eaa4f5%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D2061e5795eaa4f5%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&abxe=1&dt=1672896317394&lmt=1672896317&dlt=1672896316527&idt=814&adxs=1025&adys=1357&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=key11lmy0j1v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.bagnet.org%2F&ref=https%3A%2F%2Fwww.bagnet.org%2F&top=https%3A%2F%2Fwww.bagnet.org%2F&frm=23&vis=1&psz=300x600&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=1591083225&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e274f0824fe483792c1f8a67364a6cc3a226949faf77285017171a47ba05a9a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bagnet.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FBDE 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0486266cc98fa7c6a2188a3552166fa61a485c0ca9e208ae66fd64def5c3e482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11374
x-xss-protection
0
container.html
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 05CC 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
expires
Fri, 05 Jan 2024 05:25:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/7410247618877775501/ Frame FF93 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7410247618877775501/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e1b198d5563d0599bf8593ccbdb5c264acdc2ce64e8761084b279dbd7c7236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 15:14:31 GMT
x-content-type-options
nosniff
age
310246
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47878
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 14:42:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jan 2024 15:14:31 GMT
truncated
/ Frame FF93 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FF93 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
dcmads.js
www.googletagservices.com/dcm/ Frame 9FCC 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:03:00 GMT
apn
beacon.sojern.com/imp/ Frame 9FCC 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=8759338770679901928&cr=372961559&seg=&st=0&bp=0.00766&pp=0.00766&aaid=&idfa=&ord=1975396276
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Thu, 05 Jan 2023 05:25:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 9FCC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1975396276&sz=300x600&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-71.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
VIE50-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
QQdJojrTcGta-sFO7wsL3tc2LbxcipZgsrMeMgxf-dJ0vQNcWTcHVQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 9FCC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2595005
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220076-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1672896318.675885,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 546529
it
ams3-ib.adnxs.com/ Frame 9FCC 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bagnet.org%252F&e=wqT_3QK0CvBMNAUAAAMA1gAFAQi9vtmdBhDo3bqtv4bbx3kY56uc0sD2391HKjYJ_znMlxdgfz8Rc79V6zxidz8ZAAAAIFyP6j8hc79V6zxidz8p_zkJJPCaMQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCX4uuxAViNlowBYABomp2kAXjy8wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjk0MDc4OSwgMCk7dWYoJ2knLCA0ODIzOTMwLCAwKTt1ZignZycsIDEyNzI4MjcyLCANKfCfcicsIDM3Mjk2MTU1OSwgMCk7kgKlBCFOMmxoZndqSWhOUVZFSmZpNjdFQkdBQWdqWmFNQVRBQU9BQkFBRWpxUDFEcHBmd0pXQUJnandab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFXZGJRalVSWkg4X3dRRm5XMEkxRVdSX1A4a0JBQUFBQUFBQThEX1pBUUFBQQEPdFBBXzRBSDZ0cVlDOVFITnpNdzltQUlBb0FJQnRRSQEiBEF2DQjwW3dBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1EY3g0QU9VTUlBRTY5X0ZCSWdFbDdiTEJKQUVBWmdFQWJvRUdnaUZCQkVBBWkUQURRUHhrCQsBASRDQ0N4b3NPd1FRAQ4AQQUgCDhrRQEKCQEYRFlCQUR4QgkNBQFQaUFXM0w2a0ZUbnJmLU5vejdqLXhCET8gQUFBd1FXYW1aBQIQNVA4a0YBFBxJSXFlc3pfUi4oAAgyUVUBGwF0wHdQLUFGX2dYd0JkRHZpQWI0QmZXLXN3R0NCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJwcVoFXixia19xQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFOQmJfVEE6KQIwSTJXakFFZ0FDZ0FNWhltTE9nbEJUVk16T2pZd056RkFsREJKAb8BAQw4RDlSAQgJAQRCWgkIAQEEQmgBBgEBDDBEOXABCAkBBEJ4CQgBARBCNEFJazVk8P04RDgu2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwNzHaBAIIAeAEAfAEl-LrsQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0AboKdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfy8wXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=c83e843ff6e4cdc5671a7dce51597fb161d04585
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
0ef16a5f-d7f9-4cb5-bd3f-d79eb6a69aa5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
qfqcwu936glt
hal9000.redintelligence.net/zone/ Frame FC48 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=8681009602786294126&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ea2f7622e42f43506e0fa75ddcc965e7ef498352d55c5ed2165a5c688a6a79da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2799
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame FC48
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWlRRNVl6VTJaamd0WVdaaVl5MDNZVE16TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2ODEwMDk2MDI3ODYyOTQxMjYvNjYyMjM5Ni80NTYyMzEyLzEzL2ZVc3...
  • https://tags.mathtag.com/ck-confirm?bid_id=8681009602786294126&node_id=3751&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8681009602786294126&node_id=3751&exch_id=13
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
HTTP/1.1
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x91, zrh-bidder-x137
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:16 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
x-mm-nodeid
3751
x-mm-bid-request-time
1672896317
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Thu, 05 Jan 2023 05:25:17 GMT
Server
MMBD/3.374.2
x-mm-latency
22 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=8681009602786294126&node_id=3751&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x94, zrh-bidder-x137
Keep-Alive
timeout=360
x-mm-lag
0
Expires
Thu, 05 Jan 2023 05:25:16 GMT
img
pixel.mathtag.com/event/ Frame FC48 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=8681009602786294126&v3=651871&v4=4562312&v5=6622396&mt_nsync=1&no_attr=1
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 05 Jan 2023 05:25:16 GMT
img
tags.mathtag.com/event/ Frame FC48 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=8681009602786294126&st=4562312&time=[IMP_ATTR.time]&nodeid=3751
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x43, zrh-bidder-x137
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:16 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame FC48 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2595005
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220081-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1672896318.676090,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 127839
it
ams3-ib.adnxs.com/ Frame FC48 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bagnet.org%252F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQi9vtmdBhDt_5Ptr_C6rT4Y56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXj28QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXbFJSTlZsNlZUSmFhbWQwV1ZkYWFWbDVNRE5aVkUxNlRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpnMk9ERXdNRGsyTURJM09EWXlPVFF4TWpZdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwyWlZjM1l6TmxwWVRXSkZTRUo2TWpWUU1HeHNZMVpKVms0eFZGaExjVnBSV21neFFXazBkV1pQZGtVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TnpRdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjMF5AxFMUVRDeQFEAAwARAgY3ZNQzh3THpBDQhm_AAMZW5KbwUoiFRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1BVTwi2pBd01DOHhOamN5T0RrMk16RTNMekUyTnpJNU1EZzVNVGN2TVRNdk1UQXlOalF2LzhVZmdhc05lQXh0Ujh4OTlJWEVuSUtjMkdKRSZub2RlaWQ9Mzc1MSZncm91cD16cmgmYXVjdGlvbmlkPTg2ODEwMDk2MDI3ODYyOTQxMjYmcGJzX2F1Y3Rpb25pViIAKHNoYXJka2V5PTg2Sj8A8H1yaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS4xMzkmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITODZCkQCwGhM0NDkzMTYyNTI2MDg5MjE1OTgxIgkzODI2NTA0MDYqBjEwMTkzNjoHNjYyAWPwZcADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIU4WIgFAZgFAKAFwLWP9779rKJKwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAf28QXSBw0JETEBLwjaBwYBZ3AYAOAHAOoHAggA8AfkwgGKCAIQAJUIAACAP5gIAQ..&s=9c7ee403f354c34a75e156488b2a9a902698e724
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
0fca8edf-1f4f-4383-a1f9-72d635209105
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bagnet.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bagnet.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EA21 		79 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98fb57ec2e2edb11384c4bfa6a558a3f3618f3492a084ff03aede0855f1f1e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
32674
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DDF 		80 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
126ccd72e4b0a0d451b1e50d79524541cd7cf28de3c58cc9f4e96dc617574f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33008
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC7B 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed22296f660839868aa63097e362111f018cfdb2737c73a393a82f043ffbd1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame B677 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:03:00 GMT
apn
beacon.sojern.com/imp/ Frame B677 		42 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=1986331155412975150&cr=240739625&seg=&st=0&bp=0.00616&pp=0.00616&aaid=&idfa=&ord=480201510
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Thu, 05 Jan 2023 05:25:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame B677 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=480201510&sz=300x600&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-71.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
VIE50-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
gfZP7uJZXWLmKyh6bRL7GBeNyM7zF080hl_r9wWa5rQWC5w9gjkuLA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame B677 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2595004
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220074-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1672896318.676080,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 664918
it
ams3-ib.adnxs.com/ Frame B677 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bagnet.org%252F&e=wqT_3QKyCvBMMgUAAAMA1gAFAQi9vtmdBhCu_LnllrW3yBsY56uc0sD2391HKjYJQZqxaDo7eT8RBC8ch__Ncj8ZAAAAIFyP6j8hBC8ch__Ncj8pQpoJJPB5MQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCpyuVyWI2WjAFgAGianaQBeKHyBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0ODE5MzUyLCAwKTt1ZignaScBFBwyNDY4MCwgMAkULGcnLCAxMjczNDc5NhUVMHInLCAyNDA3Mzk2MjUFFvCLkgKlBCFlMm1vSUFpVjJkUVZFS25LNVhJWUFDQ05sb3dCTUFBNEFFQUFTT29fVU9tbF9BbFlBR0NQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkIzS0RBdE0zZVRfQkFRZHlnd0xUTjNrX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWVpOHBnTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk16T2pZd016UGdBNVF3Z0FTRjZzVUVpQVR3N3NzRWtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCWkV2cVFWT2V0XzQyalB1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEQXhvV3ZQOTIoAARaQhFnwFBBXzRBWG9CUEFGektLSkJ2Z0ZtSk9tQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMQEM0QmdvLpoCmQEhQ0JhSk53NikCLGpaYU1BU0FBS0FBeBltUDg2Q1VGTlV6TTZOakF6TTBDVU1Faw1UDER3UDE9JABGERgMQUFBRxEYDERRUDIdGABIERgYQUFBSGdBaS49AvDXdy4u2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwMzPaBAIIAeAEAfAEqcrlcogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5w2AUB4AUB8AWkxir6BQQIABAAkAYAmAYAuAYAwQYFIiwA8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHofIF0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAH5MIBiggCEACVCAAAgD-YCAE.&s=43262c59a54959012e76062c5e3411baa00bf54d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
b8f081a9-1719-4887-83dd-c1f1dc23bd90
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
request.php
hal900021.redintelligence.net/ Frame FC48
Redirect Chain
  • https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
HTTP/1.1
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
51faa11b30f9dc82f6bc641ccc8145c0f9e3d11077277df136a37ccd86f6793f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
14577000018871800951433012195021
Connection
close
Content-Length
1310
Expires
Thu, 05 Jan 2023 05:25:17 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:17 +0100
impl_v92.js
www.googletagservices.com/dcm/ Frame 9FCC 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 03:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 03:41:58 GMT
qfqcwu936glt
hal9000.redintelligence.net/zone/ Frame 6FBE 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=2916402079752059002&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
4fc7b9d12a03c86c86d706ca243089f6c4c8d93e6382550767095254b76ca645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2800
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
tags.mathtag.com/notify/ Frame 6FBE 		49 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWlRRNVl6VTJaamd0WVdaaVl5MDNZVE16TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5MTY0MDIwNzk3NTIwNTkwMDIvNjYyMjM5Ni80NTYyMzEyLzEzL2ZVc3YzNlpYTWJFSEJ6MjVQMGxsY2VHeEdkWmNfNjhQYm1XcHF6TzJtM2cvMS8xMy8wLzAvOTU2ODAzLzMxMTc3ODM5NzQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzI5MTY0MDIwNzk3NTIwNTkwMDIvenJoLzAvMTk5LzI2Lzk5OS8zMjIvMTg1LjIxMy4xNTUuMC8wLjAwMC8xNjcyODk2MzE3LzE2NzI5MDg5MTcvMTMvMTAyNjQv/0JubUMjIC0grUXx4aViA88jMoMY&nodeid=3751&group=zrh&auctionid=2916402079752059002&pbs_auctionid=2916402079752059002&shardkey=2916402079752059002&sid=4562312&cid=6622396&bp=a_aefiia&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.133.162&type=imp&client=c2s
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
x-mm-nodeid
3751
x-mm-bid-request-time
1672896317
Connection
keep-alive
Content-Length
49
x-mm-handled-by-owner
true
Last-Modified
Thu, 05 Jan 2023 05:25:17 GMT
Server
MMBD/3.374.2
x-mm-latency
17 (1)
Content-Type
image/gif
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x43, zrh-bidder-x137
Keep-Alive
timeout=360
x-mm-lag
0
Expires
Thu, 05 Jan 2023 05:25:16 GMT
img
pixel.mathtag.com/event/ Frame 6FBE 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=2916402079752059002&v3=651871&v4=4562312&v5=6622396&mt_nsync=1&no_attr=1
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 05 Jan 2023 05:25:16 GMT
img
tags.mathtag.com/event/ Frame 6FBE 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=2916402079752059002&st=4562312&time=[IMP_ATTR.time]&nodeid=3751
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x26, zrh-bidder-x137
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:16 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 6FBE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2595004
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220089-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1672896318.676546,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 134208
it
ams3-ib.adnxs.com/ Frame 6FBE 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bagnet.org%252F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQi9vtmdBhC9stK6zqOl93UY56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXjm8QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXbFJSTlZsNlZUSmFhbWQwV1ZkYWFWbDVNRE5aVkUxNlRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpJNU1UWTBNREl3TnprM05USXdOVGt3TURJdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwyWlZjM1l6TmxwWVRXSkZTRUo2TWpWUU1HeHNZMXBHVDA1VlVWaGljbGR6VFhsYWF6bEJNVE5FV0Rndk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TnpRdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjMF5AxFMUVRDeQFEAAwARAgY3ZNQzh3THpBDQhm_AAMZW5KbwUoiFRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1BVRcakF3TUM4eE5qY3lPRGsyTXpFM0x6RTJOAWTwcURnNU1UY3ZNVE12TVRBeU5qUXYvMVlDSFpCRG5wbThMX0I2R3VTbzRUTTFnN0trJm5vZGVpZD0zNzUxJmdyb3VwPXpyaCZhdWN0aW9uaWQ9MjkxNjQwMjA3OTc1MjA1OTAwMiZwYnNfYXVjdGlvbmlkPU4iACBzaGFyZGtleT1OHQDwi3ByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4xNjImc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMjkxNjQwMjA3OTc1MjA1AdDw_RoTODQ5Nzg5MzQ5ODI2NzQwODcwMSIJMzgyNjUwNDA2KgYxMDE5MzY6BzY2MjIzOTbAA6wCyAMA2APVlULgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASmkLu2AYgFAZgFAKAFg9CY7bjc77BAwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAADQiYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAfm8QXSBw0JDS4FLwzaBwYIBQlo4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=cd71b37fa706a093433bf0ad92ef145e9e6a9cad
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
8fb4f0cb-574f-4321-8616-78208293fb4f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame C11B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 10:02:02 GMT
etag
10353107486223812946
expires
Wed, 18 Jan 2023 10:02:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame 6434 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 10:02:02 GMT
etag
10353107486223812946
expires
Wed, 18 Jan 2023 10:02:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame 3C83 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 10:02:02 GMT
etag
10353107486223812946
expires
Wed, 18 Jan 2023 10:02:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame 2B0B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9753172864856563&plah=www.bagnet.org&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 10:02:02 GMT
etag
10353107486223812946
expires
Wed, 18 Jan 2023 10:02:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FF93 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9d36dd5470636affe19f339cb6d39d598fbe413e668be0370ef65fd62247154

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FBDE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame FF93 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 17:04:17 GMT
x-content-type-options
nosniff
age
303660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jan 2024 17:04:17 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame B677 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 03:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 03:41:58 GMT
request.php
hal900015.redintelligence.net/ Frame 6FBE
Redirect Chain
  • https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
HTTP/1.1
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a76a9d29fceb54af17450f211520c19ac0d5a3b4c3965ad7a54c29aaf492cdc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
77140700020302200951433012195015
Connection
close
Content-Length
1311
Expires
Thu, 05 Jan 2023 05:25:17 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:17 +0100
B28229300.341737011;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;gdpr=0;aucid=8759338770679901928;crid=372961559;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_C...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 9FCC 		66 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B28229300.341737011;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;gdpr=0;aucid=8759338770679901928;crid=372961559;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2973613025;ord=0ljmh9;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_znMlxdgfz9zv1XrPGJ3PwAAACBcj-o_c79V6zxidz__OcyXF2B_P-iurvUzbI955xVHCrR_u0c9X7ZjAAAAAOkSPwEYKAAA6h8AAAIAAAAX8ToWDQsjAAAAAABVU0QARVVSACwBWAKaDgAAAAABAQUCAAAAANIAcyNKyQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521NBb_TAjIhNQVEJfi67EBGI2WjAEgACgAMZqZmZmZmbk_OglBTVMzOjYwNzFAlDBJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODE3MCNBTVMzOjYwNzE%3D%2Fbn%3D96754%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fwww.bagnet.org%2F$0;xdt=1;crlt=nb6H)qoQIk;gcsr=m;stc=1;chaa=1;sttr=138;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
4d515484e180cab3a6d005d9a12e5ac32aad7b3a44e6a3d6b60bf6c6f66be80b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28060
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E7E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Co5I7PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBOwBT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNWn5A_lwianZ3VFjM8VM4PyTMx5yKVI2SfAE6JtfIHiJw_Q7BGvyABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3NTMxNzI4NjQ4NTY1NjMYAA&sigh=kfJJCGQNTRM&uach_m=[UACH]&cid=CAQSOwDq26N9VNZDhPHOYx-1BBr2nJRWpIaaJsEarQaJVDJWuIYyrhLb45gww4th2Sky-cZ1MiS1TPWxUIcvGAEgEw
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame E7E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gghd8sg1rsmqqfmpgs61ekft8g0ceny0jrmhd7jmg2wg78trshgnc4nqapyajfhgwkqqq27nrqb3kkd8pdg0a4wtg59aj1h61nb7znbat90js6t2gwypct9a3vpbr8vq34x7yxf0brnbcpjcp9b3pkxys6t8eap32d32ypy5c7b71jc72xt06cb87qsn1h39fyvff0nq0rdfed9wzag23tz7vx0h656xth3anvvnp20swbbd2ck908r3s75tv0h627aac3agc0jzeamkfkh04f8esxm1bqfkhh4abgnx8kpwmhh7700n5tjfs1r5xmtkt0fcfgd6w5k1pqrynn9q772nbv1v0zkte52p4a2c0ffxqs0n3seem7fcy6maq82xpjts6ck9ys7crjf&b=Y7ZfPQAHv8IK7eqKAAUi-fMrQGxcNvkist05iQ
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame F95B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kzx8cnzrx4fn66gpbn97a1w5fjahz4gz0nvjqmjjp9w65y54m44se1xpx5fs0d1gxkqpppt8qpawrt8as5k5ptp76e5hv7t4kjj4s143h2w2cqfwe63tse0rq4cn2pay6texq7j9b2t5gqgh57186rwpetetppdw3hfr45jk7y8d4h5304hr8v870s1ymkkh63y4g38za22nc85pqa88c7k1wjtectf2ptch0rd5zamf9y9tjmert4wz0zc7vdfr9yv9c82j031zew8fycf1fz3tfj0es1b72n8czateyvabftprhf5yew99qxavb839tnkyqks14j0ra1dk7fveds3p34w26dcdmb306np9pcpjpggy6zymng1ybbyh6y63zmn3t1v85683j8jm7pnv31h966f3sqg756hzf9t3vgdxg6a9mw1751hzkg43266ma1as8hy74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%26client%3Dca-pub-9753172864856563%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b695b3b2c5b7f37074cc4b3fc5668a48c3980503409fb013910974faacdc42
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7849cae1fe90bbf8-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E7E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 98A3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 15:03:50 GMT
etag
48472445140208031
expires
Thu, 05 Jan 2023 15:03:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E7E7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
l
www.google.com/ads/measurement/ Frame E7E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpkXZIBqZM9ORC6zGHAYZAj3N-is5Ri3ApNoGpLsabi-x4lGIE7GLFf4XyvyPw8x3qsfbTzgdBJiEY9z4Wm4pvPhmQgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7E7 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
B24035856.271959736;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;aucid=1986331155412975150;crid=240739625;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_C...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame B677 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24035856.271959736;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;aucid=1986331155412975150;crid=240739625;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2928284358;ord=r6wrnz;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FQZqxaDo7eT8ELxyH_81yPwAAACBcj-o_BC8ch__Ncj9CmrFoOjt5Py5-rmyp3ZAb5xVHCrR_u0c9X7ZjAAAAAOkSPwEYKAAA6h8AAAIAAAApZVkODQsjAAAAAABVU0QARVVSACwBWAKaDgAAAAABAQUCAAAAANIA5B-bZQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521CBaJNwiV2dQVEKnK5XIYjZaMASAAKAAxmpmZmZmZuT86CUFNUzM6NjAzM0CUMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNBTVMzOjYwMzM%3D%2Fbn%3D96545%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fwww.bagnet.org%2F$0;xdt=1;crlt=nb6H)qoQIk;gcsr=m;stc=1;chaa=1;sttr=97;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
cd98986a2850eb065245b66b4830b87f5f785bf6872f81d14c46a60bb038f346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28484
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6707663432393032738
tpc.googlesyndication.com/simgad/ Frame 2DDF 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6707663432393032738?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlKYUK1YoITmqHK9OdsA6gkyEBDZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
726a5740dd11ed453b46c2e4a05a0cccaf30ba0e91cd934ec85e7687f84bbc49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 12:55:06 GMT
x-content-type-options
nosniff
age
577811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42790
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 07:43:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Dec 2023 12:55:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 2DDF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:05:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2DDF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2DDF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
l
www.google.com/ads/measurement/ Frame 2DDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ20BUHyLi7c60LZ5h4I3DoBiVioTNRloXQkdX86rqbCUuGQHn3zmU80YhRorN0f5afCiaUh59cjWrl5QXVPmCRyVpj-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2DDF 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2DDF 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f38a0ed3206d87e07bdce897f9345a89668d40a5770aca379097801c40cb45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
76871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13784
x-xss-protection
0
server
cafe
etag
1993361107838199930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Jan 2023 08:04:06 GMT
container.html
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D326 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
expires
Fri, 05 Jan 2024 05:25:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame C11B 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 04:33:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:17 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C11B 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 20:26:59 GMT
x-content-type-options
nosniff
age
32298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 04 Jan 2024 20:26:59 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C11B 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:06:57 GMT
x-content-type-options
nosniff
age
1100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 05 Jan 2024 05:06:57 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame C11B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8195
x-xss-protection
0
server
cafe
etag
298254208257092395
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:50:14 GMT
css
fonts.googleapis.com/ Frame 6434 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 04:11:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6434 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
4744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:06:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 6434 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:05:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6434 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6434 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6434 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
148b897ed20242fb53e65c70a8c63c89.js
www.gstatic.com/mysidia/ Frame 6434 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 19:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14307
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 19:06:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:37:16 GMT
6707663432393032738
tpc.googlesyndication.com/simgad/ Frame EA21 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6707663432393032738?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlKYUK1YoITmqHK9OdsA6gkyEBDZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
726a5740dd11ed453b46c2e4a05a0cccaf30ba0e91cd934ec85e7687f84bbc49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 12:55:06 GMT
x-content-type-options
nosniff
age
577811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42790
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 07:43:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Dec 2023 12:55:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame EA21 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:05:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EA21 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EA21 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
l
www.google.com/ads/measurement/ Frame EA21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7VgcREFYV4cziSA2goRFJ50VS3KhYIEpIGw6CuxwTKjdAk0WKRB4swJolPWZTqU925_zRUCmZvBgkaxXnFMYin-_PBA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA21 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EA21 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f38a0ed3206d87e07bdce897f9345a89668d40a5770aca379097801c40cb45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
76871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13784
x-xss-protection
0
server
cafe
etag
1993361107838199930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Jan 2023 08:04:06 GMT
css
fonts.googleapis.com/ Frame 3C83 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:25:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3C83 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
4744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:06:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 3C83 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:05:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3C83 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3C83 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C83 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
148b897ed20242fb53e65c70a8c63c89.js
www.gstatic.com/mysidia/ Frame 3C83 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 19:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14307
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 19:06:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:37:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2B0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLp2hPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgToAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5hZGjDFxPuI8EmtIkQswN2ZB-6oBMsT338HA45-ZJ6nI36MrfW_SABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTc1MzE3Mjg2NDg1NjU2MxgA&sigh=B3jFDW9Dd3s&uach_m=[UACH]&cid=CAQSGwDq26N9Ns7VXdCCvfChov6YGKQGDCw9bTinOhgBIBM
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2B0B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kP79Esz6RO0HfJ2DYgICAAAAwGXDZILM6vMQPF-2YwI_r7futnb88vueABIAAA&wp=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
317521
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame E631 		145 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d63232e463ab3b516874725dce30575863c129c6f096b15e53b7fe124ee043b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yVn4HdjTZFobtDfJE_S7DoBosuXhcgP8XiHuH2ROw0d1qJABx7wu_lUDC8J0HN2Uelkinav8xHyVk6Z5OkCw8SldLOpQlBCGKBCwJxplCJmxq7ct6ZmJ24Fx1PdNoAR-ivCoQIF-fSSsi2gCs5TJz8nwJhVHDh5WZY4m1gzd8hVdlbKZqaGVOOT_8yvWrUT0i9_hRHJdoN9zgD7VxrnG8I3C8iqLfQQQszrHmsNbr2OU1F5QuzMt2iw6cseaj_oI_p51yg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
75261872
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2B0B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2B0B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B0B 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2DDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C56xRPV-2Y9jgHtWXtwe26oeoCJ_Fv-tp_L_cmbwPqtyPmaUjEAEgv4vmEWCV4pCCoAegAa2WmtkDyAECqAMByAPJBKoE-QFP0DxzqwNR1nfx-4oNwJYyoayiQLpbTcFXCmIIhLvhL0rmrxpTrxKLOAFGJJS_hW_BFrOAQUEoaHs08kYN8BfrXzz9UaNCXzb1MskBUk5rRSaq0s8lqtp3sRnO1_ZWe9pPlUXSvj3jNnB65vrKdb07HNIv61yNoiUVnqgQoC5bRK59SIL2a1cyyJ5v2R8slTraUzI7OVx4Xd_DfMXx7340O86qNUh2dcpMPtm0I1cs4EXPoXgPT7c53Bd-0NIqKxjq8BEBtGUZss5czagLMBPa30Yu8wB490i-W7TfmrBSItgbaGceOM6GbazIuzz8d4InsC_QxDCzQWvABKvRwc77A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe76eUmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtIgD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc1MzE3Mjg2NDg1NjU2MxgA&sigh=vbw4zI2X9qo&uach_m=[UACH]&cid=CAQSOwDq26N95VbolrrLO5Rp4PJN883tOXqLzmMDHmBWMJQ5poYFPLkvo3ghoR6ncESrgwsGMMXe2rg8C8LsGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame F95B 		89 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kzx8cnzrx4fn66gpbn97a1w5fjahz4gz0nvjqmjjp9w65y54m44se1xpx5fs0d1gxkqpppt8qpawrt8as5k5ptp76e5hv7t4kjj4s143h2w2cqfwe63tse0rq4cn2pay6texq7j9b2t5gqgh57186rwpetetppdw3hfr45jk7y8d4h5304hr8v870s1ymkkh63y4g38za22nc85pqa88c7k1wjtectf2ptch0rd5zamf9y9tjmert4wz0zc7vdfr9yv9c82j031zew8fycf1fz3tfj0es1b72n8czateyvabftprhf5yew99qxavb839tnkyqks14j0ra1dk7fveds3p34w26dcdmb306np9pcpjpggy6zymng1ybbyh6y63zmn3t1v85683j8jm7pnv31h966f3sqg756hzf9t3vgdxg6a9mw1751hzkg43266ma1as8hy74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kzx8cnzrx4fn66gpbn97a1w5fjahz4gz0nvjqmjjp9w65y54m44se1xpx5fs0d1gxkqpppt8qpawrt8as5k5ptp76e5hv7t4kjj4s143h2w2cqfwe63tse0rq4cn2pay6texq7j9b2t5gqgh57186rwpetetppdw3hfr45jk7y8d4h5304hr8v870s1ymkkh63y4g38za22nc85pqa88c7k1wjtectf2ptch0rd5zamf9y9tjmert4wz0zc7vdfr9yv9c82j031zew8fycf1fz3tfj0es1b72n8czateyvabftprhf5yew99qxavb839tnkyqks14j0ra1dk7fveds3p34w26dcdmb306np9pcpjpggy6zymng1ybbyh6y63zmn3t1v85683j8jm7pnv31h966f3sqg756hzf9t3vgdxg6a9mw1751hzkg43266ma1as8hy74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%26client%3Dca-pub-9753172864856563%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
751082
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6jNGBWgOiEHnz759qjiXGo495DfDzGvNnqS1AWX%2FchmftTVYkhqM0PtwlzG5Y0ZWML9Hv5lJtwqFjTNkDl3ffmfcareO%2Bxw3zVSTpO%2Bi0RD7yk%2BU1BUISXfedbX0NAXBGRtRvVtE6I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
7849cae2f8ab6977-FRA
expires
Thu, 05 Jan 2023 06:25:17 GMT
r62eglto.js
ad4m.at/ Frame F95B 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kzx8cnzrx4fn66gpbn97a1w5fjahz4gz0nvjqmjjp9w65y54m44se1xpx5fs0d1gxkqpppt8qpawrt8as5k5ptp76e5hv7t4kjj4s143h2w2cqfwe63tse0rq4cn2pay6texq7j9b2t5gqgh57186rwpetetppdw3hfr45jk7y8d4h5304hr8v870s1ymkkh63y4g38za22nc85pqa88c7k1wjtectf2ptch0rd5zamf9y9tjmert4wz0zc7vdfr9yv9c82j031zew8fycf1fz3tfj0es1b72n8czateyvabftprhf5yew99qxavb839tnkyqks14j0ra1dk7fveds3p34w26dcdmb306np9pcpjpggy6zymng1ybbyh6y63zmn3t1v85683j8jm7pnv31h966f3sqg756hzf9t3vgdxg6a9mw1751hzkg43266ma1as8hy74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
168920
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAH%2BlXXct0bzCO%2FD9G4bh4hmnHGQI3kQmKj7OuVEjRsi87tlNVWpmL2hHYCUQcWxGKJoOEVA%2FqoepOUIR07OmhIVMkl4ZmnUBJ3Hw7jiCvnVWggD%2FNkDyyI%2BJesbmvaB6D%2F6G0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7849cae2ffd4bbf8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 06:18:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EA21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CN9U5PV-2Y8D6HtmutwerhJjYAp_Fv-tp_L_cmbwPqtyPmaUjEAEgv4vmEWCV4pCCoAegAa2WmtkDyAECqAMByAPJBKoE-QFP0KaRvGbtn14ZM6yJ_0ydkK-kh3b_KsJuo75V3lR8dN2DuDNhhVPkCdIMEgqbl37ureP6Q8NVDGoAxMHFeYQTTO1cHReq5J0G8weBd3DTayQFOicTzhyg2oHxGPb3l0jZmYtarkxU3ubQmfPNwbOSW089h5_0zZq-LW4mT51GfZPYC_VFP3cnfdCcsXBpIqX08Wx7kzyjYWIzodihlCbLYN0TOPmkBlktpz3QVYQ5laBz7Bcx2pDvxX-UQJnWhQKr4OyvBjB067-8T6iFt33GfTUATvvPoA34Ht92FrRRVCtlwkda0_BKA3qaqByHCZ20ciVDg1-IUYTABKvRwc77A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe76eUmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8P4B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc1MzE3Mjg2NDg1NjU2MxgA&sigh=sYlRli2kazM&uach_m=[UACH]&cid=CAQSOwDq26N9vG6V-kW-qBor66P6kgFKWwkSnal3pPFt08I4D6PIHFWtnFjg0crViilHHezp-LRdRJ1OH6RuGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 537A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5447071101362623&output=html&h=280&slotname=8594907759&adk=2116639384&adf=3025194257&pi=t.ma~as.8594907759&w=1200&fwrn=4&fwrnh=100&lmt=1672896316&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896316291&bpp=2&bdt=291&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2837549430466&frm=20&pv=2&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=geelAULvmc&p=https%3A//www.bagnet.org&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
view.aspx
pb.media01.eu/ Frame 0366
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14577000018871800951433012195021&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=14577000018871800951433012195021&actionid=981741&produktid=&dt_url=
0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=14577000018871800951433012195021&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:16 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 05 Jan 2023 06:25:17 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Thu, 05 Jan 2023 05:25:18 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=14577000018871800951433012195021&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
B9D59BA6:BB2C_91EFC182:01BB_63B65F3E_7155CD7:2BF9
/
adv.office-partner.de/ Frame 4D97 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 05 Jan 2023 05:25:18 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 12 Jan 2023 05:25:18 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame FC48 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14577000018871800951433012195021&nw=1
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
ca0ca2d24b6f03289e8e39871726e296611dfcbc8f695d890b7412ddea6c8bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
last-modified
Thu, 05 Jan 2023 05:25:18 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 05 Jan 2023 05:26:18 GMT
activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936
5994599.fls.doubleclick.net/ Frame D421
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936?
391 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936?
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
25d3c90aff0a34081d1c94ec3bdb9d0fcfcdc83eb5c9ce668ad6dba13c4853ef
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Thu, 05 Jan 2023 05:25:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900021.redintelligence.net/ Frame 2ADA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=d21f61992f&subid=&uid=3a6bad7935333430&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8681009602786294126%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=3898044008617&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5b6ae43415f2fe5475c36857b2081059f3ef3967d9c3f0ac9b442dcab36add89

