urlscan.io logo urlscan.io
SecurityTrails logo

rdir.de Open in urlscan Pro
45.146.16.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rdir.de/r.html?uid=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13Ki...
Effective URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f...
Submission: On March 17 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 29 HTTP transactions. The main IP is 45.146.16.40, located in Germany and belongs to NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE. The main domain is rdir.de. The Cisco Umbrella rank of the primary domain is 587781.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 9th 2022. Valid for: a year.
This is the only time rdir.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 45.146.16.40 12337 (NORIS-NET...)
1 2 142.250.185.230 15169 (GOOGLE)
29 2
Apex Domain
Subdomains		 Transfer
29 rdir.de
rdir.de — Cisco Umbrella Rank: 587781
2 MB
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 181
906 B
29 2
Domain Requested by
29 rdir.de 1 redirects rdir.de
2 ad.doubleclick.net 1 redirects rdir.de
29 2

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.instagram.com
www.facebook.com
www.globus.ch
Subject Issuer Validity Valid
rdir.de
Sectigo RSA Domain Validation Secure Server CA		 2022-02-09 -
2023-03-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Frame ID: BB8695F99C0D8BBE22AA9BF884360FBC
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rdir.de/r.html?uid=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyU... HTTP 302
    https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID... Page URL

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1539 kB
Transfer

1530 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rdir.de/r.html?uid=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw HTTP 302
    https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/B22562687.244321388;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/B22562687.244321388;dc_pre=CIqj89bXzPYCFXSF_Qcdgl4Czw;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request form.action
rdir.de/
Redirect Chain
  • https://rdir.de/r.html?uid=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw
  • https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtK...
92 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
a356995e455763b8c9e3b02436359568fad617556d389ae24afa279de5571ddc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Mar 2022 08:04:28 GMT
server
Apache
cache-control
private
access-control-allow-origin
*
content-type
text/html;charset=utf-8

Redirect headers

date
Thu, 17 Mar 2022 08:04:28 GMT
server
Apache
cache-control
private
location
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
content-length
0
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
65827.png
rdir.de/image/nc/1/1008/826836/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/65827.png
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
cb261ebcd9866b98bde3d501be683d91cea703f633ad6b015fdb0c0ea396e7da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/png
140439.jpg
rdir.de/image/nc/1/1008/826836/ 		247 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140439.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
0ee5f71b99842a5e8b6ba7b60af40a80432fc6bf6e89b445e5019258bb499cf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140440.jpg
rdir.de/image/nc/1/1008/826836/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140440.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
8622e47bc1674eb7d0a9e22c2a21bf7dd35c7595aa0e2bddd1743a8fc5b36632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140441.jpg
rdir.de/image/nc/1/1008/826836/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140441.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
f50bb9c099a6ee5b1a77c046fa6cd842776f694de455cbca30eddd3aa8e4f0a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140442.jpg
rdir.de/image/nc/1/1008/826836/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140442.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
8a344c3922ea8bf2ed43ad9a4334b12bc251d18792cfcd15f9b3bcb683ce06f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140443.jpg
rdir.de/image/nc/1/1008/826836/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140443.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
73adf6e7b6742ddab363de6b1efb3ee1e6d2ae54c2bb696f451c8dd4f968a06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140444.jpg
rdir.de/image/nc/1/1008/826836/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140444.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
8f8e03bc471193b01a12063d05fbd0e6f67df9802fdfc735d0d4e826b03faa6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140445.jpg
rdir.de/image/nc/1/1008/826836/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140445.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
f264e872b7d57f282f40d9b97837f73ad0bee14e69c3c9d9e45e58483740d9b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140446.jpg
rdir.de/image/nc/1/1008/826836/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140446.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
f17d58f7bd3b91985bf4f42110c0b4912e344d5e3aef5e2cf030346f0f7e1450