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2015
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:18 GMT
Expires
Thu, 05 Jan 2023 05:25:18 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame FC48
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14577000018871800951433012195021
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14577000018871800951433012195021
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:28:25 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA6:BB2C_91EFC182:01BB_63B65F3E_7155CDC:2BF9
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame FC48 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=14577000018871800951433012195021&pv=1
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.147.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-147-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 00CC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:18 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame FC48 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QKUEvBMFAkAAAMA1gAFAQi9vtmdBhDt_5Ptr_C6rT4Y56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPQ0ATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXj28QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM4NjgxMDA5NjAyNzg2Mjk0MTI28gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD01MzUxNjAwMDgzMTI5NTg4NDE2Jm10X2FpZD04NjgxMDZ-ADAmbXRfaWQ9NjYyMjM5BQ4kYWRpZD0yMTY1MwUPKHNpZD00NTYyMzEyASwYZXhpZD0xMwELGGluYXBwPTABCzxvcz0mcmVkaXJlY3Q98gIXLhcBYGdkcHJfc3RyXRIA8gIZChRbQklEX0FUVFIJGjhmbGFnXRIBMPICHgoUW0ENGzBhZHZlcnRpc2VyXRIGCY0Q8gIdChIVISxjcmVhdGl2ZV0SBzYJvBDyAigKERldHGJpZF9pZF0SVnMBuMgKChJbTk9USUZJQ0FUSU9OX1VSSV0SsQo8aW1nIHNyYz1odHRwczovL3RhZ3MuLnMBVG5vdGlmeS9pbWc_ZXhjaD1hcG4mc18VC_BGaWQ9NWFXOTVxMmpMekl6THlBdldsUlJOVmw2VlRKYWFtZDBXVmRhYVZsNU1ETlpWRTE2VEZSQmQwMUVRWFJOUkVGM1RVUkIJEARkTgEQ8MlMemcyT0RFd01EazJNREkzT0RZeU9UUXhNall2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDJaVmMzWXpObHBZVFdKRlNFSjZNalZRTUd4c1kyVkZaMVZwV25kcGFscEplVW96VDBsSU1WUlhaR3N2TVM4eE15OHdMekF2T1RVMk9EQXpMek14TVRjM09ETTVOelF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwAeQIZE1WESAARQUQBeQAVBX0DGN2TUMJfAkIZvwAsGVuSm9MekF2TVRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1TQFULGpBd01DOHhOamN5TyFM8H16RTNMekUyTnpJNU1EZzVNVGN2TVRNdk1UQXlOalF2L2I0S3Bld0dfUFlMa3R0cDBuajh5aHdSNjQzSSZub2RlaWQ9Mzc1MSZncm91cD16cmgmYXVjdGlvbmlkPTg2ODEwMDk2MDI3ODYyOTQxMjYmcGJzX2F1Y3Rpb25pZD1OIgAgc2hhcmRrZXk9Uh0AfYsAY321PGJwPWFfYWVmaWlhJm1pbl9B-yB3aW49JHtBVUNF3fCVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjEzOSZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlcAkuNGxlZnQ6LTEwcHg7dG9wDQpIIHBvc2l0aW9uOmFic29sdXRlJ2WgBCdobaEUcGl4ZWwuLqIDEGV2ZW50ZaGJ3RgxMzY4ODc1gamR3RQ3NjQmdjGByQR2MlJsASx2Mz02NTE4NzEmdjS1AAR2NS4pBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gAAdD6HBBnlJa4obW1JbXBUcmFjayaViwBiWocCBHN0FdIkdGltZT1bSU1QX6WSAQ8AXS7bAnLTAPB9L2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APVlULgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASm4eZYiAUBmAUAoAXAtY_3vv2sokrABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYvrS_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwZJJBzIB_bxBdIHDRVuAS8I2gcGAWdwGADgBwDqBwIIAPAH5MIBiggCEACVCAAAgD-YCAE.&s=d804bd271ee349853bb2bca1ef1b2b935c57dd50&bdref=https%3A%2F%2Fwww.bagnet.org%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.bagnet.org%2F,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dngkgwzlc%26e%3D1610118725716&
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ngkgwzlc&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:17 GMT
AN-X-Request-Uuid
4e2f327d-de4c-48a4-ae2c-a68677c97cab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B677 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Origin
https://randiul.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 14:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 14:16:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame B677 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24035856.271959736;dc_ver=92.271;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;aucid=1986331155412975150;crid=240739625;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2928284358;ord=r6wrnz;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FQZqxaDo7eT8ELxyH_81yPwAAACBcj-o_BC8ch__Ncj9CmrFoOjt5Py5-rmyp3ZAb5xVHCrR_u0c9X7ZjAAAAAOkSPwEYKAAA6h8AAAIAAAApZVkODQsjAAAAAABVU0QARVVSACwBWAKaDgAAAAABAQUCAAAAANIA5B-bZQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521CBaJNwiV2dQVEKnK5XIYjZaMASAAKAAxmpmZmZmZuT86CUFNUzM6NjAzM0CUMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNBTVMzOjYwMzM%3D%2Fbn%3D96545%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fwww.bagnet.org%2F$0;xdt=1;crlt=nb6H)qoQIk;gcsr=m;stc=1;chaa=1;sttr=97;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
6404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:38:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B677 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 14:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 14:16:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 04:25:02 GMT
expires
Fri, 05 Jan 2024 04:25:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D14C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0db115d9306bad55b9b3278fbd06141d3972b9b431cdbe88483b0a659c427a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XNRu0zol9LPUUgOsamJv2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bagnet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-XNRu0zol9LPUUgOsamJv2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Thu, 05 Jan 2023 05:25:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9FCC 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Origin
https://randiul.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 14:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 14:16:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame 9FCC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B28229300.341737011;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;gdpr=0;aucid=8759338770679901928;crid=372961559;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2973613025;ord=0ljmh9;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_znMlxdgfz9zv1XrPGJ3PwAAACBcj-o_c79V6zxidz__OcyXF2B_P-iurvUzbI955xVHCrR_u0c9X7ZjAAAAAOkSPwEYKAAA6h8AAAIAAAAX8ToWDQsjAAAAAABVU0QARVVSACwBWAKaDgAAAAABAQUCAAAAANIAcyNKyQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521NBb_TAjIhNQVEJfi67EBGI2WjAEgACgAMZqZmZmZmbk_OglBTVMzOjYwNzFAlDBJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODE3MCNBTVMzOjYwNzE%3D%2Fbn%3D96754%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fwww.bagnet.org%2F$0;xdt=1;crlt=nb6H)qoQIk;gcsr=m;stc=1;chaa=1;sttr=138;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
6404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:38:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9FCC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 14:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 14:16:55 GMT
dpixel
cms.quantserve.com/ Frame 98A3 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElYxQTK3oNGjFbpHQq-xF0&google_cver=1&google_push=AavPq0PJt1OrRNy0HSMUlcX3ZDaKtl_oklJPnt42QMSraxc_mVZp7v5ZbUdJmuMPk789VdITJ8b-Zz_y2R9KA_GXM0qxdB3Fwz50s-4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98A3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF6sqHgzneM4V4ArY8tNArc&google_cver=1&google_push=AavPq0MqXufaMOiERB5PvjJ0NzOWw_3bApAu1GilSguXZh9-ym9oQ5LhEu7i5lFmJ-1Ye5cU9cg83bIrjwivCMrN...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0MqXufaMOiERB5PvjJ0NzOWw_3bApAu1GilSguXZh9-ym9oQ5LhEu7i5lFmJ-1Ye5cU9cg83bIrjwivCMrNrlDj8SXG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0MqXufaMOiERB5PvjJ0NzOWw_3bApAu1GilSguXZh9-ym9oQ5LhEu7i5lFmJ-1Ye5cU9cg83bIrjwivCMrNrlDj8SXG5MytLw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0MqXufaMOiERB5PvjJ0NzOWw_3bApAu1GilSguXZh9-ym9oQ5LhEu7i5lFmJ-1Ye5cU9cg83bIrjwivCMrNrlDj8SXG5MytLw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:17 GMT
pixel
cm.g.doubleclick.net/ Frame 98A3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM024VYDR27kuTK_wd66I6k&google_cver=1&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDB...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM024VYDR27kuTK_wd66I6k&google_cver=1&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_Ap...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196424583295410&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDByJzxSzUCf_s&google_hm=oU2sosGhT1-WZVF9XWUl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDByJzxSzUCf_s&google_hm=oU2sosGhT1-WZVF9XWUljw==
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NdYTWvUDK3CvGCCiDoo35UVPXFqT55Jq7sAmRuL9wL9QzdpDucZeyQ7zVJJ5CYDgpe7PgstLzPyup_ApcPRrDByJzxSzUCf_s&google_hm=oU2sosGhT1-WZVF9XWUljw==
date
Thu, 05 Jan 2023 05:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 98A3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHBYerjNF9DdKcl3p74ruGU&google_cver=1&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb79...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHBYerjNF9DdKcl3p74ruGU&google_cver=1&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA5ODk5ODAxMzQ4OTU0MzQ4Nw&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA5ODk5ODAxMzQ4OTU0MzQ4Nw&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb79AqF-19JkOWLMpC5WN4uJCLs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA5ODk5ODAxMzQ4OTU0MzQ4Nw&google_push=AavPq0OoWA_7ybZpM4D7vc86nyjn6swKfa-m01F-8XypR_Fhn9xJ_PTfRJ7QIkhDqUoQZIwsDy8ljb79AqF-19JkOWLMpC5WN4uJCLs
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 98A3
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC3p4tHoYDGCT8aIcen9r0I&google_cver=1&google_push=AavPq0NvSYUVSOju-vvV4cvA2J9g096_Chs07o1JuBDR82NZ5Umj6Uzu_66uoH8z3MZB-8xKG57iNzLj2xVn5jRx...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NvSYUVSOju-vvV4cvA2J9g096_Chs07o1JuBDR82NZ5Umj6Uzu_66uoH8z3MZB-8xKG57iNzLj2xVn5jRxkbgIrRNTFpCwYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NvSYUVSOju-vvV4cvA2J9g096_Chs07o1JuBDR82NZ5Umj6Uzu_66uoH8z3MZB-8xKG57iNzLj2xVn5jRxkbgIrRNTFpCwYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Jan 2023 05:25:18 GMT
via
1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NvSYUVSOju-vvV4cvA2J9g096_Chs07o1JuBDR82NZ5Umj6Uzu_66uoH8z3MZB-8xKG57iNzLj2xVn5jRxkbgIrRNTFpCwYw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
J2uMZ1EhpjCMrSUVp__qvtsFjBsYoyKCbrUChWwLl4rpK2mbUW8r4g==
pixel
cm.g.doubleclick.net/ Frame 98A3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO6YrR7_XHuUWXGvi9NvbaM&google_cver=1&google_push=AavPq0MX0mr39IUfbx0wz75P9A8wc8cWM_OfYe0KkYXZlx6-nefa29Z6txPla7hwBqbTIu6Mxs-q63ZbpQhG...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MX0mr39IUfbx0wz75P9A8wc8cWM_OfYe0KkYXZlx6-nefa29Z6txPla7hwBqbTIu6Mxs-q63ZbpQhG1kNtyj8HDopeYCzivNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MX0mr39IUfbx0wz75P9A8wc8cWM_OfYe0KkYXZlx6-nefa29Z6txPla7hwBqbTIu6Mxs-q63ZbpQhG1kNtyj8HDopeYCzivNA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MX0mr39IUfbx0wz75P9A8wc8cWM_OfYe0KkYXZlx6-nefa29Z6txPla7hwBqbTIu6Mxs-q63ZbpQhG1kNtyj8HDopeYCzivNA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 98A3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NSb6XEYg2PY...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NSb6XEYg2PYoFReJxy3pVf35AJwr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NSb6XEYg2PYoFReJxy3pVf35AJwrxopigyeFPnaC0oGrS7ecRt_e-4RBhBfj-ASmdCs6Lc0z2dGwmPVi-cPAnAMKacTVScYVSY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
34c01a27-4a3f-42bb-a125-c7ce48daf841
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NSb6XEYg2PYoFReJxy3pVf35AJwrxopigyeFPnaC0oGrS7ecRt_e-4RBhBfj-ASmdCs6Lc0z2dGwmPVi-cPAnAMKacTVScYVSY
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 98A3 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiT9qIEXz9zti1fSTlhcvez99eI8DkpQccAmicpH5wZUEKchJmLJiyE-6C4poeweORoQilOw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=50&adk=4281681145&adf=3245410629&pi=t.aa~a.960599413~rp.3&w=459&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=459x50&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=1&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240%2C300x240&nras=4&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=63oJUr51VX&p=https%3A//www.bagnet.org&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame D0DF 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9464 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 15:03:50 GMT
etag
48472445140208031
expires
Thu, 05 Jan 2023 15:03:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 6295 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 05:07:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6295 		2 KB
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
4745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:06:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 6295 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 04:05:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6295 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6295 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6295 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:18 GMT
148b897ed20242fb53e65c70a8c63c89.js
www.gstatic.com/mysidia/ Frame 6295 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 19:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14307
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 19:06:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:37:16 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 96D9 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 266C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 15:03:50 GMT
etag
48472445140208031
expires
Thu, 05 Jan 2023 15:03:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E7E7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f43d5de01eefa15a078ae995ade4817b8852ec819efd5c195af4d5b499400711

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view.aspx
pb.media01.eu/ Frame CE32
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=77140700020302200951433012195015&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=77140700020302200951433012195015&actionid=981741&produktid=&dt_url=
0
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=77140700020302200951433012195015&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:16 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 05 Jan 2023 06:25:17 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Thu, 05 Jan 2023 05:25:18 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=77140700020302200951433012195015&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
B9D59BA6:BB2A_91EFC182:01BB_63B65F3E_714B342:11270
/
adv.office-partner.de/ Frame B60A 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 05 Jan 2023 05:25:18 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 12 Jan 2023 05:25:18 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 6FBE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=77140700020302200951433012195015&nw=1
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4f857b2cffdc9c3bce892d6a74b31ba66f0ffcd334b8a9f7138298f88ba34c36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
last-modified
Thu, 05 Jan 2023 05:25:18 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 05 Jan 2023 05:26:18 GMT
activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733
5994599.fls.doubleclick.net/ Frame 0146
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733?
392 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733?
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
de16ec00def665e0b075cd109c67e903e97e82c749119bd4b699d1dfdd02753b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Thu, 05 Jan 2023 05:25:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900015.redintelligence.net/ Frame 163E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=511671ce41&subid=&uid=6e7264b37c36e7db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2916402079752059002%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&ancestorOrigins=https%3A%2F%2Frandiul.com%2Chttps%3A%2F%2Fwww.bagnet.org&random=2448736823363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cf5f9d5f4d69d37f2688711998ce2ced84e6521a6e821417af27681284fc7da8

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2016
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:18 GMT
Expires
Thu, 05 Jan 2023 05:25:18 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 6FBE
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=77140700020302200951433012195015
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=77140700020302200951433012195015
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:28:25 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA6:BB2A_91EFC182:01BB_63B65F3E_714B348:11270
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 6FBE 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=77140700020302200951433012195015&pv=1
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.147.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-147-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame EE6B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:18 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame 6FBE 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QKUEvBMFAkAAAMA1gAFAQi9vtmdBhC9stK6zqOl93UY56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPQ0ATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXjm8QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhMyOTE2NDAyMDc5NzUyMDU5MDAy8gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD00NjM5MTk4OTc1NzExNjUxODQzJm10X2FpZD0yOTE2NDZ-ADQmbXRfaWQ9NjYyMjM5NgEOJGFkaWQ9MjE2NTMFDyRzaWQ9NDU2MjMxBSwYZXhpZD0xMwEpGGluYXBwPTABCzxvcz0mcmVkaXJlY3Q98gIXLhcBYGdkcHJfc3RyXRIA8gIZChRbQklEX0FUVFIJGjhmbGFnXRIBMPICHgoUW0ENGzBhZHZlcnRpc2VyXRIGCY0Q8gIdChIVISxjcmVhdGl2ZV0SBzYJvBDyAigKERldHGJpZF9pZF0SVnMBuMgKChJbTk9USUZJQ0FUSU9OX1VSSV0SsQo8aW1nIHNyYz1odHRwczovL3RhZ3MuLnMBVG5vdGlmeS9pbWc_ZXhjaD1hcG4mc18VC_BGaWQ9NWFXOTVxMmpMekl6THlBdldsUlJOVmw2VlRKYWFtZDBXVmRhYVZsNU1ETlpWRTE2VEZSQmQwMUVRWFJOUkVGM1RVUkIJEARkTgEQ8MlMekk1TVRZME1ESXdOemszTlRJd05Ua3dNREl2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDJaVmMzWXpObHBZVFdKRlNFSjZNalZRTUd4c1kyVkhlRWRrV21OZk5qaFFZbTFYY0hGNlR6SnRNMmN2TVM4eE15OHdMekF2T1RVMk9EQXpMek14TVRjM09ETTVOelF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwAeQIZE1WESAARQUQBeQAVBX0DGN2TUMJfAkIZvwAsGVuSm9MekF2TVRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1TQFUXGpBd01DOHhOamN5T0RrMk16RTNMekUyTgFk8ExEZzVNVGN2TVRNdk1UQXlOalF2LzBKdWJVTWpJQzBnclVYeDRhVmlBODhqTW9NWSZub2RlaWQ9Mzc1MSZncm91cD16cmgmYXVjdGlvbmFCDDkxNjQ6bAMQcGJzX2FyIgAgc2hhcmRrZXk9Tj8ALosDAGN9tTxicD1hX2FlZmlpYSZtaW5fQfsgd2luPSR7QVVDRd3wlU1JTl9UT19XSU59Jm5meV9hY3Q9TEQ1d2V3JmJmaXA9MTg1LjI5LjEzMy4xNjImdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJwVDZXAJLjRsZWZ0Oi0xMHB4O3RvcA0KSCBwb3NpdGlvbjphYnNvbHV0ZSdloAQnaG2hFHBpeGVsLi6iAxBldmVudGWhid0YMTM2ODg3NYGpkd0UNzY0JnYxgckEdjJSbAEsdjM9NjUxODcxJnY0tQAEdjUuKQVIbnN5bmM9MSZub19hdHRyPTEnIFIMAQAvVugAADkR5wEJguYAAHQ-hwQZ5SWuKG1tSW1wVHJhY2smlYsAYlqHAgRzdBXSJHRpbWU9W0lNUF-lkgEPAF0u2wJy0wDwfS9kaXY-gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD1ZVC4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEpuHmWIgFAZgFAKAFg9CY7bjc77BAwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGSSQcyAfm8QXSBw0VbgEvCNoHBgFncBgA4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=fcb5ee7ce619579ff60cda552298b547ccf848b7&bdref=https%3A%2F%2Fwww.bagnet.org%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.bagnet.org%2F,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dbpnfgmoowy%26e%3D1610118725716&
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
5f52e3a9-2244-4f3b-833d-c332643950ae
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 2DDF 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
713ae97d31bf86d790d5f9e88f200a98d8eedf619fd65ff1657f043b615357e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2B0B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bd99996fdd0c897b2a2f893a54ecbe294a8ef9a614a623e69da1c5b227b4f60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F95B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26831349
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tgLN5v8UJaOx2sl8RsM%2F8iWnZ%2BDA%2FVOFpi5UkWBGL7TFw2Gx%2BYn%2BBS0%2BC%2FYHtYT%2BVpmKkWBEwDb2HJ54JLfwxr1P7JuSlej18hi9rJA8I3A9rRC9CfQE4imidr0g4CcJopHVd35QwqfcJ%2BtbjaLCRqc"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7849cae51bb79bf2-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
css
fonts.googleapis.com/ Frame 2ADA 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:52:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:18 GMT
/
hal9000.redintelligence.net/scale/ Frame 2ADA 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
da836acec254a091788a1c05d94c4dd8b90ef08ad8f131dbba15674a53eafda9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2ADA 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
dc1ef5427d2deb244b01a3420995b5b67e15bff1a58c4ee6c06fdd4f1eaedbee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
55254
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2ADA 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
c5e583cd798951eeee7018e4307bad8321815f034ba57949d8a45080ad380bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
css
fonts.googleapis.com/ Frame 163E 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:25:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:18 GMT
/
hal9000.redintelligence.net/scale/ Frame 163E 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
da836acec254a091788a1c05d94c4dd8b90ef08ad8f131dbba15674a53eafda9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 163E 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
dc1ef5427d2deb244b01a3420995b5b67e15bff1a58c4ee6c06fdd4f1eaedbee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
55254
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 163E 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
c5e583cd798951eeee7018e4307bad8321815f034ba57949d8a45080ad380bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame D154 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcCsCPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSpAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv610MiCnHtBwSXzwHSz8nPy8_oY29t4TvpR6VZknbYzd0b1Gwf0J-AEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMTI4NzU3MTY3ODEyNjYzGNztag&sigh=QdelCKRg0kQ&uach_m=[UACH]&cid=CAQSOwDq26N9s7xjcG7ykiGw_lbHWF1ZCEwhDrTJtYZDopkms53ZdR8dkmMYbqNOV5u0KJi0IIYMLslEZ-rVGAEgEw&tpd=AGWhJmtTIgWvpb4d_ziYgKBNc8g6CRHxhlC4KHPtVaRonYHqiNVhTDghD-vl6l-ln30jTYdlRxvIqStuWl1urCvXVn3AyGkEEtgBSh5ix7IX2UEyyrt6lEOwWfUrJD3P9zi5GwarEA9fFX1uDzHVaAtn5lHXt9O7l1mbU8HrEo-OTl2dZKTp91uGSii5IKU03Hrp3m2IYEq4qE95rvRCzs9yvQ6F5Rx-4DxJEoaycGQxFdhUBagGgBctmt5sI8Q8IIZTGOjwHchGd9Dh-NYkQcmbREu6ya4tLAxQhMTJq8aWM2eCbnL8NuoeRrpU_PrBzCyd2xOkvkWF_zDnHWstF-cLA1LoqI8UNPptT4A9r1_fzxWw2EZz_FRqjqAYtWrxMKMBC6O1pjLqW7mjC_n1W3Ryn9PtipVRPMwObVucc-yI9KLTWUKjZNpGr1gSvfsnysGKSk7Zz5baUQYI6yklqmNgYMCO0Nieaa78U1dGhW3IRRCppEC9hYqyiIjgceD5TD-SA_wNa60HHweAiCyFQB0J80w1osm_7y7PF8jo9bvBG_dlCZZiY7v4nBrOhxw-5ceHKhQbuv_d7E7AoQJ-X47nFK07_n3CuskA3TzxWtUyB4jd4_NwvuG0bLxBYgkgX0kN4EQEEaQ8KQ7fYcTXfSbaC36hyty0T3VBTZJE-P9cTJ_vIH86PxK0rJsPlNCexYt01BuV0RS3ddstiG_2_35KBpehahi9J81bX2w_Klmx-VUEqVuHjokB-ecAqUZfDypeEmmJIYuYqlsWojChyvIhIfsqJ0WkBPLL4_w-IjDVEREUqXd09DKjpiVum64LYxjS-NeMU-q3H0iADCDpZ9MvePJ0foVY-GUZRBEc6flbnuhPDvaldO6oAXP2TRGSc5owOtZSnhf58Y6ZOuUeeCRV6IWSxe7DXtkIypUfxbfsGIe1D3bdXkwhy4kvWxxPwBw69KAtKooBY_5TIUUcUJig7e0YrO3ORbpCHhaxMnuiu_nLyhpj8Q1a4seMApBQPq67BKGF0fbnmjgNgat2bb2snzN0D9gkPQEXviVqqxsXSmcjzxFLAO90BsNlxL-QSKtnpJ0elJGbmD-9an-wQCyOK-t6odyVhq3U1Zaygb9PDEAX8PMxLNLnQM10Fk9sog
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame D154 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RCa01HTmhaakl0WW1ObVl5MDFZalJoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5MTY0MDIwNzg2Nzg0OTc5MzMvMTEyMDQ0MTEvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFrVjJNai1ZSmlwQ1RHcTZadnVQYV8wLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMjkxNjQwMjA3ODY3ODQ5NzkzMy96cmgvMC85MTYyLzQyLzk5OS8yNTgvMmEwMzoxYjIwOjY6Oi8wLjAwMC8xNjcyODk2MzE3LzE2NzI5MDg5MTcvNC9wdWItMjEyODc1NzE2NzgxMjY2My8/vbwtu6OwB0_ZAixhnDCQTmdr2hM&nodeid=3773&group=zrh&auctionid=2916402078678497933&pbs_auctionid=2916402078678497933&shardkey=2916402078678497933&sid=12780336&cid=11204411&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%26client%3Dca-pub-2128757167812663%26adurl%3D
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
eec01eb5bdae73de3848d6be901149d7053f9321e6e3b55708212bb52e745310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
x-mm-nodeid
3773
x-mm-handled-by-owner
true
x-mm-bid-request-time
1672896317
Last-Modified
Thu, 05 Jan 2023 05:25:17 GMT
Server
MMBD/3.374.2
Content-Encoding
gzip
x-mm-latency
18 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x25, zrh-bidder-x160
Connection
close
x-mm-lag
1
Expires
Thu, 05 Jan 2023 05:25:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D154 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D154 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:49:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:49:22 GMT
l
www.google.com/ads/measurement/ Frame D154 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK_tPGDieFrvjCeHSz5dzbO6O1Z3XMd6Ev2god4f2PS8G107Yr5ODd5yyo9RA3eqYkq2hy2Le9SQJy7kkk-lgR16IaTg
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D154 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 13:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
59087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 13:00:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D154 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:18 GMT
ca
choices.trustarc.com/ Frame 9FCC 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=300x600&c=1975396276&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1975396276&sz=300x600&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
46cdc8280342dd2f156c4e99f7e6ecd678bbd742c1e9cc2d29497e0f42b4085e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
icrS6ba-FP5CKvRgHaUODPVwgIPUrkAzrgZw9h7UojNhgXBqXtIuLw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
frame.html
ad4m.at/ Frame FEE1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
724803
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7849cae5bb9e6977-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwKsnJOnKRx5rPQCqB26kfgdANb5Uev1r4m39ITKYDNp%2BoFzG18efxab2qiCnHQpihUQRC1s%2Fp3NUD9G2DCQCOAZ4GwNE9npx%2BM0uDAsUt2T4PR88XWXAz9CzFbuOEQNqUU0BlI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ca
choices.trustarc.com/ Frame B677 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=300x600&c=480201510&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=480201510&sz=300x600&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
603705277cd638b9b9dd0b05e0852b2d3268b90f4b024931ccd989b2d2d9199d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
XLPFfA1Rv36FawyhP8KlVtp9BFP9vBJzyv1AOlCmQzmEnNuvqefaJg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E631 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:18 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E631 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:18 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E631 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 31 Dec 2023 05:25:18 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E631 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 31 Dec 2023 05:25:18 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame E631 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pgnSI_xkRlSKsjdUuGPA-4-HPEMGWFBhUZv8SScndgAHNCOkdkPx3yYtXu8DkIruECzmOQFin89Xd7WncydOOsQE-zR1UOshcaQU-8SdSs5XHV7nEuJF7_rzMkSPaMeLfC3soqi2iOSGNgm7kk6HZEPkmAyoSDO6jHoeaKvVgJTrkFIiOMWPVk053ro5bXDgA1x65CV7-wiQa1UFnuUjeFnrb6oeeTJkVvAH4DR6glbqgBlYB3eEd04A7lUwb9TmlHuNqFEzhQ90qhtku1tLPj4gj6YmNYXup28T7aJRT3OYGGlLpq5-JFFUsBCHE56619mQan7nNiWgqToksVnGrX5ckrbjiuZ1H1XUfcb39yHPCjS6QIHhR75zfghAuMF5PQFY7Mbg-1WMwPGTHH0M38aWklt-W_ujaa-yxobZOh-2E-0dZoQWzkac_eD5XmUerGVBDg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3723909
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 4D97 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62e81a9eee3bc60535be504466538cc2d842f234d6d394cc77baf2f60db12f0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40324
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Jan 2023 05:25:18 GMT
gtm.js
www.googletagmanager.com/ Frame B60A 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc437c497430ad8639c9f66ac61c4eaccc3a5761bb0aa503607f5021d571a4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41985
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Jan 2023 05:25:18 GMT
async_usersync
ib.adnxs.com/ Frame 00CC 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
53627178-aeb5-491f-be19-27da0b3b03aa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EE6B 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
807c789b-103f-4e2f-8974-7c3cb6959670
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733
adservice.google.com/ddm/fls/z/ Frame 0146 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CL_lqbbYr_wCFQXOOwIdm-oOKg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2771455444293.6733?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/15405505415613369531/ Frame 3C83 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15405505415613369531/2076313506083323656
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b4a9f64b39fe8873a8e740128aa89629ee99e94a29efc0b7cca5afa4b6c5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 12:39:49 GMT
x-content-type-options
nosniff
age
319529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46603
x-xss-protection
0
last-modified
Fri, 17 May 2019 05:50:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jan 2024 12:39:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6274636921399627/ Frame 3C83 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6274636921399627/14763004658117789537?w=100&h=100
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8643fe850dfc6fe7ba23a8f5ab19123fa452d2a956fbe3f50dc1ccdaed692c77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 15:23:24 GMT
x-content-type-options
nosniff
age
309714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2489
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 12:52:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jan 2024 15:23:24 GMT
truncated
/ Frame 3C83 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C83 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da1a14dedcb10fba0dd0ce4a5a3fce749ffc72da0dcd65cf592a7b628d4af61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936
adservice.google.com/ddm/fls/z/ Frame D421 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPThqbbYr_wCFa_MOwId_kMHqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=700582322111.6936?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9464 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEJn1xR9cmPB2f6SUFi6z7U&google_cver=1&google_push=AavPq0MbNbEMgxOWTDvzCwYKai84WzoIZ8Qs7HCoFzbNfDvwN28ts1uiHUPTISE7Ot01gRyZUUjqD9BB7dGbDdlceA-Gs2UFKCPvsu0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9464
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF6sqHgzneM4V4ArY8tNArc&google_cver=1&google_push=AavPq0Nwdse0X7eqn6xXPEGW-dY1D5EKP-ftzKvF4Ooa-svX1l9WxGqv4aOCxMSxMicSDepqryBAcvdSuf9I_0iu...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0Nwdse0X7eqn6xXPEGW-dY1D5EKP-ftzKvF4Ooa-svX1l9WxGqv4aOCxMSxMicSDepqryBAcvdSuf9I_0iuFBlg2PNP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0Nwdse0X7eqn6xXPEGW-dY1D5EKP-ftzKvF4Ooa-svX1l9WxGqv4aOCxMSxMicSDepqryBAcvdSuf9I_0iuFBlg2PNPdnktkQI
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OrJjtl8-SwC2MkDIZ31Nug&google_push=AavPq0Nwdse0X7eqn6xXPEGW-dY1D5EKP-ftzKvF4Ooa-svX1l9WxGqv4aOCxMSxMicSDepqryBAcvdSuf9I_0iuFBlg2PNPdnktkQI
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:17 GMT
pixel
cm.g.doubleclick.net/ Frame 9464
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJcHmaBFWR1NQ9lRQyglTQE&google_cver=1&google_push=AavPq0NdY_vIRuCbYtlHGkxpOrTqMQ6HZ3KXq98vNEvrUCiAMdLyjkcvM0C7TK1zNfoeqnQ17_-V8gWMXhG...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NdY_vIRuCbYtlHGkxpOrTqMQ6HZ3KXq98vNEvrUCiAMdLyjkcvM0C7TK1zNfoeqnQ17_-V8gWMXhGkoSYWgI5dVlTyr4lQf0g&google_hm=01G9oRiFSuqnwVvUV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NdY_vIRuCbYtlHGkxpOrTqMQ6HZ3KXq98vNEvrUCiAMdLyjkcvM0C7TK1zNfoeqnQ17_-V8gWMXhGkoSYWgI5dVlTyr4lQf0g&google_hm=01G9oRiFSuqnwVvUV_q9bKY
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:17 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NdY_vIRuCbYtlHGkxpOrTqMQ6HZ3KXq98vNEvrUCiAMdLyjkcvM0C7TK1zNfoeqnQ17_-V8gWMXhGkoSYWgI5dVlTyr4lQf0g&google_hm=01G9oRiFSuqnwVvUV_q9bKY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9464
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEItxWNsSsLNcOudodc2Xjvw&google_cver=1&google_push=AavPq0NHmRZ130VbwD16hJMATlpXwIGD58MsnlsjSidPrQ2OUhs93tNFvwe2r0gsxjEfrS9I_AD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH&google_push=AavPq0NHmRZ130VbwD16hJMATlpXwIGD58MsnlsjSidPrQ2OUhs93tNFvwe2r0gsxjEfrS9I_ADed96GzCCj7t7Bc-2KR5SCvxrsqw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH&google_push=AavPq0NHmRZ130VbwD16hJMATlpXwIGD58MsnlsjSidPrQ2OUhs93tNFvwe2r0gsxjEfrS9I_ADed96GzCCj7t7Bc-2KR5SCvxrsqw
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH&google_push=AavPq0NHmRZ130VbwD16hJMATlpXwIGD58MsnlsjSidPrQ2OUhs93tNFvwe2r0gsxjEfrS9I_ADed96GzCCj7t7Bc-2KR5SCvxrsqw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9464
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs&redir=https%3A%2F%2Fcm.g.do...
  • https://sync.targeting.unrulymedia.com/csync/RX-ff641731-3b97-45eb-98b8-009aa3a1a9bd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0OzMjs1Ni5CgLpbI5L2B...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs&google_hm=A_9kFzE7l0XrmLgAmqOhqb0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs&google_hm=A_9kFzE7l0XrmLgAmqOhqb0
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OzMjs1Ni5CgLpbI5L2Bl7OW3ZRxBnTvaXHCsMaoGLqGMENmiUhxLMq5lmExWQ3DlkMyt8wMK3nWMjvhsiwHKFX3wh7zs2L7qs&google_hm=A_9kFzE7l0XrmLgAmqOhqb0
date
Thu, 05 Jan 2023 05:25:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXff6417313b9745eb98b8009aa3a1a9bd003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9464
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0PWuw7VQWp0R...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0PWuw7VQWp0RfqkcriVbdCxuoxE6q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0PWuw7VQWp0RfqkcriVbdCxuoxE6qSK5uxSvXE8HpQkXi9CqCNX10-vn86lOGzGoLxeLPIEi9zKJ28RJVUl3tg07rgMOgfHCMTU
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4f694ecf-e7d6-44ba-bc2c-d04abda47504
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0PWuw7VQWp0RfqkcriVbdCxuoxE6qSK5uxSvXE8HpQkXi9CqCNX10-vn86lOGzGoLxeLPIEi9zKJ28RJVUl3tg07rgMOgfHCMTU
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9464
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEN0kaESd1...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
date
Thu, 05 Jan 2023 05:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9464 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdcmUEoPx-TBFeHn1tsRXkxWeULZkXNz8-UsQ-s7tlFUJYxKcsrPZHhvLGYL4XQtTSW8hd9h4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 266C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJ8R1EH6DHAbfjYZCH1msw8&google_cver=1&google_push=AavPq0NTb0T_huLqKeZDcqIloYvAM9U907h-Iw2YuJlpsb7psTxCxtBDeonJrMyA3LbnCClD2WwvUypnu13dTad9qV-FzChA6y8hHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 266C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMc1vgGfkcRIkU9CPBwRpzo&google_cver=1&google_push=AavPq0MKBst5dye8YGxP0Ud58IYcuCFVo6Kyh5-RFO3ugK-KqLZkyd6fJZAKrEwnjXlcgnbSQzQ_wl81HOZIaQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNDk3NTQxOTgyNDI4MA%3D%3D&google_push=AavPq0MKBst5dye8YGxP0Ud58IYcuCFVo6Kyh5-RFO3ugK-KqLZkyd6fJZAKrEwnjXlcgnbSQzQ_wl81HOZIaQ3crY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNDk3NTQxOTgyNDI4MA%3D%3D&google_push=AavPq0MKBst5dye8YGxP0Ud58IYcuCFVo6Kyh5-RFO3ugK-KqLZkyd6fJZAKrEwnjXlcgnbSQzQ_wl81HOZIaQ3crYOx0yc36Mn_VWI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNDk3NTQxOTgyNDI4MA%3D%3D&google_push=AavPq0MKBst5dye8YGxP0Ud58IYcuCFVo6Kyh5-RFO3ugK-KqLZkyd6fJZAKrEwnjXlcgnbSQzQ_wl81HOZIaQ3crYOx0yc36Mn_VWI
Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 266C
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDMHLS9jIwGfK7S_dr25sKM&google_cver=1&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUO...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDMHLS9jIwGfK7S_dr25sKM&google_cver=1&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9X...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUOdRILeYdc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUOdRILeYdc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PE41WheB8dRr8abn7WBBDLov9P_R3Wf6MAu8sP3cWApEzczFGxjBq1x55YZyzZmV75KkcsDmB8E82ZH5wxuno9XUOdRILeYdc
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 266C 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBiheil2BMZz0_0bdmD3J-A&google_cver=1&google_push=AavPq0MlWZDrPJUVuZYWXFRlW8zux_jSfeejknzEHwTHuuhBmmnTY-TFp_lzSGRhqvxlsWh55uqjrCKaiI39VVzyOvtK7FOIs86k4f0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
al7ftn10suil1diunu6s0u8b2deksh2c
/
onetag-sys.com/match/ Frame 266C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO6YrR7_XHuUWXGvi9NvbaM&google_cver=1&google_push=AavPq0N191IdMclPiGZ6LRaveY59nm-VyZ_056_IEFUNpyPXEhhRLC1yCZstpFazniZ4KE2aO_jnSnPDfFs...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N191IdMclPiGZ6LRaveY59nm-VyZ_056_IEFUNpyPXEhhRLC1yCZstpFazniZ4KE2aO_jnSnPDfFs2jGLSY5YrZlWE4x1DiWAe
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 266C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0O9G1B3ZIxp8...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0O9G1B3ZIxp83TCH_SpDOq0SWDG_p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0O9G1B3ZIxp83TCH_SpDOq0SWDG_p4j8cGOvujSdGRN0hi6nqzJ4kJqZaRKJMW4nvXWbZJhMS8x7gbYWe31cX8LjTDvS9nXcVsU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
16006457-5939-4511-b71a-f9e6cfa5ef63
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0O9G1B3ZIxp83TCH_SpDOq0SWDG_p4j8cGOvujSdGRN0hi6nqzJ4kJqZaRKJMW4nvXWbZJhMS8x7gbYWe31cX8LjTDvS9nXcVsU
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 266C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEN0kaESd1...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a14daca2-c1a1-4f5f-9665-517d5d65258f&%%GOOGLE_PUSH_PAIR%%
date
Thu, 05 Jan 2023 05:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 266C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLZovLustDbegh05YxCGi1IZYP-fLRkoQXsNxLzGij1QQega4DvCLZm6F5DlaJx4OThnl3iq-0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900021.redintelligence.net/ Frame 2ADA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/viewability?s=14577000018871800951433012195021&a=9eade4af&vb=m
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
ca
choices.truste.com/ Frame B677 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24035856&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-71.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
fd742a1bd2f54724269df33533fe2b32e85c51299d1125bd49ebcd0b0ffca843
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
VIE50-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8029
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
n_BAIqqZ85nGIcA3U58cHQT9We53JhSqTmNtl055QiIUvwVXm3fGMw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B677 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:18 GMT
index.html
s0.2mdn.net/sadbundle/17749132433704670225/ Frame 6FBC 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
254a0d8418a36ef1c1297ed8c71d00520769b73ea45bdd9f257caf414b783dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
322040
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5053
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 11:57:58 GMT
expires
Mon, 01 Jan 2024 11:57:58 GMT
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B677 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFs5IrnkgqE63zG52CLOM0D7Ftp9fj3_A69AEDKJkeEB_LXn8lZ3_vB1MFGlRaaJOuisUnCyikfgb7CCqKUuBcN_JlzJ5WArDqcdUgsRsQDDr194nxqzj_K5iTJwibRNlTj_dd5fVhBLRsx1G3frPPj0TWfiY&sai=AMfl-YS_VYu75SWvamTUUqZWfeoDGSalyYjUUzJBZZmVpXs03loTRfctQ6ft9lPv4ng7VXwaOzEuye2w-WkLGvwRFAI1ctzlbAf6yADhLPs0&sig=Cg0ArKJSzMqtVM47F1d4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=569&cbvp=1&cstd=566&cisv=r20230103.67292&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:18 GMT
dcm
beacon.sojern.com/imp/ Frame B677 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=1986331155412975150&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=240739625&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=gmnwybg&e=1610118725716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Thu, 05 Jan 2023 05:25:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 9FCC 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28229300&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-71.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
fa653e49649e967505f54d10b24c136e5833219a6848cf42bb95ad5706721f59
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
VIE50-P1
cross-origin-embedder-policy
unsafe-none
age
34977
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8031
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
ugMmDE14x0MKLeCs3UYP32L_BcmwUEcZVwrV0iDS3X44_hMgaRTkCw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FCC 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:18 GMT
index.html
s0.2mdn.net/sadbundle/17725307468749569999/ Frame DFD5 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec8112c5ce618b3f228c72ba6de94275ccd00d5d5eef8cb077fd69bbff565fef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
240710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4769
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Jan 2023 10:33:28 GMT
expires
Tue, 02 Jan 2024 10:33:28 GMT
last-modified
Wed, 20 Jul 2022 12:51:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9FCC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPulRmZMl3S32Y1vQzcvoT-hDQBra9s_YGKt4Zj2S_3bECE43eWLLGepry_vHyPsCluFY52rXG_2fX68sqECu8Q_eTOVt1CeUdZUcrGHqZthcIAj8g_r0vpIf3k5T3_M-eYDyz-3DuatG3vaYcS0GmfHdUS9s&sai=AMfl-YRAnc2_le-0alx2BYmUFYIh_aqgU3FwQXm_00CLcKi6RRnzifHjV6Z4A9NhCvmATuShi-LGBm2Xpg3ySHkvpLexPKOhyars1cAoKSct&sig=Cg0ArKJSzCQjNB54cNcCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=572&cbvp=1&cstd=569&cisv=r20230103.68493&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:18 GMT
dcm
beacon.sojern.com/imp/ Frame 9FCC 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=8759338770679901928&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=372961559&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ssamglrx&e=1610118725716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Thu, 05 Jan 2023 05:25:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
pvClk.min.js
analytics.webgains.io/ Frame 6FBE 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=77140700020302200951433012195015&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:40:53 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
42266
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
D9oQiORxm3IbXiNfJ9q7zLg6rhuh1G-BGx5nghns5X6nU_PjjlyHNQ==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 6FBE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1672896618&Signature=UOqaYXLfIHhV9j0KPYSk2cy8JHPGb4C2rgmMEu5k7NkeBBTE~thrMUGVNYXFrIo28PY9jAS8sDZQWk3GOWhCwF~gXhW~qDCYt~TGeWEiqpANLraW3Yk9NuK94KlsoOQwgd-G41KKUIIkHFYP3BKml~7IN2euyW~aBVSSpoKbZq4Fe~kzZaDkXidKFlqOaempVleQaRzmiz-ZAfL6wUNKwNPRDxzxvhsmcZU46JfGa7ddjHCBOxlz2iCJszSGFCu13paBzpoCkHHmmzA6735zwQ1-fGl~92fjRvpUkmUmnlEB36s16jMw27SsLLd3mmzIM7Yaf4n5wX~K5UQdmlayig__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=bpnfgmoowy&e=1610118725716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 04 Jan 2023 20:33:56 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
31884
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
XOzQ9TcMlF9TYGCgz2eVB6AsyeXLsPzvNG2h6pmhkoDktCtEGNO_PQ==
pvClk.min.js
analytics.webgains.io/ Frame FC48 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14577000018871800951433012195021&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:40:53 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
42266
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9YRoDBXlC9MwUqJ8NX7sQ1TD7y9NZz9CsXiutApoEGg_VH0n12weBg==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame FC48 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1672896618&Signature=UOqaYXLfIHhV9j0KPYSk2cy8JHPGb4C2rgmMEu5k7NkeBBTE~thrMUGVNYXFrIo28PY9jAS8sDZQWk3GOWhCwF~gXhW~qDCYt~TGeWEiqpANLraW3Yk9NuK94KlsoOQwgd-G41KKUIIkHFYP3BKml~7IN2euyW~aBVSSpoKbZq4Fe~kzZaDkXidKFlqOaempVleQaRzmiz-ZAfL6wUNKwNPRDxzxvhsmcZU46JfGa7ddjHCBOxlz2iCJszSGFCu13paBzpoCkHHmmzA6735zwQ1-fGl~92fjRvpUkmUmnlEB36s16jMw27SsLLd3mmzIM7Yaf4n5wX~K5UQdmlayig__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14577000018871800951433012195021&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 04 Jan 2023 20:33:56 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
31884
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
S6ICS0kgEnH-rUPNNm-JFLydfqWc2YYpclzdv15aQoJYgJhPohuMwA==
truncated
/ Frame EA21 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bef6cf142f0ce02550e3d4851382fb00e1d24ec35df91e52a1fd6e42d83e196