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140447.jpg
rdir.de/image/nc/1/1008/826836/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140447.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
aa89fe6ab656b3321fc188462684b7ca83ec0a4131c41fdd94637a19d0a14b91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140463.jpg
rdir.de/image/nc/1/1008/826836/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140463.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
fc40aa722386480ce3dc7db48b54364e6e44f8120dbd599abea3bf5f417df46d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
140464.jpg
rdir.de/image/nc/1/1008/826836/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/140464.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
b6f9115185d86a3d078ef681aec4791f2067956e03242a6337c6df426a07ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
113884.jpg
rdir.de/image/nc/1/1008/826836/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/113884.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
f0382ee222c06b8db4d7ea196edf9327a5fa268a978ad8afd3deeaddbe900e55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101427.jpg
rdir.de/image/nc/1/1008/826836/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101427.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
12510908044cf596b9ddbdc8abcded403ffa474c0f91122d23acd06f65e56951

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101428.jpg
rdir.de/image/nc/1/1008/826836/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101428.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
76461018242afea9e66583ef518bb09a6863fffc16d8079a9faacaea0e5bc909

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101429.jpg
rdir.de/image/nc/1/1008/826836/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101429.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
e7156a7c925969d2911aaa8e3931de3fb51f2ecb0c28140757d3c9b9578b1cec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101430.jpg
rdir.de/image/nc/1/1008/826836/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101430.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
0fb8eee82a396ffc7d7347403251814a9ff9b4f581da874c61fea51f6a672368

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101432.jpg
rdir.de/image/nc/1/1008/826836/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101432.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
6faafb3b7242a3c24a50cab5074bab1d6bf188e7cbdc957faae8f676382ee315