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame FC48 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQi9vtmdBhDt_5Ptr_C6rT4Y56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXj28QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXbFJSTlZsNlZUSmFhbWQwV1ZkYWFWbDVNRE5aVkUxNlRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpnMk9ERXdNRGsyTURJM09EWXlPVFF4TWpZdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwyWlZjM1l6TmxwWVRXSkZTRUo2TWpWUU1HeHNZMVpKVms0eFZGaExjVnBSV21neFFXazBkV1pQZGtVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TnpRdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjMF5AxFMUVRDeQFEAAwARAgY3ZNQzh3THpBDQhm_AAMZW5KbwUoiFRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1BVTwi2pBd01DOHhOamN5T0RrMk16RTNMekUyTnpJNU1EZzVNVGN2TVRNdk1UQXlOalF2LzhVZmdhc05lQXh0Ujh4OTlJWEVuSUtjMkdKRSZub2RlaWQ9Mzc1MSZncm91cD16cmgmYXVjdGlvbmlkPTg2ODEwMDk2MDI3ODYyOTQxMjYmcGJzX2F1Y3Rpb25pViIAKHNoYXJka2V5PTg2Sj8A8H1yaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS4xMzkmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITODZCkQCwGhM0NDkzMTYyNTI2MDg5MjE1OTgxIgkzODI2NTA0MDYqBjEwMTkzNjoHNjYyAWPwZcADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIU4WIgFAZgFAKAFwLWP9779rKJKwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAf28QXSBw0JETEBLwjaBwYBZ3AYAOAHAOoHAggA8AfkwgGKCAIQAJUIAACAP5gIAQ..&s=9c7ee403f354c34a75e156488b2a9a902698e724&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4174394021100037863&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
a2dfe9f4-d785-4205-b3b0-4e7b83128a1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 6FBE 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQi9vtmdBhC9stK6zqOl93UY56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXjm8QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXbFJSTlZsNlZUSmFhbWQwV1ZkYWFWbDVNRE5aVkUxNlRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpJNU1UWTBNREl3TnprM05USXdOVGt3TURJdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwyWlZjM1l6TmxwWVRXSkZTRUo2TWpWUU1HeHNZMXBHVDA1VlVWaGljbGR6VFhsYWF6bEJNVE5FV0Rndk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TnpRdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjMF5AxFMUVRDeQFEAAwARAgY3ZNQzh3THpBDQhm_AAMZW5KbwUoiFRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1BVRcakF3TUM4eE5qY3lPRGsyTXpFM0x6RTJOAWTwcURnNU1UY3ZNVE12TVRBeU5qUXYvMVlDSFpCRG5wbThMX0I2R3VTbzRUTTFnN0trJm5vZGVpZD0zNzUxJmdyb3VwPXpyaCZhdWN0aW9uaWQ9MjkxNjQwMjA3OTc1MjA1OTAwMiZwYnNfYXVjdGlvbmlkPU4iACBzaGFyZGtleT1OHQDwi3ByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4xNjImc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMjkxNjQwMjA3OTc1MjA1AdDw_RoTODQ5Nzg5MzQ5ODI2NzQwODcwMSIJMzgyNjUwNDA2KgYxMDE5MzY6BzY2MjIzOTbAA6wCyAMA2APVlULgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASmkLu2AYgFAZgFAKAFg9CY7bjc77BAwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAADQiYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAfm8QXSBw0JDS4FLwzaBwYIBQlo4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=cd71b37fa706a093433bf0ad92ef145e9e6a9cad&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4174394021100037863&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
ae43eed7-cc73-480b-90f6-12aab615a586
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BF98 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
viewability
hal900015.redintelligence.net/ Frame 163E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=77140700020302200951433012195015&a=3b26050b&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame E77E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
t86iljt2pcsi
hal9000.redintelligence.net/zone/ Frame D154 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/t86iljt2pcsi?subid=&gdpr=1&gdpr_consent=li&rnd=2916402078678497933&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1uVaNihOrtoZTWKFqiZiZw%26exch_seat%3D20035004448%26mt_aid%3D2916402078678497933%26mt_id%3D11204411%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_cid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%2526client%253Dca-pub-2128757167812663%2526adurl%253D%26redirect%3D
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
0abb61dc1769aee9b1775c935f16c177331ac25dc10fe85db614206a995c291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3501
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame D154 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2916402078678497933&v3=1262142&v4=12780336&v5=11204411&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RCa01HTmhaakl0WW1ObVl5MDFZalJoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5MTY0MDIwNzg2Nzg0OTc5MzMvMTEyMDQ0MTEvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFrVjJNai1ZSmlwQ1RHcTZadnVQYV8wLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMjkxNjQwMjA3ODY3ODQ5NzkzMy96cmgvMC85MTYyLzQyLzk5OS8yNTgvMmEwMzoxYjIwOjY6Oi8wLjAwMC8xNjcyODk2MzE3LzE2NzI5MDg5MTcvNC9wdWItMjEyODc1NzE2NzgxMjY2My8/vbwtu6OwB0_ZAixhnDCQTmdr2hM&nodeid=3773&group=zrh&auctionid=2916402078678497933&pbs_auctionid=2916402078678497933&shardkey=2916402078678497933&sid=12780336&cid=11204411&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 05 Jan 2023 05:25:17 GMT
img
tags.mathtag.com/event/ Frame D154 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2916402078678497933&st=12780336&time=1672896318&nodeid=3773
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RCa01HTmhaakl0WW1ObVl5MDFZalJoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5MTY0MDIwNzg2Nzg0OTc5MzMvMTEyMDQ0MTEvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFrVjJNai1ZSmlwQ1RHcTZadnVQYV8wLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMjkxNjQwMjA3ODY3ODQ5NzkzMy96cmgvMC85MTYyLzQyLzk5OS8yNTgvMmEwMzoxYjIwOjY6Oi8wLjAwMC8xNjcyODk2MzE3LzE2NzI5MDg5MTcvNC9wdWItMjEyODc1NzE2NzgxMjY2My8/vbwtu6OwB0_ZAixhnDCQTmdr2hM&nodeid=3773&group=zrh&auctionid=2916402078678497933&pbs_auctionid=2916402078678497933&shardkey=2916402078678497933&sid=12780336&cid=11204411&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x104, zrh-bidder-x160
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 05 Jan 2023 05:25:17 GMT
js
sync.mathtag.com/sync/ Frame D154 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RCa01HTmhaakl0WW1ObVl5MDFZalJoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5MTY0MDIwNzg2Nzg0OTc5MzMvMTEyMDQ0MTEvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFrVjJNai1ZSmlwQ1RHcTZadnVQYV8wLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMjkxNjQwMjA3ODY3ODQ5NzkzMy96cmgvMC85MTYyLzQyLzk5OS8yNTgvMmEwMzoxYjIwOjY6Oi8wLjAwMC8xNjcyODk2MzE3LzE2NzI5MDg5MTcvNC9wdWItMjEyODc1NzE2NzgxMjY2My8/vbwtu6OwB0_ZAixhnDCQTmdr2hM&nodeid=3773&group=zrh&auctionid=2916402078678497933&pbs_auctionid=2916402078678497933&shardkey=2916402078678497933&sid=12780336&cid=11204411&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 254 34fcae8 master zrh-pixel-x4 config:1.0.0 /
Resource Hash
b835775c795ffca5f57ff62267c6c04c3bb728d817bee7ffae3f331e08c36d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
MT3 254 34fcae8 master zrh-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
close
Expires
Thu, 05 Jan 2023 05:25:17 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 00CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D0DF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Thu, 05 Jan 2023 05:25:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 2FD7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=1679723169&pi=t.aa~a.3705360468~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280%2C300x240&nras=3&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=z9HFy67RBb&p=https%3A//www.bagnet.org&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 96D9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
expires
Thu, 05 Jan 2023 05:25:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:18 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 3C83 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKDuyPF-2Y-OuL5jZtwfv_7nQAZPXurlt4MPds98Oio6Lmr4pEAEgv4vmEWCV4pCCoAegAazZq-gDyAEJqQIGYaAIlMqxPqgDAcgDywSqBPcBT9C8YdUXssh_r7a_A-Nwu24_lTspmfly3ygC5lrayLiGqjed09BSJu03jOfcyn3cjjqb0e_FO44rtFB5Dr5WR1eNko-IqoVEVGC3g3cnduhPH0TmeI-emyZm-p7jRhi-D3qI1Rl7Fvx5gqshlWnNb9XjijS4xSZ28uDVJGPvq3laxa_HnnpHI76hNrD3W5Q9-V_A4l2nLXtszJxWbbwllDCksEvmp-qE9EDe2TKHG59AekoubaF1hmTuqzLQ6Zxnox4Bz-hQ4kuS_GZ5okMTPPyCJUOsLhIAJdDXEiKlwg18gzcqvu9GZddbyqxnXolfXzlg74vS-MAEvfr4ydoDoAYugAe8ptQXqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyNsB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMD0BUBgBcBshccChoIABIUcHViLTk3NTMxNzI4NjQ4NTY1NjMYAA&sigh=BUjMH0s_BbQ&uach_m=[UACH]&cid=CAQSGwDq26N9Ns7VXdCCvfChov6YGKQGDCw9bTinOhgBIBM&template_id=484&vis=1
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D14C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=416874039351052&rc=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2ADA 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900021.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:24:52 GMT
x-content-type-options
nosniff
age
36026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2ADA 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900021.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
402863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 13:30:55 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D89A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 14:22:53 GMT
expires
Thu, 04 Jan 2024 14:22:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7A7B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 14:22:53 GMT
expires
Thu, 04 Jan 2024 14:22:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E631 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1240566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hqnoidmMnBnQmyN2iwMsdktMzzkIrtH6Zf2XVJIhUC8abSthOpdA11VdfnIKjHgJYH127ibRMJeg16M9AlGG1Fqq1B5iIO7NRt6q4%2FOAFshS8zA6GaRCfaN%2FVBHiOGhJbjJxqGBmvPYYVgF0qdYHXSb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849cae92f52bbb0-FRA
expires
Tue, 26 Dec 2023 05:25:18 GMT
animejs.js
static.criteo.net/animejs/ Frame E631 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:18 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame E631 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:18 GMT
img
pix.eu.criteo.net/img/ Frame E631 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F370fb72a-7575-494a-ad5d-6a5da8afa0d9_9a938dcd-2a72-42c0-b4c1-571da39a892c.jpg&v=3&w=400&s=2HxIH2hZ7DkZnia-HgId8S8Y&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
46347354fecce3bea3029d589b10bbdac37d90a09c75e52c4e2de4832271ae77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=783487
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23306
expires
Sat, 14 Jan 2023 07:03:26 GMT
img
pix.eu.criteo.net/img/ Frame E631 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F4c30ad4d-9a2f-4b40-812d-1b6ce8335fca_865ab5d5-4e62-4787-aad6-4b663158b261.jpg&v=3&w=400&s=dOQBEC5mH8M0kYEMonmRFxX7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
98bb99b6350e26c46a0b7d80bde1af2417c2350364c7df790390a8f5213ffe63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=971420
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26398
expires
Mon, 16 Jan 2023 11:15:38 GMT
img
pix.eu.criteo.net/img/ Frame E631 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fe78e2e98-8eac-43ae-bec1-2781a9a1011e_905715af-6eb3-4f57-8263-6a2bf518c0b6.jpg&v=3&w=400&s=8dqTC_z44mJtw3Th0YUhld3B&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
77a33a746c8e12bf45e11ddab901031bd5dbfbc29e3ba7d5ff377780928fdc67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1041831
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
42226
expires
Tue, 17 Jan 2023 06:49:09 GMT
img
pix.eu.criteo.net/img/ Frame E631 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F41a01007-d041-43c2-9558-8ab44a47ee40_93ccfb59-e3cd-4bbb-9e04-2ea2371e5a5d.jpg&v=3&w=400&s=eiFinifGKm2oRBkmaCDQxXRl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f6e7e1768b1cd00eb9acf4352d487933cc16c2709edadc339cdc8327b6fe6f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=528630
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31136
expires
Wed, 11 Jan 2023 08:15:49 GMT
img
pix.eu.criteo.net/img/ Frame E631 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F95cdfea2-2818-4d19-992e-c4c1fdf6ecc9_aba96a84-15b1-4192-a2fc-4a786b2d89cb.jpg&v=3&w=400&s=wzvUBhDZjQqdS2QCXlWav0v1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
31b68ddff7e5d4917d915728e3ba69f51f20b1205680d5d4e5914889bf82e691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=204287
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18734
expires
Sat, 07 Jan 2023 14:10:06 GMT
img
pix.eu.criteo.net/img/ Frame E631 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F87f49745-a2d5-414d-89b9-ff6b1886868d_b8fe578c-7987-4214-b1da-ed958fc50347.jpg&v=3&w=400&s=XHbvDPVi_d3suoM9Dn2onnHO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
bda1e9549ac9451382354b56c2feb3ac8135fc0d50a1bd9703001ad6fecb9542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=278171
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26066
expires
Sun, 08 Jan 2023 10:41:30 GMT
img
pix.eu.criteo.net/img/ Frame E631 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F94e73de9-f6cc-4add-ab79-50b3ef1d7de3_95225dcf-983e-4ceb-b6be-5f6e2c4432d9.jpg&v=3&w=400&s=If5WMS7hbtAfR8Vybp6y-OxR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dd61aa731ed8b44bc78d1106a3277e6bd2e92545cf5cf64ad302b4670611161d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=428708
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25424
expires
Tue, 10 Jan 2023 04:30:27 GMT
all
csm.eu.criteo.net/ Frame E631 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yVn4HdjTZFobtDfJE_S7DoBosuXhcgP8XiHuH2ROw0d1qJABx7wu_lUDC8J0HN2Uelkinav8xHyVk6Z5OkCw8SldLOpQlBCGKBCwJxplCJmxq7ct6ZmJ24Fx1PdNoAR-ivCoQIF-fSSsi2gCs5TJz8nwJhVHDh5WZY4m1gzd8hVdlbKZqaGVOOT_8yvWrUT0i9_hRHJdoN9zgD7VxrnG8I3C8iqLfQQQszrHmsNbr2OU1F5QuzMt2iw6cseaj_oI_p51yg&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E631 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:18 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E631 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 05:25:18 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame FD4C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ssamglrx&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:18 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame 9FCC 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QLpDPBMaQYAAAMA1gAFAQi9vtmdBhDo3bqtv4bbx3kY56uc0sD2391HKjYJ_znMlxdgfz8Rc79V6zxidz8ZAAAAIFyP6j8hc79V6zxidz8p_zkJJPCaMQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCX4uuxAViNlowBYABomp2kAXjy8wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjk0MDc4OSwgMCk7dWYoJ2knLCA0ODIzOTMwLCAwKTt1ZignZycsIDEyNzI4MjcyLCANKfCfcicsIDM3Mjk2MTU1OSwgMCk7kgKlBCFOMmxoZndqSWhOUVZFSmZpNjdFQkdBQWdqWmFNQVRBQU9BQkFBRWpxUDFEcHBmd0pXQUJnandab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFXZGJRalVSWkg4X3dRRm5XMEkxRVdSX1A4a0JBQUFBQUFBQThEX1pBUUFBQQEPdFBBXzRBSDZ0cVlDOVFITnpNdzltQUlBb0FJQnRRSQEiBEF2DQjwW3dBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1EY3g0QU9VTUlBRTY5X0ZCSWdFbDdiTEJKQUVBWmdFQWJvRUdnaUZCQkVBBWkUQURRUHhrCQsBASRDQ0N4b3NPd1FRAQ4AQQUgCDhrRQEKCQEYRFlCQUR4QgkNBQFQaUFXM0w2a0ZUbnJmLU5vejdqLXhCET8gQUFBd1FXYW1aBQIQNVA4a0YBFBxJSXFlc3pfUi4oAAgyUVUBGwF0wHdQLUFGX2dYd0JkRHZpQWI0QmZXLXN3R0NCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJwcVoFXixia19xQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFOQmJfVEE6KQIwSTJXakFFZ0FDZ0FNWhltTE9nbEJUVk16T2pZd056RkFsREJKAb8BAQw4RDlSAQgJAQRCWgkIAQEEQmgBBgEBDDBEOXABCAkBBEJ4CQgBARBCNEFJazVk8Hk4RDgu2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL_ICEQoGQURWX0lEEgcyOTQwNzg58gISCgZDUEdfSUQSCDEyNzI4Mjcy8gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEQABEJIDxDT0RFEgUzMzY4NPICIwoIAVYFFBgXMDBrMzkwAQFMcWZYMnZBQUVfZGVfNfICCwoHQ1AJJRwA8gIQCgVJTwF1BAc0ackY8gIdCgdJTwkhDBIwMDYNRmB0bllhekFBRfICEwoPQ1VTVE9NX01PREVMAT0UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wiwEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD1ZVC4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA44MTcwI0FNUzM6NjA3MdoEAggB4AQB8ASXoUMgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF96sZ-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG6CnaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfy8wXSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=0b6481c9ae1ac83c74f9be077053c541527e6eb6&bdref=https%3A%2F%2Fwww.bagnet.org%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.bagnet.org%2F,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dssamglrx%26e%3D1610118725716,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dssamglrx%26e%3D1610118725716&
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=ssamglrx&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
eaa69b4d-db0c-4134-8322-36ea88906870
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4C40 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=gmnwybg&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:18 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame B677 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QLnDPBMZwYAAAMA1gAFAQi9vtmdBhCu_LnllrW3yBsY56uc0sD2391HKjYJQZqxaDo7eT8RBC8ch__Ncj8ZAAAAIFyP6j8hBC8ch__Ncj8pQpoJJPB5MQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCpyuVyWI2WjAFgAGianaQBeKHyBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0ODE5MzUyLCAwKTt1ZignaScBFBwyNDY4MCwgMAkULGcnLCAxMjczNDc5NhUVMHInLCAyNDA3Mzk2MjUFFvCLkgKlBCFlMm1vSUFpVjJkUVZFS25LNVhJWUFDQ05sb3dCTUFBNEFFQUFTT29fVU9tbF9BbFlBR0NQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkIzS0RBdE0zZVRfQkFRZHlnd0xUTjNrX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWVpOHBnTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk16T2pZd016UGdBNVF3Z0FTRjZzVUVpQVR3N3NzRWtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCWkV2cVFWT2V0XzQyalB1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEQXhvV3ZQOTIoAARaQhFnwFBBXzRBWG9CUEFGektLSkJ2Z0ZtSk9tQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMQEM0QmdvLpoCmQEhQ0JhSk53NikCLGpaYU1BU0FBS0FBeBltUDg2Q1VGTlV6TTZOakF6TTBDVU1Faw1UDER3UDE9JABGERgMQUFBRxEYDERRUDIdGABIERgYQUFBSGdBaS49AvBAdy4u2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL_ICEQoGQURWX0lEEgc0ODE5MzUy8gISCgZDUEcBFAQIMW0sGPICCgoFQ1ABFDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQABEJIEhDT0RFEgU1MDU0MfICIwoIQ1BHCRQYFzAwazNwMAEBTHNlYjdwQUFBX2RlXzXyAgsKB0NQCSUcAPICEAoFSU8BdQQHNGnJGPICHQoHSU8JIQwSMDA2DUZgdWRiNTFBQUHyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwMzPaBAIIAeAEAfAEqcrlcogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaTGKvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AboKdoGFgoQAAAAAAAABRYFAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6HyBdIHDRVkASYM2gcGCAUJaOAHAOoHAggA8AfkwgGKCAIQAJUIAACAP5gIAQ..&s=424e1c2807b989d253ed7befa825b32f87aad3ae&bdref=https%3A%2F%2Fwww.bagnet.org%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.bagnet.org%2F,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dgmnwybg%26e%3D1610118725716,https%3A%2F%2Frandiul.com%2Fr%2Fp.html%3Ff%3Dgmnwybg%26e%3D1610118725716&
Requested by
Host: randiul.com
URL: https://randiul.com/r/p.html?f=gmnwybg&e=1610118725716
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
acbbad8a-55ca-493e-b347-4752b2b3d95e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 163E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:24:52 GMT
x-content-type-options
nosniff
age
36026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 163E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
402863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 13:30:55 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 77DB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
rs
ad4m.at/ Frame F95B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7958cc8521ba1c277b449460ea5f61e86b074c8d1a0c207631704f819247b3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Jan 2023 05:25:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAVg9QQKHvh1WNhvqAts6HwhnlR7nPO7MESzoxxgvWOd78QTnXd5Be2twib41dO4ZYQrvfxgm5bBPnZC8xosBQZOmusd60HVoZtQISP4XzQ28VZaKjUcpXUhJUK5O7K13kFP56U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7849cae96b3e9112-FRA
x-backend-server
aa-reachservice-group-europe-west1-3b3l
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7849cae93b1c9112-FRA
content-length
24
content-type
text/plain
date
Thu, 05 Jan 2023 05:25:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCIvMXhAJwEWwDf4Bj8E0wGJKPctV9LWzTVDDFAod2YEDjTq5z1EgimK%2FofhkbC6fkOEyfoF32Bz%2FtGt93FwaVJOpYL2X6S6DVHRcPER1H6LNJNy4f5w9vCGBgPKcyB9BSzDyK4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-3b3l
activeview
pagead2.googlesyndication.com/pcs/ Frame FF93 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1uPFU3umY-2ogS5Tz3Ugl0WAVwR90cfdDjFUVRhDU4e0bn6Rv8kbsxXjp-QSZOmCpXmG4_3yd4trWkgsQTZ9VjUc2i__CLuFoUIlEeIryVxY5kO6aXw-WIQ-Dh9FVOz3WscgVCg&sai=AMfl-YRBJa5uMGthlU4nlX0jjwB0KhryFtcApndcLWPjTKP1dVU6oXGS6VWQihVCO-w0u1fsDekahel7HUi1DzM&sig=Cg0ArKJSzFTe8dyOHoHVEAE&cid=CAQSGwDq26N9yTrkV906sPBOxoWzuDdDgdRzkHHoRxgBIBM&id=lidar2&mcvt=1033&p=0,0,280,1200&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2116639384&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896316709&rpt=1133&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900017.redintelligence.net/ Frame D154 		613 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/request.php?zone=t86iljt2pcsi&nw=20&renderingType=javascript&namespace=e5268bebf7&subid=&uid=05131a19211fb0c6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1uVaNihOrtoZTWKFqiZiZw%26exch_seat%3D20035004448%26mt_aid%3D2916402078678497933%26mt_id%3D11204411%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_cid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%2526client%253Dca-pub-2128757167812663%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7280327194663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/t86iljt2pcsi?subid=&gdpr=1&gdpr_consent=li&rnd=2916402078678497933&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1uVaNihOrtoZTWKFqiZiZw%26exch_seat%3D20035004448%26mt_aid%3D2916402078678497933%26mt_id%3D11204411%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_cid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%2526client%253Dca-pub-2128757167812663%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
73f976d9f886607e7bdacea0e1282a738495719c35be43d468cc694e5b977089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
94664300020374206783189012195017
Connection
close
Content-Length
333
Expires
Thu, 05 Jan 2023 05:25:18 +0100
ffeadf2b251df090620933ccc12e6237.js
s0.2mdn.net/sadbundle/17725307468749569999/ Frame DFD5 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17725307468749569999/ffeadf2b251df090620933ccc12e6237.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ea6e25e82afe4fc795fcd8184cf2605bd3b0724ce681d9d92e79f909c6ad4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 10:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240710
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22497
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:51:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 10:33:28 GMT
vevent
ams3-ib.adnxs.com/ Frame B677 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QKyCvBMMgUAAAMA1gAFAQi9vtmdBhCu_LnllrW3yBsY56uc0sD2391HKjYJQZqxaDo7eT8RBC8ch__Ncj8ZAAAAIFyP6j8hBC8ch__Ncj8pQpoJJPB5MQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCpyuVyWI2WjAFgAGianaQBeKHyBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0ODE5MzUyLCAwKTt1ZignaScBFBwyNDY4MCwgMAkULGcnLCAxMjczNDc5NhUVMHInLCAyNDA3Mzk2MjUFFvCLkgKlBCFlMm1vSUFpVjJkUVZFS25LNVhJWUFDQ05sb3dCTUFBNEFFQUFTT29fVU9tbF9BbFlBR0NQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkIzS0RBdE0zZVRfQkFRZHlnd0xUTjNrX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWVpOHBnTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk16T2pZd016UGdBNVF3Z0FTRjZzVUVpQVR3N3NzRWtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCWkV2cVFWT2V0XzQyalB1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEQXhvV3ZQOTIoAARaQhFnwFBBXzRBWG9CUEFGektLSkJ2Z0ZtSk9tQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMQEM0QmdvLpoCmQEhQ0JhSk53NikCLGpaYU1BU0FBS0FBeBltUDg2Q1VGTlV6TTZOakF6TTBDVU1Faw1UDER3UDE9JABGERgMQUFBRxEYDERRUDIdGABIERgYQUFBSGdBaS49AvDXdy4u2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwMzPaBAIIAeAEAfAEqcrlcogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5w2AUB4AUB8AWkxir6BQQIABAAkAYAmAYAuAYAwQYFIiwA8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHofIF0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAH5MIBiggCEACVCAAAgD-YCAE.&s=43262c59a54959012e76062c5e3411baa00bf54d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4174394021100037863&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
3b90cf33-228e-4669-9929-25d41a7d2671
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4d684d06a5ab2eaa1dd91864ea416638.js
s0.2mdn.net/sadbundle/17749132433704670225/ Frame 6FBC 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/4d684d06a5ab2eaa1dd91864ea416638.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
863d5aaf2f72d62bdfae3724f7b12f0b52961c3990618beaad0e143f07c7bb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 20:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 20:58:09 GMT
vevent
ams3-ib.adnxs.com/ Frame 9FCC 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QK0CvBMNAUAAAMA1gAFAQi9vtmdBhDo3bqtv4bbx3kY56uc0sD2391HKjYJ_znMlxdgfz8Rc79V6zxidz8ZAAAAIFyP6j8hc79V6zxidz8p_zkJJPCaMQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCX4uuxAViNlowBYABomp2kAXjy8wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjk0MDc4OSwgMCk7dWYoJ2knLCA0ODIzOTMwLCAwKTt1ZignZycsIDEyNzI4MjcyLCANKfCfcicsIDM3Mjk2MTU1OSwgMCk7kgKlBCFOMmxoZndqSWhOUVZFSmZpNjdFQkdBQWdqWmFNQVRBQU9BQkFBRWpxUDFEcHBmd0pXQUJnandab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFXZGJRalVSWkg4X3dRRm5XMEkxRVdSX1A4a0JBQUFBQUFBQThEX1pBUUFBQQEPdFBBXzRBSDZ0cVlDOVFITnpNdzltQUlBb0FJQnRRSQEiBEF2DQjwW3dBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1EY3g0QU9VTUlBRTY5X0ZCSWdFbDdiTEJKQUVBWmdFQWJvRUdnaUZCQkVBBWkUQURRUHhrCQsBASRDQ0N4b3NPd1FRAQ4AQQUgCDhrRQEKCQEYRFlCQUR4QgkNBQFQaUFXM0w2a0ZUbnJmLU5vejdqLXhCET8gQUFBd1FXYW1aBQIQNVA4a0YBFBxJSXFlc3pfUi4oAAgyUVUBGwF0wHdQLUFGX2dYd0JkRHZpQWI0QmZXLXN3R0NCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJwcVoFXixia19xQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFOQmJfVEE6KQIwSTJXakFFZ0FDZ0FNWhltTE9nbEJUVk16T2pZd056RkFsREJKAb8BAQw4RDlSAQgJAQRCWgkIAQEEQmgBBgEBDDBEOXABCAkBBEJ4CQgBARBCNEFJazVk8P04RDgu2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwNzHaBAIIAeAEAfAEl-LrsQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0AboKdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfy8wXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=c83e843ff6e4cdc5671a7dce51597fb161d04585&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4174394021100037863&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:18 GMT
AN-X-Request-Uuid
f89d2c90-5d6b-4a7a-bccf-915e2a01a70e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FD4C 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:19 GMT
AN-X-Request-Uuid
3975e980-ead0-495f-8144-94da226c8fa3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4C40 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:19 GMT
AN-X-Request-Uuid
aeeb7d6d-d72b-4f53-8916-da9ce8859428
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rar
as.ad4m.at/ad/ Frame 8D49 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54c3a05e4e63711adadc053d8ebc30bec80afebfa06cda86b49ac8078a20c75
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kzx8cnzrx4fn66gpbn97a1w5fjahz4gz0nvjqmjjp9w65y54m44se1xpx5fs0d1gxkqpppt8qpawrt8as5k5ptp76e5hv7t4kjj4s143h2w2cqfwe63tse0rq4cn2pay6texq7j9b2t5gqgh57186rwpetetppdw3hfr45jk7y8d4h5304hr8v870s1ymkkh63y4g38za22nc85pqa88c7k1wjtectf2ptch0rd5zamf9y9tjmert4wz0zc7vdfr9yv9c82j031zew8fycf1fz3tfj0es1b72n8czateyvabftprhf5yew99qxavb839tnkyqks14j0ra1dk7fveds3p34w26dcdmb306np9pcpjpggy6zymng1ybbyh6y63zmn3t1v85683j8jm7pnv31h966f3sqg756hzf9t3vgdxg6a9mw1751hzkg43266ma1as8hy74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%26client%3Dca-pub-9753172864856563%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7849caeb284b6977-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:19 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B0B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4zXVe11v5ExuTRFDkWJODrT_VMnZls1yPN9Oo-CxWQ4212Y3lDwT-ZcdD7_CjxdO1G6uSYgCWDetM4g23lcTW0KEA&sig=Cg0ArKJSzHJ344kHwQz0EAE&id=lidar2&mcvt=1069&p=0,0,124,1005&mtos=378,955,1069,1069,1069&tos=378,577,114,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896317595&rpt=618&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal900017.redintelligence.net/ Frame FE68 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/request_content.php?s=94664300020374206783189012195017&a=92b84b37
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=t86iljt2pcsi&nw=20&renderingType=javascript&namespace=e5268bebf7&subid=&uid=05131a19211fb0c6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1uVaNihOrtoZTWKFqiZiZw%26exch_seat%3D20035004448%26mt_aid%3D2916402078678497933%26mt_id%3D11204411%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_cid%3D3ab263b6-5f3e-4b00-b632-40c8677d4dba%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtfmwPV-2Y86jHO_D7_UPo52EoAbPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJ4AIAqAMBqgSsAk_QaaynJKPG1cCd-bnvs_ivbX5xIeir_OqNEtLqpkDDTjPlBp-YjIOLkB4QVWYxS6jzp7KNxQJ12nK_YhKWon6VMUGDnoz96H43DNiuvXZaIa-dyJuZr7PO31D6uCJmNSbPryb9_VKuG9xBGO3SCIKvNHxtovOyVLP71GIdV-5h27uCYt3bZUkh_5znhHlxQWDQc4G4DDxS2_LsxK_7rEIyorQavp5RH29L0PWXi3mDEZ4e1a6vtS-LbUShge_ofSXxGO0cy7HQINmYISqHLMHxcO7drP3UfcOHRX3MxWNHJpF-0IRjy8NHpXSEX20BmPrpcLHj0-44dZlNVxIyAlfSlv730ukQMMflxqhXiN9rstwC7u4SZ9FWVhvsKRbLZxctW15bgrvzqkUfMeAEAYAG36KJipLNqbpZoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY0OTgxOTcwNzI1MjQ0NPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2R2YgA1EoUmmhiWTh3X7t4WTX63g%2526client%253Dca-pub-2128757167812663%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7280327194663&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
f8150ce88de1986165238bd473b070c2e408a592ade2faf426661dc9c5b1e2da

Request headers

Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2278
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:19 GMT
Expires
Thu, 05 Jan 2023 05:25:19 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
iframe
sync.mathtag.com/sync/ Frame 2D70 		711 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=3ab263b6-5f3e-4b00-b632-40c8677d4dba&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x28 config:1.0.0 /
Resource Hash
68285c4613c71671bdf44ebf48eada0a036ce78b3b7cd36acf3333f840e20c7d

Request headers

Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:19 GMT
Expires
Thu, 05 Jan 2023 05:25:18 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x28 config:1.0.0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 32A5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 15:03:50 GMT
etag
48472445140208031
expires
Thu, 05 Jan 2023 15:03:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D154 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db380feb6facc98045feec88e20269c3d4cbf70100f86731c17518e8ac182eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 8D49 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
751084
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcnGjmhDJ2sxMDXrtnt8cw4Fc3WVJ1DH15%2B6YCF%2FO6j30NC0C7TM%2FVu%2BMFArtR2bG%2FPXJet0jABQ2uVe%2BLuSD3aeMhBqhgZUsl0CR%2FK7%2Bo%2B6YMzadG9a9oHOQWKE60dqVNRf4TVr6jA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
7849caebe8f86977-FRA
expires
Thu, 05 Jan 2023 06:25:19 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 8D49 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271697
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130164
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aHoOBfnVmCE9KSJc3xAMUzE75nnm%2FLscOtOdGvTWjkdfqRGFdagIhj%2B6SwJKw1EyRrB4YKLCq3CYabCglPjIOt9LoiPo5iKYGJ5TAWmy3Cy0EuzYuAtEMiMtdSY%2BAlyNd6WCBxKTNC98oyr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7849caec08a3bbf8-FRA
expires
Fri, 06 Jan 2023 05:25:19 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 8D49 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2537166
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9krfaTW8aO6NGSCHTL%2Fp3H6DzErTV8GnCC0Os3nf6nrkmjxC92fMfyNEWywfqFGcq5TcJ%2BkldIGR70M8lA74N7Pij0mtuYk2fr3ooSNmpHIKImzQAAV0Tsv4%2BLw9Z5VECBpDjszjhKMxxVVP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7849caec494e6977-FRA
expires
Fri, 06 Jan 2023 05:25:19 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame F1CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9753172864856563&output=html&h=240&adk=3019581582&adf=3828006491&pi=t.aa~a.3705360468~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1672896317&rafmt=1&to=qs&pwprc=8845765830&format=300x240&url=https%3A%2F%2Fwww.bagnet.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896317458&bpp=1&bdt=1458&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e79d19b3a1c4766-22520f9d06db00f8%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA&gpic=UID%3D00000b9d5aea6a76%3AT%3D1672896316%3ART%3D1672896316%3AS%3DALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g&prev_fmts=0x0%2C1200x280&nras=2&correlator=2837549430466&frm=20&pv=1&ga_vid=118640274.1672896316&ga_sid=1672896317&ga_hid=49020823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44780792&oid=2&pvsid=2180965040229614&tmod=175058665&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ugh66zVJYT&p=https%3A//www.bagnet.org&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
img
sync.mathtag.com/comp/ Frame D154 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x3 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:19 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:18 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame D89A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:42:39 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BF98
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:19 GMT
expires
Thu, 05 Jan 2023 05:25:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame FE68 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=94664300020374206783189012195017&a=92b84b37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 18:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jan 2024 18:07:07 GMT
/
track.adform.net/adfscript/ Frame FE68 		727 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60271179;click=https://hal900017.redintelligence.net/c/pu6netk6kfgtwl1?tprd=
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=94664300020374206783189012195017&a=92b84b37
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
901e7f7a35cae667bf766ed0ed7f2c0283fab86f59b9847cbc9d981011a1ba29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
525
expires
-1
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 8826 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:43:35 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 7A7B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:42:39 GMT
css
fonts.googleapis.com/ Frame DFD5 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17725307468749569999/ffeadf2b251df090620933ccc12e6237.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 04:52:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:19 GMT
7c6aea6b85db7004f2b6c9327e216a8c.jpg
s0.2mdn.net/sadbundle/17725307468749569999/media/ Frame DFD5 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17725307468749569999/media/7c6aea6b85db7004f2b6c9327e216a8c.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15fdcdb4242f9b316525e4754f783411ee0419de95c4733f82d5dffe41b65a5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 10:33:28 GMT
x-content-type-options
nosniff
age
240711
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43535
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:51:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 10:33:28 GMT
165a745080cb54bd3a9b3b4c1d01ee04.jpg
s0.2mdn.net/sadbundle/17725307468749569999/media/ Frame DFD5 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17725307468749569999/media/165a745080cb54bd3a9b3b4c1d01ee04.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e996faeaab7e4fd4eec686054620bb296fd7052cec5d0acb6ab6635c87ab9464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 10:33:28 GMT
x-content-type-options
nosniff
age
240711
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37384
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:51:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 10:33:28 GMT
282ed23eda6ee6e9fcfe69c90d468e0a.jpg
s0.2mdn.net/sadbundle/17725307468749569999/media/ Frame DFD5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17725307468749569999/media/282ed23eda6ee6e9fcfe69c90d468e0a.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65bf4cec3208e7c0adcf23fe8bbf4832908125920c5d2e8baf3f786f59ae0aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17725307468749569999/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 19:44:56 GMT
x-content-type-options
nosniff
age
294023
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8818
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:51:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 19:44:56 GMT
user_uploaded_helvetica_lt_std_700_normal.ttf
s0.2mdn.net/sadbundle/17749132433704670225/fonts/ Frame 6FBC 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/fonts/user_uploaded_helvetica_lt_std_700_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3181a0a09fc64f08d5149655098b6964dd8846f7565b6cc6886a6b9e7d497597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 20:58:09 GMT
x-content-type-options
nosniff
age
289630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45340
x-xss-protection
0
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 20:58:09 GMT
css
fonts.googleapis.com/ Frame 6FBC 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 05:23:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:19 GMT
css
fonts.googleapis.com/ Frame 6FBC 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:36:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:19 GMT
css
fonts.googleapis.com/ Frame 6FBC 		2 KB
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b99780085434b8ec892dc181b9000be95d3945823451f93020ffdb743ecf588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 05:02:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:19 GMT
user_uploaded_open_sans_600_normal.ttf
s0.2mdn.net/sadbundle/17749132433704670225/fonts/ Frame 6FBC 		216 KB
216 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/fonts/user_uploaded_open_sans_600_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4c2050b25d3d296d5cf58589ca00816dc72df42262c2f629d5c6a984a161aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 11:57:58 GMT
x-content-type-options
nosniff
age
322041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
221164
x-xss-protection
0
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 11:57:58 GMT
f122ee2eed4d487b076e3bafdf688c48.jpg
s0.2mdn.net/sadbundle/17749132433704670225/media/ Frame 6FBC 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/media/f122ee2eed4d487b076e3bafdf688c48.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566a621ba86da5a68ce7df7a083396cc9040509ecf340e5a9e65213100c30228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 11:57:58 GMT
x-content-type-options
nosniff
age
322041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147685
x-xss-protection
0
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 11:57:58 GMT
457c4baba138b4ce54465d03080094b5.jpg
s0.2mdn.net/sadbundle/17749132433704670225/media/ Frame 6FBC 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/media/457c4baba138b4ce54465d03080094b5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e466a80a5d9247ab01df3600103e8cc827fdec00557e93b433c8d095dfa2ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 09:31:43 GMT
x-content-type-options
nosniff
age
244416
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104285
x-xss-protection
0
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 09:31:43 GMT
9e00525871cb7736e652d05d5206493c.svg
s0.2mdn.net/sadbundle/17749132433704670225/media/ Frame 6FBC 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17749132433704670225/media/9e00525871cb7736e652d05d5206493c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a2736d645ee3c9e999a46c25f115f41ba6a1006ea60c2a554d0c00ae0ad8e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17749132433704670225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 09:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244416
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3101
x-xss-protection
0
last-modified
Wed, 02 Sep 2020 16:45:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 09:31:43 GMT
async_usersync
ib.adnxs.com/ Frame 00CC 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:19 GMT
AN-X-Request-Uuid
1b8f6ede-c548-406d-bd72-a62b765c213b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EE6B 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:19 GMT
AN-X-Request-Uuid
8c51400c-7020-470f-b112-5f288794a2a5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
link.html
track.webgains.com/ Frame 8D49 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hjmxwhr965abxbvrtd9sx2g7m9v8aerfzwhaavj04befg03yzhendytym074msb6m236xvamfsrgz0m9cpwch9pzevx99cm762h1xq5wqq8ge70xt0n88ge338d6pr54b3qaywwanfae63ngbb0q3jn002sk4tw9jeegbk6tej88dzxhs6bztax5qjt7r1zhxdfaysr7bmtwkhcmjjba2qxpxswhvmcpvsmvpt0yan25k07ve51sxzy23ff9c4n8p00%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%252526client%25253Dca-pub-9753172864856563%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a4d1fd9900fa2a4fe1869e168eca1cfee79bf85821b3babe70996910d669675a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
last-modified
Thu, 05 Jan 2023 05:25:19 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 05 Jan 2023 05:26:19 GMT
img
sync.mathtag.com/comp/ Frame 2D70 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=3ab263b6-5f3e-4b00-b632-40c8677d4dba&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 277 3f0ad7a master zrh-pixel-x28 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=3ab263b6-5f3e-4b00-b632-40c8677d4dba&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:19 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:18 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 32A5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEJn1xR9cmPB2f6SUFi6z7U&google_cver=1&google_push=AavPq0Np7jzGwAKz5fb1w2S3LZomH9sDKm52egGuCFVUEhsFCgplKDttqS4siX8gMpSlQ0RIuQ5oYGEXw4AiWR3IDiJHCixomjU
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n0jiEs5BS4W-hQRVIjBZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n0jiEs5BS4W-hQRVIjBZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PHDR3IfmR2LPxqB3Nnv_LXu0O7MErt6aDu9rYXV0GvgfgJ5vw__t5X3sDinsgb4TJIstQiOfnJGde_sVpTVtdFc0ut4d5I
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n0jiEs5BS4W-hQRVIjBZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PHDR3IfmR2LPxqB3Nnv_LXu0O7MErt6aDu9rYXV0GvgfgJ5vw__t5X3sDinsgb4TJIstQiOfnJGde_sVpTVtdFc0ut4d5I
date
Thu, 05 Jan 2023 05:25:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_hm=Y7ZfP2gLFvBQGQHy4KRMRAAABKAAAAAB&google_nid=index&google_push=AavPq0Mq9f23Izg0Wmg8C85CJ_n5DC40Oakw0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_hm=Y7ZfP2gLFvBQGQHy4KRMRAAABKAAAAAB&google_nid=index&google_push=AavPq0Mq9f23Izg0Wmg8C85CJ_n5DC40Oakw0kewCFPLsIHVT-uvCfIdbnJM1WtP_E4K22mW6v7eivpkLTfc1neGNim_w2hjIg8
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr%2BKu%2Bz4W0pAzqKd345MBnleCXyy39I7070Qvo3PZhfnHvlRB%2FT9auQJJGTVcVAboWqnqzwsY1oq79mX5OfqCo7%2F1ryqfgHW9ErwUmFP7hram%2Ffub1pLxakBTtMmWcvPscbIOfwPX%2FsdDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsJ1PO_gNgE3VnfrYFcb9s&google_hm=Y7ZfP2gLFvBQGQHy4KRMRAAABKAAAAAB&google_nid=index&google_push=AavPq0Mq9f23Izg0Wmg8C85CJ_n5DC40Oakw0kewCFPLsIHVT-uvCfIdbnJM1WtP_E4K22mW6v7eivpkLTfc1neGNim_w2hjIg8
cache-control
no-cache
cf-ray
7849caee5c7b9b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBbc35kwQwHSgbEibWo2hxQ&google_cver=1&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBbc35kwQwHSgbEibWo2hxQ&google_cver=1&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi0MyvkNr8MMU&google_hm=F7xFsGZHNd3g5kA0TjqWRPrY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi0MyvkNr8MMU&google_hm=F7xFsGZHNd3g5kA0TjqWRPrY
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmEPV9S8BzPxN77gi1yo0Uq1MLjHWyUX7PeQi7M4cc8V0glvD0c-3CNqDCqsRv7SQXtO7ajk3Kn8-otgzPi0MyvkNr8MMU&google_hm=F7xFsGZHNd3g5kA0TjqWRPrY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHFewRShlbCyZMjm1D_ds7Q&google_cver=1&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggmGmp8Of...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHFewRShlbCyZMjm1D_ds7Q&google_cver=1&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggm...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TFZhb2dRT_yCbFUA8-EK7w&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCgg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TFZhb2dRT_yCbFUA8-EK7w&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggmGmp8Of6W57D0
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TFZhb2dRT_yCbFUA8-EK7w&google_push=AavPq0O2_MC4v_9Cj7OFB4IOfxa-ZJM19nvngY2YbFnSZ9E0Pgl-s79jOCm3qfFgDzhAlCM3-HZ4VTMK6AESCggmGmp8Of6W57D0
access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEh7Y4FIE8iiGIHLp18neds&google_cver=1&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRN...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEh7Y4FIE8iiGIHLp18neds&google_cver=1&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRN...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naVhqLmU5RTJ1R0tjWDd6R28yX0QyeW1YNFVTRnNqMH5B&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naVhqLmU5RTJ1R0tjWDd6R28yX0QyeW1YNFVTRnNqMH5B&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRNR7N54K8ddPuuyqdfssklQaqQarEQ
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naVhqLmU5RTJ1R0tjWDd6R28yX0QyeW1YNFVTRnNqMH5B&google_push=AavPq0OeDL4DprDzsmZhzx_a7K0spZ5K9z5XQTKLPSVThA5dE9zQZAn19iTfo6Z1NAZiRRTLRNR7N54K8ddPuuyqdfssklQaqQarEQ
date
Thu, 05 Jan 2023 05:25:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 32A5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NCeTcnIKag1...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NCeTcnIKag1RtDQqQg7sccfL9UvN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NCeTcnIKag1RtDQqQg7sccfL9UvN9Zt5Od0oAT13ofFgA9NklZQ1e7lwhbuzV9VgyZFXuS1EhkWKBflT71cLcj2xdL29-bwg
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c553302c-cc86-4ea3-93e5-655ae2cb6cac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2ODg2NTQwODU4MTA0Nzc4Mw%3D%3D&google_gid=CAESEEYsfLPZlSPqnqsJRgykkMw&google_cver=1&google_push=AavPq0NCeTcnIKag1RtDQqQg7sccfL9UvN9Zt5Od0oAT13ofFgA9NklZQ1e7lwhbuzV9VgyZFXuS1EhkWKBflT71cLcj2xdL29-bwg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 32A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDwyEElVAOBod7zffcc6ipUCqg8AfZdGT4f7OEbjUfF_SZNhz9YxNJUb0eX7NBd0V7Hqx7smw
Requested by
Host: 7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
URL: https://7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900021.redintelligence.net/ Frame 2ADA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/viewability?s=14577000018871800951433012195021&a=9eade4af&vb=v
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=14577000018871800951433012195021&a=3dd3643b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:19 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 77DB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EHrg1g
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pvClk.min.js
analytics.webgains.io/ Frame 8D49 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hjmxwhr965abxbvrtd9sx2g7m9v8aerfzwhaavj04befg03yzhendytym074msb6m236xvamfsrgz0m9cpwch9pzevx99cm762h1xq5wqq8ge70xt0n88ge338d6pr54b3qaywwanfae63ngbb0q3jn002sk4tw9jeegbk6tej88dzxhs6bztax5qjt7r1zhxdfaysr7bmtwkhcmjjba2qxpxswhvmcpvsmvpt0yan25k07ve51sxzy23ff9c4n8p00%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%252526client%25253Dca-pub-9753172864856563%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:40:53 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
42267
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
21KX4y7Ka1vy0fFn7GBodXln2A17L55NZD1xt6IcIO_YLvDW2KpOKQ==
link.html
track.webgains.com/ Frame 8D49 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY&c=320&d=50&e=&g=8fafbb062ed62b873677a780f1a329aa%2F8461805043055439973&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672896318967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzzw773be44y57s0vnjzn12398cx8r9r3j5r13a15ercws813y1hj0716ghzdkqcqc1dvgmqxk6twzsqfn2618pm5rdrd4s51b10hrhgf6sqcj7jy5d2dtbq3tdp672faf94k03yzcrjrsyk3vndmdwv359dmgfan64c28qszp8etqpm1aqcargg02enp75axdv0sqn5hddjv3g8ad47p4n4m4084nq5fq27pj0xmddq00zj8wb2m6k1fv2j8e1s1npznw0rjcrk73yx3n62dm76c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDhK4PV-2Y8L_HorVtwf5xZQYkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTc1MzE3Mjg2NDg1NjU2M8gBCakCBmGgCJTKsT6oAwGqBO8BT9BhYsrUSjptl5m942D1E2txdoTFjfPKc_e6-nQm7HX8opvnDw9L7j023eNMGN-GWvw_UVtiixND7lflJ-GfI4oyAP-WA3KsjwO2DzgoxpE31c9ARhc0TTj54XuTvLBob0-4C0DhAN59l7_FAVH5LlwCeIcsepwqc7a9wnsI5EA-Cy2DpXa8PYC1ZRSQ8l-T7lWm1huzcW9nQGeFudVBXRnzjTUVNjZXkX_O7CCXLdV_kjlPOlMg2kuYTmYt6-1iHa7G4pgNGHxhbIvb7Ta_0xBaKxqqzR3YzTGAepVP_MNztC9cAA5oKNJeWjRCRtGABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1m_kGLKU63bKMxGY7StMmauwG_Mg%2526client%253Dca-pub-9753172864856563%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
last-modified
Thu, 05 Jan 2023 05:25:19 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 05 Jan 2023 05:26:19 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame DFD5 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:25:00 GMT
x-content-type-options
nosniff
age
36019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:25:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame DFD5 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
402864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 13:30:55 GMT
viewability
hal900015.redintelligence.net/ Frame 163E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=77140700020302200951433012195015&a=3b26050b&vb=v
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=77140700020302200951433012195015&a=fd6fd2db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:19 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C83 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrKDOVMtwI5aa8EBKXaaufiG77w9LSbBY-e7wJGVIJDngD2jsgJu59FpeIdG6efCVbWDlLJj1e8bGHSM9GADp_aSsN9a_IyBvDzRbec4RS2MvrGad9O0nyAJ6DSPo_q3a0nVpToO3mQobK7zZeNoCiPPjjGrqAHHmByGeUDza7gfWIVb4sv4wQ3SiLVSUnH_Uq8BzQ9BtEGjJtNmMyNwNr9jAPqZdAF77QC-_uIalLEaWVp_on08v-JhlzrAbhJIZTYjkTJbjH_Aja4WI0xFlkqNnlgF1y3Dtzm6et54DGYKmmJ0z2HhD71TK2EdkxQEQ36yzatRNfrGMe-12NxXvLjEms9eSfpbijsT313qT7ChMY6TePoDaaTCvVPDXXNt4lF7sMPyFq1-AOKGsYcnYxXcPNbkcBtU_-WQHnUD50HPo9Gp64mdLW086y218TDSFoT3PRa-0ut-OHK38buHyMrm0__TDUPq_H7Fe3OYwjBsCL-vxEYVX615uUGbmQhdLQI3SEoIuCQtq3GGPZsPDy6lNnA_bQpq_O3AeOup-1pNs-3H-yVq1U-r600eWeVAGrjt-MSHkpMkQamNXxS4iyH4ulLGXOvol-OT2HWAWIH4nRLSjyGHpxbuEfNDoqBQ7JM6sBm9q6y0ImYlASEVWCECHYCt-k0mFuDmQ3FX4HnhXrEjXU3nwL_J1HrEFRs_q6XFwc62hZg4M5b5yGs4eWRbHiyJeW_lqst-UQ8VvB6HiudJZwlAfkuAKyl3ZMJKED8AhdxBj2EvjIZ6Xib-jlZq-NctTfSeGZ0xzFuc81AYsPd0tSuTXKmAGqfg0zCO8FIw-I3raumfxVlyoHOTXXvYPZb_2iuodQrhQ8DHWwS7c6JfIvZ-KN2Hqfr4EJIRQgFrV6JjTTJuCY2QA2EQTxY4Iq_TZRQRANGhFFBquSyYDOBbd88QsL2WfQrBC9C162wjHyaUZnNqaqrrwPFdp2qkUFINJ3Dw-kWyXuA-j4elrBNLpro6XKa4XrcBqpiGEIg5PD&sai=AMfl-YR2Kvb20_gVhhoR-jygzg13YMDZ9i6I5eb4siws3rh1d9jnBWHxHsfAihezfLr2GZCCYJPUY13LJWmcQMpK42M4YzZsWeeGJ_u-&sig=Cg0ArKJSzML5HP1fMLouEAE&cid=CAQSGwDq26N9Ns7VXdCCvfChov6YGKQGDCw9bTinOhgBIBM&id=lidar2&mcvt=1043&p=0,0,500,180&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896317594&rpt=876&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame FC48 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQi9vtmdBhDt_5Ptr_C6rT4Y56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXj28QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXbFJSTlZsNlZUSmFhbWQwV1ZkYWFWbDVNRE5aVkUxNlRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpnMk9ERXdNRGsyTURJM09EWXlPVFF4TWpZdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwyWlZjM1l6TmxwWVRXSkZTRUo2TWpWUU1HeHNZMVpKVms0eFZGaExjVnBSV21neFFXazBkV1pQZGtVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TnpRdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjMF5AxFMUVRDeQFEAAwARAgY3ZNQzh3THpBDQhm_AAMZW5KbwUoiFRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1BVTwi2pBd01DOHhOamN5T0RrMk16RTNMekUyTnpJNU1EZzVNVGN2TVRNdk1UQXlOalF2LzhVZmdhc05lQXh0Ujh4OTlJWEVuSUtjMkdKRSZub2RlaWQ9Mzc1MSZncm91cD16cmgmYXVjdGlvbmlkPTg2ODEwMDk2MDI3ODYyOTQxMjYmcGJzX2F1Y3Rpb25pViIAKHNoYXJka2V5PTg2Sj8A8H1yaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS4xMzkmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITODZCkQCwGhM0NDkzMTYyNTI2MDg5MjE1OTgxIgkzODI2NTA0MDYqBjEwMTkzNjoHNjYyAWPwZcADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIU4WIgFAZgFAKAFwLWP9779rKJKwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAf28QXSBw0JETEBLwjaBwYBZ3AYAOAHAOoHAggA8AfkwgGKCAIQAJUIAACAP5gIAQ..&s=9c7ee403f354c34a75e156488b2a9a902698e724&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4174394021100037863&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:19 GMT
AN-X-Request-Uuid
12fdf29c-a9cf-4e1e-9e8c-12f59376b007