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101431.jpg
rdir.de/image/nc/1/1008/826836/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101431.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
95125346f6da1c50b032d82c8e30e8b2e6f04485830e4533728cc7b308848e25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101433.jpg
rdir.de/image/nc/1/1008/826836/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101433.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
272d0724384242344d6b1037145c2b7a7bea7f493f92184c37b2a0eb026ebc64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
101439.jpg
rdir.de/image/nc/1/1008/826836/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/image/nc/1/1008/826836/101439.jpg
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
c672703ba8ce86e98986fb9c4c3b27554e932fa601759582957eee61b8fc6b14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/jpeg
120128.png
rdir.de/mediapool_element/nc/1/1008/826836/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/mediapool_element/nc/1/1008/826836/120128.png
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
9b721e9421d35d0b8a1758ad94bc790768a69ce030b6d48672d27f303fded38d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/png
120127.png
rdir.de/mediapool_element/nc/1/1008/826836/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/mediapool_element/nc/1/1008/826836/120127.png
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
48f318dbe4a6d4050193bedf476480979d96d8552b8509e16f1657d620296fd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/png
120125.png
rdir.de/mediapool_element/nc/1/1008/826836/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/mediapool_element/nc/1/1008/826836/120125.png
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
b5c1de0d12187aca02922496e4a20c1e2c16220bee0e697653cdf7dd0982895c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/png
120129.png
rdir.de/mediapool_element/nc/1/1008/826836/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/mediapool_element/nc/1/1008/826836/120129.png
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
f370e3428e2badec7a193b09e97985269249bb585020e8b4dbdec75bf5b5cccf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/png
120126.png
rdir.de/mediapool_element/nc/1/1008/826836/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/mediapool_element/nc/1/1008/826836/120126.png
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
e300f8978d2f7d3a15e600a22b793d29ca87bdd3806a780794efc48cab8f93a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-type
image/png
B22562687.244321388;dc_pre=CIqj89bXzPYCFXSF_Qcdgl4Czw;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/B22562687.244321388;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/B22562687.244321388;dc_pre=CIqj89bXzPYCFXSF_Qcdgl4Czw;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_chi...
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/B22562687.244321388;dc_pre=CIqj89bXzPYCFXSF_Qcdgl4Czw;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 08:04:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 08:04:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N208001.226576DBM/B22562687.244321388;dc_pre=CIqj89bXzPYCFXSF_Qcdgl4Czw;dc_trk_aid=441173448;dc_trk_cid=98138802;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.html
rdir.de/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdir.de/g.html?uid=D.B.DJ3U.JHQF.A.A.EyfM_vdjDLm5RgpsVteKLM4j0erZcQ-zRtQ8fHUVFfrBA7bO1-tzdLn5HOVNcSEpIl8-fv34f7bq_yfRexeuNA
Requested by
Host: rdir.de
URL: https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.146.16.40 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
news.agnitas.de
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdir.de/form.action?agnCTOKEN=Rb6jBUW3oELP4evDknN5OTAX2uIw7fJM&agnFN=fullview&agnUID=D.B.DJ3U.JHQF.CCR-f.A.Or-KIWiVWFYkI5oUrjXP1szpjaD4ZI-zTL_nciHBGyUGbni9uDz9uiQDjT-13KiKHw4O6QYD-lcI2LaNtKOuJw&guid=&utm_campaign=20220317_prom_onlynow_start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Mar 2022 08:04:31 GMT
cache-control
private
server
Apache
content-length
43
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
rdir.de
142.250.185.230
45.146.16.40
0ee5f71b99842a5e8b6ba7b60af40a80432fc6bf6e89b445e5019258bb499cf2
0fb8eee82a396ffc7d7347403251814a9ff9b4f581da874c61fea51f6a672368
12510908044cf596b9ddbdc8abcded403ffa474c0f91122d23acd06f65e56951
272d0724384242344d6b1037145c2b7a7bea7f493f92184c37b2a0eb026ebc64
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
48f318dbe4a6d4050193bedf476480979d96d8552b8509e16f1657d620296fd1
6faafb3b7242a3c24a50cab5074bab1d6bf188e7cbdc957faae8f676382ee315
73adf6e7b6742ddab363de6b1efb3ee1e6d2ae54c2bb696f451c8dd4f968a06b
76461018242afea9e66583ef518bb09a6863fffc16d8079a9faacaea0e5bc909
8622e47bc1674eb7d0a9e22c2a21bf7dd35c7595aa0e2bddd1743a8fc5b36632
8a344c3922ea8bf2ed43ad9a4334b12bc251d18792cfcd15f9b3bcb683ce06f0
8f8e03bc471193b01a12063d05fbd0e6f67df9802fdfc735d0d4e826b03faa6a
95125346f6da1c50b032d82c8e30e8b2e6f04485830e4533728cc7b308848e25
9b721e9421d35d0b8a1758ad94bc790768a69ce030b6d48672d27f303fded38d
a356995e455763b8c9e3b02436359568fad617556d389ae24afa279de5571ddc
aa89fe6ab656b3321fc188462684b7ca83ec0a4131c41fdd94637a19d0a14b91
b5c1de0d12187aca02922496e4a20c1e2c16220bee0e697653cdf7dd0982895c
b6f9115185d86a3d078ef681aec4791f2067956e03242a6337c6df426a07ed8f
c672703ba8ce86e98986fb9c4c3b27554e932fa601759582957eee61b8fc6b14
cb261ebcd9866b98bde3d501be683d91cea703f633ad6b015fdb0c0ea396e7da
e300f8978d2f7d3a15e600a22b793d29ca87bdd3806a780794efc48cab8f93a9
e7156a7c925969d2911aaa8e3931de3fb51f2ecb0c28140757d3c9b9578b1cec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0382ee222c06b8db4d7ea196edf9327a5fa268a978ad8afd3deeaddbe900e55
f17d58f7bd3b91985bf4f42110c0b4912e344d5e3aef5e2cf030346f0f7e1450
f264e872b7d57f282f40d9b97837f73ad0bee14e69c3c9d9e45e58483740d9b5
f370e3428e2badec7a193b09e97985269249bb585020e8b4dbdec75bf5b5cccf
f50bb9c099a6ee5b1a77c046fa6cd842776f694de455cbca30eddd3aa8e4f0a4
fc40aa722386480ce3dc7db48b54364e6e44f8120dbd599abea3bf5f417df46d