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 6FBE 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQi9vtmdBhC9stK6zqOl93UY56uc0sD2391HKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAIFyP6j8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzDppfwJOJhQQB1ICFCmkLu2AViNlowBYABomp2kAXjm8QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIXaHR0cHM6Ly93d3cuYmFnbmV0Lm9yZy-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZXbFJSTlZsNlZUSmFhbWQwV1ZkYWFWbDVNRE5aVkUxNlRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpJNU1UWTBNREl3TnprM05USXdOVGt3TURJdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwyWlZjM1l6TmxwWVRXSkZTRUo2TWpWUU1HeHNZMXBHVDA1VlVWaGljbGR6VFhsYWF6bEJNVE5FV0Rndk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TnpRdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjMF5AxFMUVRDeQFEAAwARAgY3ZNQzh3THpBDQhm_AAMZW5KbwUoiFRrNUx6STJMems1T1M4ek1qSXZNVGcxTGpJeE15NHhOVFV1BVRcakF3TUM4eE5qY3lPRGsyTXpFM0x6RTJOAWTwcURnNU1UY3ZNVE12TVRBeU5qUXYvMVlDSFpCRG5wbThMX0I2R3VTbzRUTTFnN0trJm5vZGVpZD0zNzUxJmdyb3VwPXpyaCZhdWN0aW9uaWQ9MjkxNjQwMjA3OTc1MjA1OTAwMiZwYnNfYXVjdGlvbmlkPU4iACBzaGFyZGtleT1OHQDwi3ByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4xNjImc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMjkxNjQwMjA3OTc1MjA1AdDw_RoTODQ5Nzg5MzQ5ODI2NzQwODcwMSIJMzgyNjUwNDA2KgYxMDE5MzY6BzY2MjIzOTbAA6wCyAMA2APVlULgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASmkLu2AYgFAZgFAKAFg9CY7bjc77BAwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvmrAdoGFgoQAAAAAAAAAAAADQiYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAfm8QXSBw0JDS4FLwzaBwYIBQlo4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=cd71b37fa706a093433bf0ad92ef145e9e6a9cad&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4174394021100037863&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:19 GMT
AN-X-Request-Uuid
dfe794b7-4d90-4309-a9af-b8a282324fb5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 6FBC 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:53:07 GMT
x-content-type-options
nosniff
age
5532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:53:07 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 6FBC 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 23:50:25 GMT
x-content-type-options
nosniff
age
20094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 23:50:25 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 6FBC 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 16:48:08 GMT
x-content-type-options
nosniff
age
45431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12848
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 16:48:08 GMT
truncated
/ Frame 6FBC 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91749722b21758a6c9df61172e15696c676f0cc87894945d96f685a464502daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
view
googleads4.g.doubleclick.net/pcs/ Frame 9FCC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPulRmZMl3S32Y1vQzcvoT-hDQBra9s_YGKt4Zj2S_3bECE43eWLLGepry_vHyPsCluFY52rXG_2fX68sqECu8Q_eTOVt1CeUdZUcrGHqZthcIAj8g_r0vpIf3k5T3_M-eYDyz-3DuatG3vaYcS0GmfHdUS9s&sai=AMfl-YRAnc2_le-0alx2BYmUFYIh_aqgU3FwQXm_00CLcKi6RRnzifHjV6Z4A9NhCvmATuShi-LGBm2Xpg3ySHkvpLexPKOhyars1cAoKSct&sig=Cg0ArKJSzCQjNB54cNcCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1908&vt=11&dtpt=1336&dett=3&cstd=569&cisv=r20230103.68493&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:19 GMT
all
csm.eu.criteo.net/ Frame E631 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yVn4HdjTZFobtDfJE_S7DoBosuXhcgP8XiHuH2ROw0d1qJABx7wu_lUDC8J0HN2Uelkinav8xHyVk6Z5OkCw8SldLOpQlBCGKBCwJxplCJmxq7ct6ZmJ24Fx1PdNoAR-ivCoQIF-fSSsi2gCs5TJz8nwJhVHDh5WZY4m1gzd8hVdlbKZqaGVOOT_8yvWrUT0i9_hRHJdoN9zgD7VxrnG8I3C8iqLfQQQszrHmsNbr2OU1F5QuzMt2iw6cseaj_oI_p51yg&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZfPAAL12QK7eyYAA5_74jqziH2qnJyjld1Fw&u=%7C%2FkgaZAn0iG5%2FZYfDia3rzBq3MiIePn4nlDviGF8gsCM%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wFPBkonwj4SKSybimmE1uUABNjkIxhJz0MTm1ZVRm4nPgX8x9DziTwGqadWaDTHDOuBbWaCKKEMeElHTxUjh2xxlwkzUw_xvb5PET0fNOTU5U2d1RRd6tXDgTSlwqP40ccxPTD8QpzUfH6_KGA51cNrSv-jZeQBnLi_IIKNuEeOevRLuPrtJHv_o_-Gya2F3dHb5tK80YspQKelhw5n7brWnK8KwlNNvOeoabgifriTHiSVVvhJxwiWZDB4CN4LtxNX06nYHqSk6X-MGkRVoe0jQzsgiJJH__k5hyGtdeIyfTQCpXMBJhXc9FiKYzt7yQiDz-nkloFP6M2EMQ2j3MvAfdCH-DJy7LkiUWem-1pyB8vv38yqz94Gxdz7qP5dfQR8dxmJmWScDTgY_OStA0G85yl8fYIttRxKkXdxmq4tPuCay7g-1P6nJI_QS5uOrF4Uzf03lSQ6OZ2f0NA7gvQx9BQHBueIFfKxxylnHh8XfRHVdjX7yzqzrhSt5OrJ_PiEsr8zHayY4QX-8Sl9ZED-EKlgT045LsbYacUKuOot3T31QINGEdqK2VwkzKFWkrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4E9IPF-2Y-SuL5jZtwfv_7nQAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTMxNzI4NjQ4NTY1NjPIAQmpAgZhoAiUyrE-qAMBqgTrAU_Q0W4Voti-C8ha37grETPNPW8BVsbbKwlQQyBugHoWMRBTQxqt7h-D2XbELClW35HD0ocnMku8rYKhz4OTlFNI4DiGlbO6S2-t4fyGwalJdI4-inkMFJPnYopHkiO9kkPe__nolcLhQNkuYwu7gLGi-no4vhCIKu7L1QacZCQVzdKEJ9DL3ktQ6fGUbadL5NZWq0-qpTnkuADQAOnBMk0Avb0kYO6KVzyqb8NqX6N3R-ox0NPK9mkqwJpcwzLvMIL5x5OCntvAJJy7BsaHkvGrIZlq4DZGnyV1RLgFQRT29F4vbWBbSEsybdmABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3eYoIG0AiEkg5w-YFoWZBneoogkQ%26client%3Dca-pub-9753172864856563%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame FBDE 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 05:25:20 GMT
viewability
hal900017.redintelligence.net/ Frame FE68 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/viewability?s=94664300020374206783189012195017&a=0a286850&vb=m
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=94664300020374206783189012195017&a=92b84b37
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/request_content.php?s=94664300020374206783189012195017&a=92b84b37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:20 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame FE68 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60271179;click=https://hal900017.redintelligence.net/c/pu6netk6kfgtwl1?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 06 Jan 2023 08:35:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FCC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0kVtreEhwOGRTNUsL6fLZ8xeuVSunppafHJCRSTLj4tJH-gf73dwljVeMuOOYJllQf2cJYBjkp1FNrSez59Y1sMzHGyrX&sig=Cg0ArKJSzK6MtSPmUL6OEAE&id=lidar2&mcvt=1197&p=0,0,600,300&mtos=1197,1197,1197,1197,1197&tos=1197,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2973613025&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896316791&rpt=2091&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B677 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFs5IrnkgqE63zG52CLOM0D7Ftp9fj3_A69AEDKJkeEB_LXn8lZ3_vB1MFGlRaaJOuisUnCyikfgb7CCqKUuBcN_JlzJ5WArDqcdUgsRsQDDr194nxqzj_K5iTJwibRNlTj_dd5fVhBLRsx1G3frPPj0TWfiY&sai=AMfl-YS_VYu75SWvamTUUqZWfeoDGSalyYjUUzJBZZmVpXs03loTRfctQ6ft9lPv4ng7VXwaOzEuye2w-WkLGvwRFAI1ctzlbAf6yADhLPs0&sig=Cg0ArKJSzMqtVM47F1d4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2135&vt=11&dtpt=1566&dett=3&cstd=566&cisv=r20230103.67292&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:20 GMT
async_usersync
ib.adnxs.com/ Frame FD4C 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
ea07d659-a9a3-4f6d-bdb2-9e361072e65e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame FBDE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156383
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUY0OEUyMTItQ0U0MS00Qjg1LUJFODUtMDQ1NTIyMzA1OUE2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FBDE 		95 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fwww.bagnet.org%2F
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Thu, 05 Jan 2023 05:25:20 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
async_usersync
ib.adnxs.com/ Frame 4C40 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1830811&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1830811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
11174b5d-4ce6-41e7-8a6b-3c15dd14b4e2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 9FCC 		0
953 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bagnet.org%2F&e=wqT_3QK0CvBMNAUAAAMA1gAFAQi9vtmdBhDo3bqtv4bbx3kY56uc0sD2391HKjYJ_znMlxdgfz8Rc79V6zxidz8ZAAAAIFyP6j8hc79V6zxidz8p_zkJJPCaMQAAAEDhepQ_MOml_Ak4mFBA6j9IAlCX4uuxAViNlowBYABomp2kAXjy8wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjk0MDc4OSwgMCk7dWYoJ2knLCA0ODIzOTMwLCAwKTt1ZignZycsIDEyNzI4MjcyLCANKfCfcicsIDM3Mjk2MTU1OSwgMCk7kgKlBCFOMmxoZndqSWhOUVZFSmZpNjdFQkdBQWdqWmFNQVRBQU9BQkFBRWpxUDFEcHBmd0pXQUJnandab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFXZGJRalVSWkg4X3dRRm5XMEkxRVdSX1A4a0JBQUFBQUFBQThEX1pBUUFBQQEPdFBBXzRBSDZ0cVlDOVFITnpNdzltQUlBb0FJQnRRSQEiBEF2DQjwW3dBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1EY3g0QU9VTUlBRTY5X0ZCSWdFbDdiTEJKQUVBWmdFQWJvRUdnaUZCQkVBBWkUQURRUHhrCQsBASRDQ0N4b3NPd1FRAQ4AQQUgCDhrRQEKCQEYRFlCQUR4QgkNBQFQaUFXM0w2a0ZUbnJmLU5vejdqLXhCET8gQUFBd1FXYW1aBQIQNVA4a0YBFBxJSXFlc3pfUi4oAAgyUVUBGwF0wHdQLUFGX2dYd0JkRHZpQWI0QmZXLXN3R0NCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJwcVoFXixia19xQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFOQmJfVEE6KQIwSTJXakFFZ0FDZ0FNWhltTE9nbEJUVk16T2pZd056RkFsREJKAb8BAQw4RDlSAQgJAQRCWgkIAQEEQmgBBgEBDDBEOXABCAkBBEJ4CQgBARBCNEFJazVk8P04RDgu2AIA4AKbhU7qAhdodHRwczovL3d3dy5iYWduZXQub3JnL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9WVQuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwNzHaBAIIAeAEAfAEl-LrsQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0AboKdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfy8wXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB-TCAYoIAhAAlQgAAIA_mAgB&s=c83e843ff6e4cdc5671a7dce51597fb161d04585&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4174394021100037863&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20910825&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
0ce1a546-beef-4345-b374-a76cfc2625d5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame FBDE 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 05:25:20 GMT
/
track.adform.net/adfserve/ Frame FE68 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=60271179;click=https://hal900017.redintelligence.net/c/pu6netk6kfgtwl1?tprd=;js=1;adfxid=1x;8750;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.bagnet.org
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
decd66833c46dfbdd7514c141a45b0eea392e71f306c2c6ba8c5957db2937937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2072
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame FBDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=416874039351052&bg=!vb6lvvrNAAYDMoyoIzI7ACkAdvg8Wvrzl5iIavzbjEzjbpphBOfkst3usiO7Bn_dxgDwL12zt3y18wIAAAIoUgAAAAJoAQcKAHzSYl9akRYkQyuaqgaHDO0T4rolEAkM8nUToQOVtaCPUjmwXwhthW7t0N9-4xtny6KK2r_dBA1PEBJt9mOqVDpYuoA1MQcBo2J4jmvQCF4igbxMlyx2Mz4yVlXA9gnzMUW-xl4pf8-l8b7jmfUdg-KFyxWOUmzfxqRZXUFkmQKvJ62Az1CrUyLzzhctWrCksNcxYS9fDHxvk-KPz4G8f1V8jr_CHGfNUEhVQl_LUZiEA-8yFt39ylyOMCIju5JVcPziliH51Klf3PEpuX2a24AB_VlUc2a0SnWEw5iTU2obMNCmfnjPzJoUJ5H2tQPwgGldtpkRSFSHJG8SGkiEGp_ECiufP8i3mBf8-rs3xvZDB7tq_N9GvgMv_HeC2dZVvD2xlrMCLxD-O4cKJR-Z95u6RRsk19Xb2sQLwx52YPwXJOF2bNQ0KJDwUgF0gIPxVT_LfXQB6974a_tBp06n9q4MAWuxgSJYWmKXjT_zR_6ojAqeQIFaqJlUYTv8KvYXp6sewdtWazPXYe49TqJWnRTPUasp7FqUU7crUH8Nl9SXy_tS1g0MWl-9jM8UA-KG4oy2q278V2Y5BsuYXMpyDLk0yoXgcYGL6quafITJJ_NiknIlc1e_f1nxytwwZ2hPVfC1TYJsfE1Vtl4RGbALBh_xt2FZwLNhKA017Z5574YRT26-tsqOLHERYfpFJT8EmRa2MjGvBxXssmb-ayWTuWo0AEDQPqe8sr1k_NnpgHNc2Iax1MZs5hSpFtwGdkpHstRIy1OsUbprDtGfzPc8Z2SG21SOdjzwsUmMjsD45tRU0UelhYoYsExLvKjJ4MrmioCabPjNpOK-p5MuDLchIkRo3DGxDGdxRJhCdbidgd5dct8t4lrM93YhNNwtB_Hc8KXYov22vf4Pi6OIwVdPq9l8L6W66Fo8jz8Yasxg4Dx0kwx1qpxtSulmHECIU1Lr_fB6esFSQfh514DDl84YrYdK5-m5B9Ja-Y98HhDPbgUcZomKhoKcyfMDvwuaFO6gjDtx4dl2l4S2cOSLVmzLfJ265wxuaaZljWJVcIe-Sg064rWAXMI68qNDOY7_OZjr
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bagnet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame D89A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfjDAPV-2Y-epMOa7x_APlZuXwAMAAAAAOAHgBAI&bg=!sLOls_fNAAYDMoyoIzI7ACkAdvg8Wg1mz9ZPay3n8SggB7zT8FHlvVDEqgjIZmnSQALrFUjE3XhZxgIAAALQUgAAAAJoAQcKAETHIiauFQlWDi6TyR02-mg9FqCZ489Gqtj3jbaH-hY2NnMJAGcXsOfJgQLsNJBG0Wu2CEfNASKfSliOgdwFvAGvk-qMjpkC3HDQz1xT9BxOQGAUljXgM7sfHmFrLi9GvbToHuNaJp1cjsTKSn0ruzbjpp2qTuUvB5PCux5STu6Xhf92jq42HSEKsqSggfp6Yu0JszASXKRspk7cNt2zJlv0kIKus5GM5wH7l3qXh8QZq9qHrz3GOGZ8xPt62ExMpT5oxsZCwlOcCxPOEwyTi7Rw3-EYM1IFa7oD4h1Vo1zeb3tU8cEXRNZCdc50uyxGkeiOxaI4JmdafObz_6WW3XYxz56tkhOSRKxFbXjcvfBciTNtMSOsggCtBUj2UXeIxcE9JiZs4aLXlTMkbWjkDYwOtVddsf9DTKnCI-uW18pD1am_bsjkfo9Z4elKlrGedBy7Wv00mnosUE2UHzj8o-uNa7eVHWtSdZQM-iA_shys3AqItQeriUB9BvS-kN-E4Lam-agJCHWT37lBMqlcSZ8cDivqI_aa6vGGtX6J0CSlw5V7TzEo2DDliSeOneQKFwrCHPJ1pqQrNEA90F1-alXq-mUQ6IBiWztzj-MxMPkgh2tKIgZLz6WtI4REPSY5OBOxLU9dYcnOjbMwiMap0R5j7phWVLV0j7OSuMX6uIAwAY9F0tfDScoSpefJtV7JUJSrkYu_rnaf-KuUbdKq9O7Sul4jt-MTlYMxClmg7B4sRKMZJeOX0hs39WUL-ElcljmisNOJNIzb_Rvt2SFaJg_PflM2c2EocAAN4M_Fk8pcBAX0hAkpDc4ozwcaaW9mgqLTx4LDvbuTdc7vSlPFOuNVD3tQfJUbeIqUr6alxhfx3-6NtqhkLhqEjqgsqPIZsxAoVurkJ_z-jzM5E5Yu4wtVEMlPkxFZiU0Yg79mKQ__R13fq_kF0on4TDsrIlRKD4PtSEgjVIayDO8ERnaAK0_CvKV_ekrnfyVge1f2cdZ2Iy75IMAztknUVTPMFYkgC_G7JIkSZesB63De34ZlGOM7HJ8gnREOe5EHO2y4Uo2Qb4HO_A
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame FC48 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://randiul.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:20 GMT
server
nginx
truncated
/ Frame FE68 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
tracking-event
api.webgains.io/ Frame 6FBE 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://randiul.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://randiul.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:20 GMT
server
nginx
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame FE68 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 06 Jan 2023 08:29:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A7B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bkp-QPV-2Y6isMKCp9u8PtvmdmA4AAAAAOAHgBAI&bg=!8POl87fNAAYDMoyoIzI7ACkAdvg8Wm420zgURfvGwdd8pM7482lAYhAg9iaGS81TLpZ85k-yN5KegwIAAALFUgAAAANoAQcKAKxilTR8kHr3xsJZVWUYynlyw1GQ1yJ8pVxAkMZt01OrPqGxn_xcO4Ny8y6R2bL4H8ir3dLa3VHm2E5xUZ2qOMSlidZY3widfFK8MOrAIE8nqhorLkbxALufLSQPMaP4fHVeYlGgEfZUfI6L_QkM4jvxbVf6F5zAyHEUQTICejlZlH24bvmsVGz194Ut8wy80HRfOlfds_DNDhI97_Tthmuh0B3sO9s6ni2N5AENmQLaUG-_W-Aa6jtP3uqTvYgmg8ECHgF4fz_RcaD1rTzIzODPQlSxsj18SPLyEceEQKS7JLHBqvS7s54Ni_3QdOj6ZREDWH3mMKw4gbW7AZEIeJHNOlche51i1atEVd48iorbuRNiKpuKZnIaS73absL2lReDZjFOeqckt_DpJKGd4xgfjxc62zjxs4OLycguJEZJ-10ogGu-dHPDMThtabPqN71-jQo13RgI5i_bGWA8cBgj3g0Nj5ut7SZMH51bugWOXYsLb_k28UgnHVKWZEaxW1uvgjzO4n4XFVxKIw1G_3jkJH6-7ms2r84O1Tovbga6nmNxfWL1iI49JlZC3UElDAaRpvySmWF0yEPkS-C-dhNkd5VjdX3lzULPh4ZY8_6FG_TwwwAgpAfyOrwdKmrsAgXI1pU9rUKMiTLrRPI-7ZLXIN06NVPo3DNnonL8XW_DQL6SB2hz_IoPcFm9zqiONGGqIKc4UGxpRqOOknjtLXHAeLtCXgmoS5SHZaLR7_eS2SwS4tprZU8AFyFEcxtoJiTi-ww8UdKTDa6ulFRgP7ADgN17nq-WsmGEMvdie3Lrwqq7ll4rIRyxCgJ3qzwejMvD8GapIgSyrbgE6jLZhZi4CDiHajS8_bYDifgZGcZA2_EHOV6yKyrN28wma5wkl3x5EEZBY_XuNsNYW7M5CjRjrttbx2aPn03nOlYtAclvpOHIcmmgNagZvu0i7UvG2TaPvgRrLgKFd_jEBI8xNZrB-aZx0x5DZ8Y-gTMntsWk79I0oHNlXZlrSH_BFq46QosrlCSJTTYJ-uOQF5jspvNQqBAJmJogpZkfDw4Oxf4sm77P61A3EJivlTGt1Dyi3sFFT9X-VypXp4KaM9X8Le63Isql7qhJ8PUn9zYQohd4Qbn_tC0fpLfgNDNtCHe7ULgXTU5w9OTrtRQZgf1Z6o_RS6m50IyL7pU68CRe53uGEyeHXGrS8mcd4w
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9006 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117774
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Fri, 06 Jan 2023 14:08:14 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AE8C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B232 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
usync.html
eus.rubiconproject.com/ Frame F511 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1198 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E27D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A19 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117774
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Fri, 06 Jan 2023 14:08:14 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2E0B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
track.adform.net/csimpr/ Frame FE68 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60271179&csi=EhS3hzFMWv2cM8adfGy-cvd4kBCCoxCGaj3myqSg1BQJDwKV3Zer3M9jcjHBDOgOgqrzNUug_AhaEPzbWU91496vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900017.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900017.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
usync.js
eus.rubiconproject.com/ Frame F511 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ca9f1d0fe1b360ce35dd9be14b0d215ecc090e68e39bce56f1b539c92a949a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 09:59:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16393
Connection
keep-alive
Content-Length
10066
Expires
Thu, 05 Jan 2023 09:58:33 GMT
usync.js
eus.rubiconproject.com/ Frame 2E0B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ca9f1d0fe1b360ce35dd9be14b0d215ecc090e68e39bce56f1b539c92a949a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 09:59:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16393
Connection
keep-alive
Content-Length
10066
Expires
Thu, 05 Jan 2023 09:58:33 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2A19 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14020239&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e173e10c62c50fe57ca84001c0961e0b45a1571b47e7d0e7858c5a77c1cbec72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
12153847.js
s1.adform.net/Banners/Elements/Files/160090/12153847/ Frame 0A7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/12153847.js?ADFassetID=12153847&bv=516
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b9e5241b9925d45ba31c5b9f81ce7acbe955cd5526a17ce0cbff3a0e128d53d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000049bc7420bfea574-0063b63d7f-329354d9-default
etag
W/"c06d46021f71359793aa42cd5beadfbf"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
async_usersync
ib.adnxs.com/ Frame 1198 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
6f1c45dc-c091-4e74-b8a9-ab7d9c49089b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
beacon
ap.lijit.com/ Frame A5AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
usync.html
eus.rubiconproject.com/ Frame 7066 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D03 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117774
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Fri, 06 Jan 2023 14:08:14 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 62EB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame AE8C 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
bd3a80ce-7fef-488c-aacf-11623bc7d54f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 39CF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F3E3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 05:25:20 GMT
ETag
"623de86a-cf34"
Expires
Fri, 06 Jan 2023 05:25:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 9A65 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D46 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://randiul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=117774
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Fri, 06 Jan 2023 14:08:14 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7066 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ca9f1d0fe1b360ce35dd9be14b0d215ecc090e68e39bce56f1b539c92a949a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 09:59:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16393
Connection
keep-alive
Content-Length
10066
Expires
Thu, 05 Jan 2023 09:58:33 GMT
screen.css
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		1 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
67d1874cacf6a8534def8d0da2b237d676b62e77083de21fb5e0e711f873bf65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000684b79dac52dbbe1-0063b63d7f-32941e2b-default
etag
W/"e3e20214d1deeb3e05619061332180ce"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 0A7D 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000a37373505363f9f8-0063766185-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		106 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
109e4e879253c944865a6cbdf3181d2a0f3184fa7870e562e73b611eabcf81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx000000e3907aa4b68c706-0063b63d7f-32940419-default
etag
"6f277f8fe986cbb7f87d049fa4c5252a"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
106
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18fafee2883a755b6107e094c19800432b5f57d90c97f756b77db2d399b6b4d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000b46bef2062938726-0063b63d7f-329373d4-default
etag
"0d4a4ae9e06fb5050b29b76c92c9d6fe"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14326
text0.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bc3df74a1ba682d2fa7e8459e53b15becb1712b50e374472ecae8c8ee6e632cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx000001707926188188df4-0063b63d7f-329354d9-default
etag
"a3c43d517cb07211ab17067955e194f1"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3452
text1.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6ea4a8b3f1dffd22aab794a4dbefb8803548df99084ec6e298c585a0654e5599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000ef81970a8bc3d057-0063b63d7f-329354d9-default
etag
"a37688332e113b438d6c557b5430d6b8"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14240
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5926362d4800025f585c4ee92938d9f6acdef83a022793d00dcaf38fc65fe9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000b1acc646c56a68f6-0063b63d7f-3293aae9-default
etag
"ad3d1360ed0a16c8d8357e8e3ff82a1a"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4813
date.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e4f9b2db9a58a6b30810cd4a9af4f17b7612bc7f002d789f638db5433e19561d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx000003beedf598f581d24-0063b63d7f-32940f80-default
etag
"b3417889b14c1207e42a04dccffefcd2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1506
cta.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
66aa539ccc048cc898586ec7c259a3039dd4f609c96a949e4ea70d1482fbe73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000142a79b6908fe896-0063b63d7f-3293aae9-default
etag
"c5935c1e863166f98d9bb8b7d4e677c1"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1457
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cfc4b77950c9e872c5b3503a10d94eb100e4874c8a4a74ced83ef03ab9b649d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000aa62608c97da8a12-0063b63d7f-3293aae9-default
etag
"3538c1fb382f9e27fc70c4805bcdda5f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4787
logo.png
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
90c6379b5837f2b2d6d202a912590d3b220ca08d1ea4bea9e5b6c20cc5adecd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx000000575fafcf38a4b62-0063b63d7f-32940419-default
etag
"ed0ead19bcd112aebbe9e14bb76ec5cd"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11677
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be6c50e98141f1b7a53f839de695b6de3095f998786146c5abc48669c3909da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx0000060889320cac5d427-0063b63d7f-329354d9-default
etag
"cab749c82639447e268b9269d3ff5ae5"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30809
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e28666b265647cf421a1bed0b01be1b1a431652ad56ac16dbc78781f94705409

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx000005f95953cac9cc346-0063b63d7f-329373d4-default
etag
"63bdbf205ab6e7ea773bd1d959094bdc"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21578
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 0A7D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
93904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQmwJfEDaN31Tqjg6LBJg0tm9hk95tTVw1vkx9VIT5sT2%2F%2FKM9G1hCK1jxl6ZOI2vEzGjRdp9heBZ8wzBzjBkyIUJHvDqZhBNMo7KBuM4s4%2FgqD5MPmUOE%2BlZPAyoCvewPVwrfn3M89QUasvlppJx9FY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849caf56f3f2c1a-FRA
expires
Tue, 26 Dec 2023 05:25:20 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 0A7D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
93904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPqt4wMu9x8vGCq6qLlkrIl639Q%2B9QGFU9FeTvzt%2FQg0sdtf%2BgEHE5JW3PEwB%2F60Edzb83AgPv2tZPGkSH1V2IlqrdrK%2BbXPr8FcZdtNz5LbSYUnVeKhfRyKwQWzVuQ8Key1iLlUtytFgOw1X241wgiY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849caf56f402c1a-FRA
expires
Tue, 26 Dec 2023 05:25:20 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 0A7D 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
93903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13IqOiG%2FqOycVJeH6zY1Hq1rGEJjur2A0Mhy6ledkEP84%2FmuakWkvzwQMeilR6LRo3755nd7o1xGP2Vtn8%2FNZ4uaeZTWUFNgYfeY2kP2RvBWxi5dl%2BG0pA8fGjaFjTQ9ENDUovJavku%2BS03j6YMX3au3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7849caf56f422c1a-FRA
expires
Tue, 26 Dec 2023 05:25:20 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/ Frame 0A7D 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12153847/bvpath_516/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
29c0b632940ab2ec2fe534e1d05e8f407bf2215a929d79fe770c3f478e947960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:54:58 GMT
server
nginx
x-amz-request-id
tx00000d286c9a5d429a46b-0063b63d7f-32940f80-default
etag
W/"fd9c328d8c0a8aaad52187e81346f23c"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
usync.js
eus.rubiconproject.com/ Frame 39CF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ca9f1d0fe1b360ce35dd9be14b0d215ecc090e68e39bce56f1b539c92a949a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 09:59:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16393
Connection
keep-alive
Content-Length
10066
Expires
Thu, 05 Jan 2023 09:58:33 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9F4A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&gdpr=0&gdpr_consent=
42 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Thu, 05 Jan 2023 05:25:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x10 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 5DE4 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Thu, 05 Jan 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
587489
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame D1D0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6436834816092358789
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6436834816092358789
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6436834816092358789
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2234
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
G0GP93WESNQX1HJX33BX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4YFBYHBBS9T50NYYFD6K
Pug
simage2.pubmatic.com/AdServer/ Frame DFA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5168865408581047783&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5168865408581047783&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
d879c4ac-6bbd-40e5-ada7-967a1359f8b6
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:20 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5168865408581047783&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame DA12
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD
42 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5B19
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185034975419824280&gdpr=0&gdpr_consent=
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185034975419824280&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185034975419824280&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 888E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRW6SukGTWtfNlDgKeQlq7nVm6Y
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRW6SukGTWtfNlDgKeQlq7nVm6Y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRW6SukGTWtfNlDgKeQlq7nVm6Y
Pug
image2.pubmatic.com/AdServer/ Frame DC7C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcEhVN0hiTDhBQUNEREh6Wk15dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEpHU7HbL8AACDDHzZMyw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEpHU7HbL8AACDDHzZMyw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEpHU7HbL8AACDDHzZMyw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6507216594507974050&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEpHU7HbL8AACDDHzZMyw&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEpHU7HbL8AACDDHzZMyw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 05:25:21 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEpHU7HbL8AACDDHzZMyw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B19D 		0
0
i.match
s.tribalfusion.com/z/ Frame B221
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7849caf6cad6927d-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7849caf589ab927d-FRA
content-type
text/html
date
Thu, 05 Jan 2023 05:25:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
256
Pug
simage2.pubmatic.com/AdServer/ Frame 3534
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 05 Jan 2023 05:25:20 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
generic
match.adsrvr.org/track/cmf/ Frame 0760
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6102371328
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6102371328
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 05 Jan 2023 05:25:20 GMT
etag
RXff6417313b9745eb98b8009aa3a1a9bd003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6102371328
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 0385 		43 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:20 GMT
Vary
Accept-Encoding
X-adserver-worker
docker9-27ff58ef02fa@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 08D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:21 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame F1C5 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:20 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-8
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/ Frame A9F8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhnRjRnYQhXRajnMb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.55.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-55-60.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:21 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.30.38

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhnRjRnYQhXRajnMb
cm
ipac.ctnsnet.com/int/ Frame 6F9C 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n0jiEs5BS4W-hQRVIjBZpg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117774
accept-ranges
bytes
content-length
5554
expires
Fri, 06 Jan 2023 14:08:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2A19 		95 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=9F48E212-CE41-4B85-BE85-0455223059A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7849caf57a6b2bc0-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 2A19 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.55.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-55-60.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.126
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 2A19
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=859368618
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F48E212-CE41-4B85-BE85-0455223059A6
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F48E212-CE41-4B85-BE85-0455223059A6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
via
1.1 google
last-modified
Thu, 05 Jan 2023 05:25:21 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9F48E212-CE41-4B85-BE85-0455223059A6
date
Thu, 05 Jan 2023 05:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 2A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENONRKfXj-jUXUM2VSyqpkQ&google_cver=1
42 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENONRKfXj-jUXUM2VSyqpkQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENONRKfXj-jUXUM2VSyqpkQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2A19 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 04 Jan 2023 05:25:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A19
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6098998013489543487
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6098998013489543487
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6098998013489543487
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2A19 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
odr.mookie1.com/t/v2/ Frame 2A19
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14daca2-c1a1-4f5f-9665-517d5d65258f&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14daca2-c1a1-4f5f-9665-517d5d65258f&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:21 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14daca2-c1a1-4f5f-9665-517d5d65258f&ssp=pubmatic&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
9F48E212-CE41-4B85-BE85-0455223059A6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2A19 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9F48E212-CE41-4B85-BE85-0455223059A6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:9a06:e26f:40d0:e9d8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 2A19
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9F48E212-CE41-4B85-BE85-0455223059A6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3fbsIglE2uUHQKBGILCeMi9hC48ebnU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3fbsIglE2uUHQKBGILCeMi9hC48ebnU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3fbsIglE2uUHQKBGILCeMi9hC48ebnU-~A&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2A19 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2A19 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A19
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3942149369651619473&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3942149369651619473&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3942149369651619473&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2A19
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3237c3fc-d7b0-40d9-80f4-ace50fd98e6d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3237c3fc-d7b0-40d9-80f4-ace50fd98e6d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3237c3fc-d7b0-40d9-80f4-ace50fd98e6d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 05 Jan 2023 05:25:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 2A19
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5168865408581047783
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5168865408581047783
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 05:25:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
42a97279-f8e5-4942-8871-7050c0a8fbbf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5168865408581047783
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.trustarc.com/ Frame 9FCC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=1975396276&js=pmw1&base=te-clr1-5d412a21-92ed-4fa5-9f2d-21961ba7b100
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x600&c=1975396276&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
119081fa994c7f2c4873aaab777e7e9ae265517a45d6bf7141750e7f219b7a61
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2313
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
CcUT-gaqzsu9Txh_bmwh_lu7dgAeOC4njiPFkfUGTOJcVrg0tzkiNw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 9FCC 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=1975396276&js=pmw2
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x600&c=1975396276&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
g0Xd-cPJLNQHBbU4cUdNu9v3sRNtG58Zqqs4_9D7b-Ym36eJK9h0iA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 9FCC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=f60b
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
9f8fzVGeNLpe_xIs6oLx-_dJKHDE1rflFC_rS5x3Gn__xonYLs-7rw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 9FCC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28229300&js=st_1&sz=300x600&c=te-9f77
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28229300&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
9445c0d3eeaec29e6930389535f3bb8f54fc257c5595069ea04ce82a0481e341
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2225
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
PZ5gySKgVpY_WAWhBlF0fdOS4JoYRhLa_1ZnyG5NCoRhAtUKc-wpeg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 9FCC 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28229300&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28229300&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 15:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
51449
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
1FbgwqdIq-pVO_CBy5krgS4UU62CqUmbR9m5Edu5q-eINtgfFJ4akw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 9FCC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=28229300&w=300&h=600&c=ae45
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
dWOtU2qmilgUkakk_rITTT7hU0GD_jpx7uyu_l-GBmSoTKalfqB5Xw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F511
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CbUMzJYTRIW5yHtR45OGfw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CbUMzJYTRIW5yHtR45OGfw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CbUMzJYTRIW5yHtR45OGfw
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1WSRZKEE6CVS7ESADAAF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CbUMzJYTRIW5yHtR45OGfw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F511
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kCmRgkGGlms8EICKq5kXZw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xFckx7VE2oLVnRXsfhQHE5DDmJ6jpBd5oFd2oQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xFckx7VE2oLVnRXsfhQHE5DDmJ6jpBd5oFd2oQ--~A
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xFckx7VE2oLVnRXsfhQHE5DDmJ6jpBd5oFd2oQ--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame F511 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F511
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlWQzItQy1DQ1VH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F511
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H8aFdLXLS1egV1S6dKxyjw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H8aFdLXLS1egV1S6dKxyjw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H8aFdLXLS1egV1S6dKxyjw
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2DC45SRXDXF9CNZ4T7TB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=H8aFdLXLS1egV1S6dKxyjw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F511
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkMmQ4ZWM1OTdkNWM3OWE3NmQ5ZmI1NTA3NTY2ZDU0MDM5NjBmMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkMmQ4ZWM1OTdkNWM3OWE3NmQ5ZmI1NTA3NTY2ZDU0MDM5NjBmMA
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkMmQ4ZWM1OTdkNWM3OWE3NmQ5ZmI1NTA3NTY2ZDU0MDM5NjBmMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPDj5du94qTFWWAwnpDnbnQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPDj5du94qTFWWAwnpDnbnQ&google_cver=1
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPDj5du94qTFWWAwnpDnbnQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame F511
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCIN9VC2-C-CCUG
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCIN9VC2-C-CCUG
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 191EF282365741EB866F0FE71E9CB4EC Ref B: FRAEDGE2009 Ref C: 2023-01-05T05:25:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxfYb11ywLTEGar6KxCw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCIN9VC2-C-CCUG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 62EB 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
c65bc0cc-d012-47ab-8130-7ce3a9fcb285
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F3E3 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:20 GMT
AN-X-Request-Uuid
fcbf15dc-f3dd-47cb-b33c-8af5b54f0a1e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.trustarc.com/ Frame B677 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=480201510&js=pmw1&base=te-clr1-184f8ccc-9288-4f46-ae1f-40f3246bc685
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x600&c=480201510&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
3b4551b7b587bf494f176022026cbca1fd579c3069256f0dd6d65f5815ec7f9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2309
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
-WX3BAXg2hw8IUtUXbT9fI4pYLVqQ5w76koVrHS3MUsk2dZeXIuVCA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame B677 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=480201510&js=pmw2
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x600&c=480201510&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
DinLpkFcsVEJefzoP6b3tgm8nStDOJ6LVIPxC0Gxmrq7aHAQpTvfAg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame B677 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=175f
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
nO8EEArSCRSvu6IolOTFm3iOK3cbiuwuWgKz6eH1ZW6FMihgWETVGg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame B677 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=24035856&js=st_1&sz=300x600&c=te-681f
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24035856&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
0315ca2c1459c87e687f4d16b25174f8894f7ec7689419c3159362c5a8df288c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2226
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
OUfeQ4eoWAgU6O7FfKqCwRZnsa3Bgl7vBpNOhvY4EjkiNq66RO27Ig==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame B677 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=24035856&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24035856&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 10:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
69203
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
M_bvs1IJCUsovNDhbGeoBLD0hOzcRTjQa5cV8C35Oi2kOEiOUd6Ytw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame B677 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=24035856&w=300&h=600&c=a1eb
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
0ouinRbogCi4N9uPsTtusHQCe49EK6BZOWWknz0usz7rLAHOEx3rFw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
choices.trustarc.com/ Frame 9FCC 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
ZiQeA5Ywyjdr9MCt7ZOjOfxogKcXW66e_AxM8yqjqactIIDxr7BI6w==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame B677 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=480201510&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
zE4QjdDdwVLCm1gn5z6UXCZhCttAT7l_rf_YU9-xY9IYVyjhaoUtyw==
expires
Tue, 24 Jan 2023 18:05:30 GMT
tracking-event
api.webgains.io/ Frame 8D49 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Jan 2023 05:25:21 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 05 Jan 2023 05:25:21 GMT
server
nginx
get
choices.trustarc.com/ Frame 04DD 		287 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=1975396276&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
gl7C3IWY6g_RfbH4j_eOri1oHVpv6Rho4sEtB0MAbtVs710cTtKJJg==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 04DD 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
WLwNiH5ThKSUMvkUkhFBTxKTaJw8WZ2rkCh1OKawOwVolvDnfXmGHw==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 3696 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=480201510&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
U05z8AKauNu1FFe-cOYNvzUNeNvD-nho8PLMTD3GXhcDFy1ViJPbCw==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 3696 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=600&c=480201510&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
eUfvWYwgS2GbJZvcJutAVS7vSlHFCLb0qSPn3w3tru2s1zWXAcIE3A==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 18F1 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=24035856&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
wxwYH7JlLuOSpOMKQJxayW08xZlbZvE_eXcQik8XfLxtLfl9ltCHGA==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 18F1 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=24035856&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
Sv0SdsuhVYu7aSZb1XWrxigZ5U1vM83JpXTcV6j9eL-JmJew5NEvQg==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 8554 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28229300&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
MT3n-IwfmJBv1YRlilBM5IJJYOseM2HpcJ_YJjuQ6v0XbOf0g3qiWg==
expires
Tue, 24 Jan 2023 18:05:30 GMT
get
choices.trustarc.com/ Frame 8554 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28229300&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-27.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sun, 25 Dec 2022 18:05:30 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
904791
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
VenBVLkqRhfN1L9HaTftR_ecQRMM4ColdGY9EOWkeMokZ53j29szjA==
expires
Tue, 24 Jan 2023 18:05:30 GMT
async_usersync
ib.adnxs.com/ Frame 1198 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:21 GMT
AN-X-Request-Uuid
7d3e7486-f3b6-4c4e-a771-b07c8b595489
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AE8C 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:21 GMT
AN-X-Request-Uuid
f0b7c94b-7ef2-49be-aa97-917c29005bea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 62EB 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:21 GMT
AN-X-Request-Uuid
b11e1df3-016a-46dd-ad4e-04fd2ee30acd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F3E3 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:21 GMT
AN-X-Request-Uuid
c86e21dd-a0c0-451d-95a6-1f65eebaa14b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2A19 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 9006 		955 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17897445&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
41fec9c5d728bf4ce133328bc44a757226cd64665201d12df6d940f67438d02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Jan 2023 05:25:23 GMT
content-length
955
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 4755
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cbqqygsx9vb
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cbqqygsx9vb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 05 Jan 2023 05:25:24 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cbqqygsx9vb
lws
20
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6199
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9789A9C0C12343089E8C3BAF30248BC2&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9789A9C0C12343089E8C3BAF30248BC2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 05 Jan 2023 05:25:23 GMT
expires
Wed, 04 Jan 2023 05:25:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9789A9C0C12343089E8C3BAF30248BC2&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
p
a.audrte.com/ Frame 9006
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9F48E212-CE41-4B85-BE85-0455223059A6
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:24 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 05 Jan 2023 05:25:23 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 9006
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9F48E212-CE41-4B85-BE85-0455223059A6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9F48E212-CE41-4B85-BE85-0455223059A6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9F48E212-CE41-4B85-BE85-0455223059A6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:26 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:26 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=9F48E212-CE41-4B85-BE85-0455223059A6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 9006
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F48E212-CE41-4B85-BE85-0455223059A6&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F48E212-CE41-4B85-BE85-0455223059A6&addseg=19,36,42
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 05 Jan 2023 05:25:23 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9F48E212-CE41-4B85-BE85-0455223059A6&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 9006
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1D03 		374 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48008557&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d15156e26dae5da9e2ad937da70e490257eebd9028ec2afe61f338a0ad810fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Jan 2023 05:25:22 GMT
content-length
374
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame EC39 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:23 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame 1D03
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ab263b6-5f3e-4b00-b632-40c8677d4dba
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ab263b6-5f3e-4b00-b632-40c8677d4dba
Requested by
Host: www.bagnet.org
URL: https://www.bagnet.org/
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 05:25:23 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3ab263b6-5f3e-4b00-b632-40c8677d4dba
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:22 GMT
/
track.adform.net/serving/unload/ Frame FE68 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6098998013489543487@@60271179,3375110406633065374,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|cCiYBPFYnIvxBx_RTJEBJ-FalyySwO8JqtJncX5-KIn35sJplQW2PPL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900017.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900017.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame 9006 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontentvisibilityautostatechange object| googletag function| gtag object| dataLayer object| adsbygoogle object| siCss function| siClickCount function| LoadInformer object| d string| iS object| iD string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r undefined| $ function| jQuery function| J function| for_mobile function| styler_active string| GoogleAnalyticsObject function| ga number| w_page_m object| jQuery111308221857734707074 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint boolean| adpnInit object| adpnExecutions object| aliveChecks boolean| adpnLoaded function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| aliveCheck function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| criteo_syncframe_state

102 Cookies

Domain/Path Name / Value
www.bagnet.org/ Name: PHPSESSID
Value: k00vgooiq4onegvi56p5ovkfuh
www.bagnet.org/ Name: iua
Value: 1
www.bagnet.org/ Name: b
Value: b
.i.ua/ Name: __cf_bm
Value: e8a.oSpOAF75_4hBz0ZCYVi_uDXgJoaJtlu6NCZG70c-1672896316-0-AQwtPweGdZfCcT1Ev5W6FM/kcslhi+LeqzYnn3iUdRJb0vOYplO5pW6shn/Qs7MZgfXqUOyD0YMjR9ai+0xKvIk=
.bagnet.org/ Name: _ga_39RKBNW0ZG
Value: GS1.1.1672896316.1.0.1672896316.0.0.0
.bagnet.org/ Name: _ga
Value: GA1.2.118640274.1672896316
.bagnet.org/ Name: _gid
Value: GA1.2.921727472.1672896317
.bagnet.org/ Name: _gat
Value: 1
.adnxs.com/ Name: uuid2
Value: 5168865408581047783
.rubiconproject.com/ Name: khaos
Value: LCIN9VC2-C-CCUG
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoRVm7vfiutfD5APvdogVCbaTd6KyMQnaub55ZO9yeic0h+BmXt+RqjGz1lUlkzXipVzFLAp6+JagrbIwfHC7qXsqlSNZOaaDQ=
.bagnet.org/ Name: __gpi
Value: UID=00000b9d5aea6a76:T=1672896316:RT=1672896316:S=ALNI_MbkXtUxH9c4GahuHW0GO4xpAeBd3g
.doubleclick.net/ Name: IDE
Value: AHWqTUnh-aGFSVsCuRHzw8wjv7e_asA_wlNSqpgJMK30girpVqy_9Xz05YdpGiAYUQg
.adnxs.com/ Name: icu
Value: ChgIm99vEAoYAyADKAMwvb7ZnQY4A0ADSAMQvb7ZnQYYAg..
.mathtag.com/ Name: uuid
Value: 3ab263b6-5f3e-4b00-b632-40c8677d4dba
.bagnet.org/ Name: __gads
Value: ID=6e79d19b3a1c4766-22520f9d06db00f8:T=1672896316:S=ALNI_MZV_yThuOfCgZaeQO-yk6i_FPbyFA
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 1840d6b65789a912
.quantserve.com/ Name: mc
Value: 63b65f3e-16cac-47340-979de
.bidswitch.net/ Name: tuuid
Value: a14daca2-c1a1-4f5f-9665-517d5d65258f
.bidswitch.net/ Name: c
Value: 1672896318
.bidswitch.net/ Name: tuuid_lu
Value: 1672896318
.adform.net/ Name: C
Value: 1
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.awin1.com/ Name: awpv11601
Value: 113440|1672896318|57637e50-8cb9-11ed-a520-22653408fd8a
.adform.net/ Name: uid
Value: 6098998013489543487
pb.media01.eu/ Name: ASP.NET_SessionId
Value: vhgarnnnia3buxyhgsjdr5kh
pb.media01.eu/ Name: DTU
Value: 20D47AF91F3FB0142A787439D9539D7D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjG1MDayNDUxNBDiM9R1Ck9MLjHQNfAPdPQCABxKPGIlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5kYWlmbGhhYmoGAPBN4YMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjG1MDayNDUxNBDiM9R1Ck9MLjHQNfAPdPQCABxKPGIlAAAA
.mathtag.com/ Name: mt_mop
Value: 4:1672896319
.adfarm1.adition.com/ Name: UserID1
Value: 7185034975419824280
.ctnsnet.com/ Name: gid_CAESEJcHmaBFWR1NQ9lRQyglTQE
Value: 1
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1672896318818,"clickCookie":false}}
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ff641731-3b97-45eb-98b8-009aa3a1a9bd-003%22%7D
.de17a.com/ Name: guid
Value: 1.6436834816092358789
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.lijit.com/ Name: ljt_reader
Value: F7xFsGZHNd3g5kA0TjqWRPrY
.360yield.com/ Name: tuuid
Value: 4c56616f-6751-4ffc-826c-5500f3e10aef
.360yield.com/ Name: tuuid_lu
Value: 1672896319
.yahoo.com/ Name: A3
Value: d=AQABBD9ftmMCEKh_6bJJV4nsa8UJX4aywc0FEgEBAQGwt2PAYwAAAAAA_eMAAA&S=AQAAApCoAWC4rPNyMLRxzo2t5QM
.casalemedia.com/ Name: CMID
Value: Y7ZfP2gLFvBQGQHy4KRMRAAA
.casalemedia.com/ Name: CMPS
Value: 1184
.casalemedia.com/ Name: CMPRO
Value: 1184
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9F48E212-CE41-4B85-BE85-0455223059A6
.casalemedia.com/ Name: CMTS
Value: 5254
.adform.net/ Name: TPC
Value: 1672896320308
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~298t:18z8~298t"
.quantserve.com/ Name: d
Value: EIIBDgH9J4EO-TA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD&KRTB&19420-nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD&KRTB&22979-nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD&KRTB&23403-nosjiJ3ectuFiXfdydtsip-LdY6FgXaHzN0xRjKD
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&KRTB&16736-uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&KRTB&23019-uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba&KRTB&23114-uid:3ab263b6-5f3e-4b00-b632-40c8677d4dba
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7185034975419824280&KRTB&23278-7185034975419824280&KRTB&23369-7185034975419824280
.ctnsnet.com/ Name: cid
Value: d351bda118854aeaa7c15bd457fabd6c
.adsby.bidtheatre.com/ Name: __kuid
Value: 3237c3fc-d7b0-40d9-80f4-ace50fd98e6d.442110320
.simpli.fi/ Name: suid
Value: 9789A9C0C12343089E8C3BAF30248BC2
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6436834816092358789
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5168865408581047783&KRTB&23339-5168865408581047783
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ff641731-3b97-45eb-98b8-009aa3a1a9bd-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6098998013489543487&KRTB&23263-6098998013489543487
.zeotap.com/ Name: zc
Value: e620e80f-d094-4c01-5abe-fcee423d9ed8
.weborama.fr/ Name: AFFICHE_W
Value: hWhAzQqEnHWF17
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENONRKfXj-jUXUM2VSyqpkQ&KRTB&16514-CAESENONRKfXj-jUXUM2VSyqpkQ&KRTB&23025-CAESENONRKfXj-jUXUM2VSyqpkQ&KRTB&23386-CAESENONRKfXj-jUXUM2VSyqpkQ
ads.playground.xyz/ Name: connect.sid
Value: s%3AsTAQMXUMGC_HXa1AHuM5MtaFnreVM5rV.eK6a8rBtiDjf1xsZiIeahnhQ62nuoXGzR6VV1C2JLJQ
.csync.loopme.me/ Name: viewer_token
Value: dc0f81c6-380a-4f35-b57f-58ef2bd22dcb
.turn.com/ Name: uid
Value: 3942149369651619473
.onaudience.com/ Name: cookie
Value: be9c9e3db290cef1
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3942149369651619473&KRTB&23150-3942149369651619473
.bidr.io/ Name: bito
Value: AAEpHU7HbL8AACDDHzZMyw
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&58ea0679-4bd3-4770-863c-58a32af621ac"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzI4OTYzMjE7MjswMjFFsgnZMefZYqDGiMAgg9bXenp5QmB7cLzxU9Wx9oMj4Q==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2861:u=1:x=1:i=1672896321:t=1672982721:v=2:sig=AQGnrSgioRU4vTdeAmIyFkunc3RR5QN_"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tribalfusion.com/ Name: ANON_ID
Value: asnsIHxZduB7RApTrruUjRvUX7NpvPZaMO7BPSfhUGXjrEndTnnrPBHIHbVIoQTfEMbZc8nps2HMgH6rZcKTJZcgZcQbtv
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4d15ba4a-e906-4d6b-5f36-50e029e425ab.i0GnipgfazE7UJ3bfDXUFKgwSUqSxkYirwXupF1U0B0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATRW6SukGTWtfNlDgKeQlq7nVm6Y.xEU3RklMWWM4oT6Z4wpfWkuHzvrybnoSexT5uEnuzx0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-TRW6SukGTWtfNlDgKeQlq7nVm6Y&KRTB&23334-TRW6SukGTWtfNlDgKeQlq7nVm6Y&KRTB&23417-TRW6SukGTWtfNlDgKeQlq7nVm6Y&KRTB&23426-TRW6SukGTWtfNlDgKeQlq7nVm6Y
.amazon-adsystem.com/ Name: ad-id
Value: A7_MfLqHyUIIhKHgrASSecM
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: db69816fd5fbb80e
.smartadserver.com/ Name: pid
Value: 6507216594507974050
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAEpHU7HbL8AACDDHzZMyw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEpHU7HbL8AACDDHzZMyw
.pubmatic.com/ Name: SyncRTB3
Value: 1678060800%3A69%7C1674172800%3A35%7C1675468800%3A203%7C1674086400%3A204_55_243_251_13_54_233_81_220_21_166_56_214_3_7_254_22_71_165_8_88_238_234_161_176_99%7C1673740800%3A63%7C1673481600%3A223_15_2
.fiftyt.com/ Name: fifid
Value: 517e88f7-394a-4da6-753f-edbe6087138e
.fiftyt.com/ Name: cs
Value: MTY3Mjg5NjMyM3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fKtfvnEl25Tt9isMDo0GqzxiVx9ahuR8_KFbNdIO_SpX
.semasio.net/ Name: SEUNCY
Value: 775127DB75211030
.fiftyt.com/ Name: fppm
Value: 20230105052523
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: DPSync3
Value: 1674086400%3A241_226_221_227_245_235_219_197_201%7C1672963200%3A174
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1672917923786
.pubmatic.com/ Name: SPugT
Value: 1672896323
.onaudience.com/ Name: done_redirects147
Value: 1
.audrte.com/ Name: arcki2
Value: 48mZ0EGEwlnTuKGSHiBJD-RdA!20220908!1672896323942!ip#185.213.155.166
.audrte.com/ Name: arcki2_pubmatic
Value: 9F48E212-CE41-4B85-BE85-0455223059A6!20220908!1672896323947
.gammaplatform.com/ Name: _aGeoIp
Value: BR|Araras
.gammaplatform.com/ Name: _aUID
Value: 1cbqqygsx9vb
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1cbqqygsx9vb&KRTB&23446-1cbqqygsx9vb
.pubmatic.com/ Name: PugT
Value: 1672896324

9 Console Messages

Source Level URL
Text
network error URL: https://newportal.com.ua/traffic/100382.html
Message:
Failed to load resource: the server responded with a status of 400 (Bad request)
network error URL: https://newportal.com.ua/traffic/100378.html
Message:
Failed to load resource: the server responded with a status of 400 (Bad request)
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9F48E212-CE41-4B85-BE85-0455223059A6&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be9c9e3db290cef1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhnRjRnYQhXRajnMb
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9753172864856563&fa=3&ifi=7&uci=a!7&btvi=4&xpc=bGA6iNHk1V&p=https%3A//www.bagnet.org
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9753172864856563&fa=4&ifi=8&uci=a!8&btvi=5&xpc=fbf4KDOU3p&p=https%3A//www.bagnet.org
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
7c003b3e7a4bd9ef8e84d86c43985d7d.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
ams3-ib.adnxs.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
aud.pubmatic.com
beacon.sojern.com
bh.contextweb.com
bidder.criteo.com
c.bigmir.net
c1.adform.net
cat.fr.eu.criteo.com
cdn.adnxs.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal900015.redintelligence.net
hal900017.redintelligence.net
hal900021.redintelligence.net
hb.adpone.com
hbopenbid.pubmatic.com
i.bigmir.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
medialead.de
mwzeom.zeotap.com
newportal.com.ua
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
prod-rtb.ad4mat.net
pubmatic-match.dotomi.com
pv.medialead.de
px.ads.linkedin.com
r.i.ua
randiul.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure.adnxs.com
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
sinoptik.ua
sinst.fwdcdn.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
www.awin1.com
www.bagnet.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
sync-tm.everesttech.net
104.109.78.125
104.18.3.81
107.178.244.119
136.243.146.78
138.201.135.164
141.94.170.64
141.95.171.139
142.250.185.230
142.250.186.166
144.76.176.42
144.76.238.55
145.239.193.130
15.235.15.221
151.101.193.108
159.65.197.210
159.69.70.9
162.55.101.208
162.55.236.224
172.217.18.2
172.217.19.98
172.64.154.237
178.250.0.160
178.250.2.151
18.130.53.249
18.156.0.31
18.66.15.71
185.184.8.90
185.29.132.241
185.29.134.245
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.229
185.64.190.79
185.83.142.19
185.86.138.32
185.86.139.57
185.89.210.141
185.89.210.82
193.0.160.128
193.239.68.97
193.239.71.100
195.5.165.20
198.148.27.140
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
209.54.182.161
212.42.76.150
213.155.156.185
213.19.147.44
216.52.2.19
23.203.124.180
23.35.236.201
2600:1901:0:76b9::
2600:9000:206e:e400:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6816:1857
2606:4700:20::681a:71b
2606:4700:20::681a:a19
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9c
2a00:1450:400d:803::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80e::2002
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638::2
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:9a06:e26f:40d0:e9d8
2a0b:4d07:102::1
3.11.171.0
34.102.253.54
34.111.129.221
34.111.131.239
34.98.67.61
35.157.17.37
35.186.193.173
35.186.253.211
35.201.96.126
35.204.74.118
35.214.223.115
35.71.131.137
37.157.2.234
37.157.6.236
37.157.6.247
44.194.228.115
46.4.10.49
5.161.47.120
51.89.9.253
52.17.55.60
52.220.229.2
52.30.188.40
52.57.221.29
52.73.105.161
54.76.176.197
65.9.66.34
65.9.66.42
67.220.224.144
69.173.144.138
69.173.144.139
72.251.245.181
77.243.60.138
85.114.159.93
88.198.250.30
92.123.37.164
94.23.99.218
96.16.147.165
98.98.134.242
99.86.4.27
99.86.4.52
00ce7879747c78d08727e6ccfeed8b69929f14e09e15a5d66df3d0cd31b159c7
00e4e9955a8460105fc5a7d38c2254810c0ede777ae41a7c749b76e7d9022031
027482634bb49ba2e1d84ef9ba6386e6db80cda270a7d298d226d2e891eee6cd
0315ca2c1459c87e687f4d16b25174f8894f7ec7689419c3159362c5a8df288c
0486266cc98fa7c6a2188a3552166fa61a485c0ca9e208ae66fd64def5c3e482
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ab229153daf6f57acb79804e746c7b203ae218907287fe0e05b786b2fc723b
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0a740a9da41fe2a9792f29a67d483f317e2e553783a950d381008216810f0aef
0abb61dc1769aee9b1775c935f16c177331ac25dc10fe85db614206a995c291b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
0fa316afb5a89cf3988525391941e30431ee05a34db372edc0253f21fd6a38b9
0fa511bab0f63441352b1ff4005a13c15929555e42587b76b636318de4c6aaa1
109e4e879253c944865a6cbdf3181d2a0f3184fa7870e562e73b611eabcf81a1
112a3fdba1826e68a56b328aefb4e49903ae8898d5cede468dd35ba5fd29e029
119081fa994c7f2c4873aaab777e7e9ae265517a45d6bf7141750e7f219b7a61
126ccd72e4b0a0d451b1e50d79524541cd7cf28de3c58cc9f4e96dc617574f70
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
141f2276657cc519a747e9d94754353a54a0964fdadd682ccd109da49b60ed15
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
14eec6feddb11747aaeb1bf12aa61fd4d539cb74a3a84ce104facf014717d7bb
15fdcdb4242f9b316525e4754f783411ee0419de95c4733f82d5dffe41b65a5f
1683731e0ccea927000dda72832fd685be860cf6e71cfd13dd8edfdc64d358b5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186fc6540fd2a8cec963428536070341c6513768cae47b50dd8582dc6eb03edb
18fafee2883a755b6107e094c19800432b5f57d90c97f756b77db2d399b6b4d7
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1bb546bcb0c9cb689fde73c67308b16401a42a68f2036ba7ecb028c8740ba0ea
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40
1f773304f6a0b415af6b4e8532bf6cd0371e967b32649c5cf4b1351bcec34700
20dd157fd3857eba81a0750459d5814dc333c81654b98b441cff4d30427ad57f
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
21d88522caa8a1b3d10f746188fac3ea28bf8d504bebd9a12f7652a931b0b31b
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
240dea5d80e30be0f75d281ede00260a111d34907169a974fd4c21cc2054e377
247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab
254a0d8418a36ef1c1297ed8c71d00520769b73ea45bdd9f257caf414b783dbe
25d3c90aff0a34081d1c94ec3bdb9d0fcfcdc83eb5c9ce668ad6dba13c4853ef
26eb69258b469aa77ab9cae33c35167b2272853faad9d91dc878122eb67c809d
27b48d21ad53b1d45e58225d561f710045543f355e89b209c08c43260d4100b0
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2947fc4f115f8715cdf223f6094df070268f39932bd426b81625b30318c70684
29c0b632940ab2ec2fe534e1d05e8f407bf2215a929d79fe770c3f478e947960
29fd6ff2f97ef81688e9f6b380dbc1dc173169f7ea6b0e4ae6c525cf7ef8e275
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bef6cf142f0ce02550e3d4851382fb00e1d24ec35df91e52a1fd6e42d83e196
2bf3a097a18d9596beb2f885fa3344d3dae4e3fa26b4411dcd3f32e70cc36995
2d411564bd40d53e105c51b97cdf1bb5da08c174bc5057c652cc4f37d2f0cf2e
2d8e22cf682187b130f9a53a9f43a137e48e8e6ffbc6cbd5a4053aca7ec55385
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea06483f95caa1df5bc9654290c3ac75bcbfa9f53cb7421efc8e1826b3e90fb
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f38a0ed3206d87e07bdce897f9345a89668d40a5770aca379097801c40cb45f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6d0f2c87102fc9d353d82e4cde5785771a981a1139fdffb12821d9cc99f520
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3181a0a09fc64f08d5149655098b6964dd8846f7565b6cc6886a6b9e7d497597
31907f79c2bc9dcfa521e9f05fddf7f709358d053fb1edcab82781fb1c49dbd6
31b68ddff7e5d4917d915728e3ba69f51f20b1205680d5d4e5914889bf82e691
31ea6e25e82afe4fc795fcd8184cf2605bd3b0724ce681d9d92e79f909c6ad4a
33d3261bb122769bc1abe4be6be6eea5424bb56d5d803d50931ee469173caf86
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3945b761bff27ffe0d1dd499089323dcafa84d01ca98028bd18b8c4b89e7a07e
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
3b31d80d86e23a262ec7f36b13d7a71581cad83148ee6f16bb5198f1e9230c49
3b4551b7b587bf494f176022026cbca1fd579c3069256f0dd6d65f5815ec7f9b
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5f5e45c26edb9908af49d747e18e9616546308c740683eea1efef21dae42f6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407b45edce252fe70f26499418321e6288e415d3400fbf93ca95d594122ca0c6
40db2796d60a7fa5c9ef4c0105361015ca8495486e92a9e857bc0b48b2919303
41fec9c5d728bf4ce133328bc44a757226cd64665201d12df6d940f67438d02e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
46347354fecce3bea3029d589b10bbdac37d90a09c75e52c4e2de4832271ae77
4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cdc8280342dd2f156c4e99f7e6ecd678bbd742c1e9cc2d29497e0f42b4085e
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b99780085434b8ec892dc181b9000be95d3945823451f93020ffdb743ecf588
4ca9f1d0fe1b360ce35dd9be14b0d215ecc090e68e39bce56f1b539c92a949a1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d515484e180cab3a6d005d9a12e5ac32aad7b3a44e6a3d6b60bf6c6f66be80b
4de7631c18ef549f0cec5c4a2f6bd84edea54bdac35a0916d6f0d54528c72443
4df2e689080a301c1eddb6d336d93044030aef526e9650c9f8c3c0a3758027b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5a8b01c56fe8df0414b002d4d0760cece48ec1ab3c27050de25033948a5cff
4f857b2cffdc9c3bce892d6a74b31ba66f0ffcd334b8a9f7138298f88ba34c36
4fc7b9d12a03c86c86d706ca243089f6c4c8d93e6382550767095254b76ca645
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7
51faa11b30f9dc82f6bc641ccc8145c0f9e3d11077277df136a37ccd86f6793f
5209b5210f9bee0f34bf2bac07abb463ea20756d4a6c37121eb1a9a2bf61d438
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566a621ba86da5a68ce7df7a083396cc9040509ecf340e5a9e65213100c30228
58e7427adb0dd912ebeb016f7b2bfbbdaa0697bd9d331ea9f3e104bdb8625d68
5926362d4800025f585c4ee92938d9f6acdef83a022793d00dcaf38fc65fe9fe
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5b6ae43415f2fe5475c36857b2081059f3ef3967d9c3f0ac9b442dcab36add89
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ede1d9607eaa58e42e7cbaad8dd3ebd2ea55be7d086d846e11f8f3535a4a8c4
5f908d086c97950c42ad70f26e33ac9395a6d1c9f1b40ef71afd48184e014d86
603705277cd638b9b9dd0b05e0852b2d3268b90f4b024931ccd989b2d2d9199d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e81a9eee3bc60535be504466538cc2d842f234d6d394cc77baf2f60db12f0f
63ae53f18d2d141b7a62d2bfc880c5e1e2e65c387bd9f27dcc6c9b06be59dddf
65bf4cec3208e7c0adcf23fe8bbf4832908125920c5d2e8baf3f786f59ae0aa4
667792603613217371e596c33eb33796142b25497f7e690037a472a824352d87
66aa539ccc048cc898586ec7c259a3039dd4f609c96a949e4ea70d1482fbe73f
67153397f59fdb0fde160204c09fff522600ceffd4755f0b5d95291ab5d90734
67d1874cacf6a8534def8d0da2b237d676b62e77083de21fb5e0e711f873bf65
68285c4613c71671bdf44ebf48eada0a036ce78b3b7cd36acf3333f840e20c7d
6ae1ee984c5a7c3c794f9e496325b0140b5efdcd00cf4cc6ebd3fb150b1b3c60
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd99996fdd0c897b2a2f893a54ecbe294a8ef9a614a623e69da1c5b227b4f60
6cc18bb48d5e19c476262f1de93ceda4e08334cc5c703b68f4cee2b6de5dae25
6ea4a8b3f1dffd22aab794a4dbefb8803548df99084ec6e298c585a0654e5599
713ae97d31bf86d790d5f9e88f200a98d8eedf619fd65ff1657f043b615357e5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726a5740dd11ed453b46c2e4a05a0cccaf30ba0e91cd934ec85e7687f84bbc49
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73f976d9f886607e7bdacea0e1282a738495719c35be43d468cc694e5b977089
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d
75ef6b47e6d0dcdc4fedcdcedc13266ef1212285251818f41da3a5d056465b1d
77a33a746c8e12bf45e11ddab901031bd5dbfbc29e3ba7d5ff377780928fdc67
7a13b5ee28d04ea04ed765326aeb4484662639ca9588b4605506883de4cc2be9
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7ceae2b40b4344daf7b77689773e6fb053afdebb0587daf007415cf316db7616
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
816d884ab37398c30e9fc614a96a8a4ec2a538d46b7b87cbbb52edacbc918ee2
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82a8010356f27fae7f3fb59d7cab3b49973591533206f149fa5f4e1fd83d9361
82c977ab5220ef4fda8f71424453f077699086b52fce93443a37559642bdace3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848f886c75b60e23d66079b1b26a2841600639035a1b8411a3704d918c44fa54
84e413b7b1e5deb8289aad0364618577f20f3f7e47dbbf972a40c98b83aa2d64
858a15bbfd20f452293e0ba16b8cf0aa1be0b285374e0fd9b4989ada9df46277
85b4ebe6754b9cef31547f1372c97ab87e1381213e9a82f54ad06382c8b5547a
863d5aaf2f72d62bdfae3724f7b12f0b52961c3990618beaad0e143f07c7bb26
8643fe850dfc6fe7ba23a8f5ab19123fa452d2a956fbe3f50dc1ccdaed692c77
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78
87b4a9f64b39fe8873a8e740128aa89629ee99e94a29efc0b7cca5afa4b6c5f4
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8c2359c3c50d73f32c6bb02bee0f09a2d43fbe8b40b01ef41c937d0a57e2728e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da1a14dedcb10fba0dd0ce4a5a3fce749ffc72da0dcd65cf592a7b628d4af61
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
901e7f7a35cae667bf766ed0ed7f2c0283fab86f59b9847cbc9d981011a1ba29
909b05a91fd8b53e7773163efcb408c6d45c6cf987eaba31bb2a65f44f1f7cee
90c6379b5837f2b2d6d202a912590d3b220ca08d1ea4bea9e5b6c20cc5adecd2
91749722b21758a6c9df61172e15696c676f0cc87894945d96f685a464502daa
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93e1b198d5563d0599bf8593ccbdb5c264acdc2ce64e8761084b279dbd7c7236
9445c0d3eeaec29e6930389535f3bb8f54fc257c5595069ea04ce82a0481e341
954af88b6974f052d93f327e6971133d97dcf9d60ed2c61ba7e203c87a840642
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bb99b6350e26c46a0b7d80bde1af2417c2350364c7df790390a8f5213ffe63
98fb57ec2e2edb11384c4bfa6a558a3f3618f3492a084ff03aede0855f1f1e5b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2736d645ee3c9e999a46c25f115f41ba6a1006ea60c2a554d0c00ae0ad8e80
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e466a80a5d9247ab01df3600103e8cc827fdec00557e93b433c8d095dfa2ae1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1083e748187fc77ca8ab61b1db9f8ff11f180f753080e748e63c0bae0875420
a1617c24549476103dddf9b1eab7698dae57f60c5fc76dfe612b6556080bfcf0
a257c5e9b522f9641dbc3c312f620026c8b09005d384b414b54e7ee23a6d1691
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d1fd9900fa2a4fe1869e168eca1cfee79bf85821b3babe70996910d669675a
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a6b695b3b2c5b7f37074cc4b3fc5668a48c3980503409fb013910974faacdc42
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a76a9d29fceb54af17450f211520c19ac0d5a3b4c3965ad7a54c29aaf492cdc0
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a89e1c0f30181e0ff3c36879cf5452023e25d1c11d25bf7ad8a6e19aadc04a66
abbe00947e46f8ae1dfe1e9f18767a0d131bd20b04155eeb7efa86ebe11efea1
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
ac74d930d8cd4848fa0f59b80ec09f6c98f515f1a0bec1a5fccef5e0e8502ba7
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0aa183fd7ea4e99287a573281bcfe35d9804292c63e15a47a911eda79d90a89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4339a9ef4271f5f0458500a2e6e47cb59cf894c0c135a1b70dd37f26f92c64e
b4c2050b25d3d296d5cf58589ca00816dc72df42262c2f629d5c6a984a161aa4
b54c3a05e4e63711adadc053d8ebc30bec80afebfa06cda86b49ac8078a20c75
b56fd6fba6303d72dda87e55ce9bb70fdf0376de22e9d981e8d6fcc7f65f5c7b
b835775c795ffca5f57ff62267c6c04c3bb728d817bee7ffae3f331e08c36d1b
b93ac3237cb72bd60a3050d4ac5ad2fcd423bd130dc17e6d85e5b5bbdae1a94b
b9e5241b9925d45ba31c5b9f81ce7acbe955cd5526a17ce0cbff3a0e128d53d3
bb251dfa865d100230c384bf20c40b2e60586ad86cfe0f6570302d1a6575d931
bc3df74a1ba682d2fa7e8459e53b15becb1712b50e374472ecae8c8ee6e632cf
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd236a5f0e28247ae28c60401d77aa57036f1d307707c61a980caf38ebd025ad
bda1e9549ac9451382354b56c2feb3ac8135fc0d50a1bd9703001ad6fecb9542
bdb734191c9aa80c88735c5d50ce563dce2e9f35173cd745cb34f1d22db41a57
be6c50e98141f1b7a53f839de695b6de3095f998786146c5abc48669c3909da0
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c0db115d9306bad55b9b3278fbd06141d3972b9b431cdbe88483b0a659c427a6
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c379cf7f471f8ab201f611db861dc63bebb6460345f830e02fdb348d102b79c4
c5e583cd798951eeee7018e4307bad8321815f034ba57949d8a45080ad380bef
c64f571ec2636776914e8d263b3f7400d17d9636b3019ee67d2d106e798fe1d0
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
c8b011b96319befc2ecdaee47e42ffdc1f8c4201a7d975a16beb305f5ec7bddd
c8d88167be7d9332553f9d5d4ef7ded0ed20a98f38d95bac2df57cc598c01abe
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
c9d36dd5470636affe19f339cb6d39d598fbe413e668be0370ef65fd62247154
ca0ca2d24b6f03289e8e39871726e296611dfcbc8f695d890b7412ddea6c8bf4
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc437c497430ad8639c9f66ac61c4eaccc3a5761bb0aa503607f5021d571a4ad
cc66480bf82ca8cc310db9fa7d3b3ab038bd2167521dbe5fe5cc95f51e7881c7
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
cd98986a2850eb065245b66b4830b87f5f785bf6872f81d14c46a60bb038f346
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
ce21697b06d721f300398e6a005654c614a0b06445f1a9624eb525c024757735
ce7958cc8521ba1c277b449460ea5f61e86b074c8d1a0c207631704f819247b3
cecf5c59ff7c288bf90cc6221756bd9612464308557b92ca54f27d1cd108f3cd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5f9d5f4d69d37f2688711998ce2ced84e6521a6e821417af27681284fc7da8
cfc4b77950c9e872c5b3503a10d94eb100e4874c8a4a74ced83ef03ab9b649d0
d15156e26dae5da9e2ad937da70e490257eebd9028ec2afe61f338a0ad810fc8
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1d285fe57d0920caf73be8b4d864cc93e93267119892dfcba0deebaf9fbd7b3
d2f06f250585942ab5e29dde7c7e25c17e0eadc0ac3e4a75a7bf8b1d7f9eb535
d63232e463ab3b516874725dce30575863c129c6f096b15e53b7fe124ee043b8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da836acec254a091788a1c05d94c4dd8b90ef08ad8f131dbba15674a53eafda9
db09805c043ee65740a855ff215ce419bbe277a94a66f3dfc4152a8c86f2f4a1
db380feb6facc98045feec88e20269c3d4cbf70100f86731c17518e8ac182eb3
dc1ef5427d2deb244b01a3420995b5b67e15bff1a58c4ee6c06fdd4f1eaedbee
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dd4fb09f6b657159b016614cc74e56d469306c2c396f535e522c83e6fd6e21c2
dd61aa731ed8b44bc78d1106a3277e6bd2e92545cf5cf64ad302b4670611161d
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de16ec00def665e0b075cd109c67e903e97e82c749119bd4b699d1dfdd02753b
de899f0c51b9181418fa6fc4b96085ed14dad6e413a424eb198d7a77015f48cc
decd66833c46dfbdd7514c141a45b0eea392e71f306c2c6ba8c5957db2937937
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e0536d69385e932647da2e698eb343f1fae1f41237cca261837eba456e3167bf
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e173e10c62c50fe57ca84001c0961e0b45a1571b47e7d0e7858c5a77c1cbec72
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e274f0824fe483792c1f8a67364a6cc3a226949faf77285017171a47ba05a9a3
e28666b265647cf421a1bed0b01be1b1a431652ad56ac16dbc78781f94705409
e35c96006c90e9827a14f712471830c17bf58ba452824f2581765779a78883e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4f9b2db9a58a6b30810cd4a9af4f17b7612bc7f002d789f638db5433e19561d
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e996faeaab7e4fd4eec686054620bb296fd7052cec5d0acb6ab6635c87ab9464
ea2f7622e42f43506e0fa75ddcc965e7ef498352d55c5ed2165a5c688a6a79da
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ec8112c5ce618b3f228c72ba6de94275ccd00d5d5eef8cb077fd69bbff565fef
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
ed22296f660839868aa63097e362111f018cfdb2737c73a393a82f043ffbd1ef
ed37c522753ff475093f338fb232f0ff5939c29d611ba911fd5162ce39356f11
ede3235b18c63a7dc1bea7d2f9a48479c0d49eb2931c28df824d0738a833ac7c
eec01eb5bdae73de3848d6be901149d7053f9321e6e3b55708212bb52e745310
eee819387e5a74efb54ea69ef79f019e0bcfae13e219f16d8d840dca637aa818
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8aa6f9caf4629cf848f4160f7bb1776a6418fad2eeef26bdbec04cb231d245
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f03d16fc8ad48c08f585fe8eaa6977d8d028ac91771245a6f57cbfb640ff069f
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f3fa7287fa37d83dd0ae75ecfe1502ebada256a0e7b22b62c24fbaabd02e7010
f43d5de01eefa15a078ae995ade4817b8852ec819efd5c195af4d5b499400711
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6c622c02a1fa5df52c36756ad6b7648d26f17a8db17911138793a129b8748ad
f6e7e1768b1cd00eb9acf4352d487933cc16c2709edadc339cdc8327b6fe6f75
f8150ce88de1986165238bd473b070c2e408a592ade2faf426661dc9c5b1e2da
fa653e49649e967505f54d10b24c136e5833219a6848cf42bb95ad5706721f59
fb87ef201df5276112b6c3767e15b01bca03c7efd48e20305b69f3f9366c0859
fb92a1b97b6e35f7d0987eb448dbd61afa81fb1a804719370a890166a0ce6e28
fcfd869a9acc58a85ed2de548a86c3095b03b582805a5c1c4c78f78a9b67e3de
fd742a1bd2f54724269df33533fe2b32e85c51299d1125bd49ebcd0b0ffca843