ba.n1info.com Open in urlscan Pro
2606:4700::6812:abc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ba.n1info.com/
Effective URL:
https://ba.n1info.com/
Submission: On October 23 via api (October 23rd 2021, 9:12:00 am UTC) from QA — Scanned from DE

Summary HTTP 274 Redirects Links 90 Behaviour Indicators

Summary

This website contacted 67 IPs in 14 countries across 41 domains to perform 274 HTTP transactions. The main IP is 2606:4700::6812:abc, located in United States and belongs to CLOUDFLARENET, US. The main domain is ba.n1info.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 8th 2021. Valid for: a year.

This is the only time ba.n1info.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 78	2606:4700::68... 2606:4700::6812:abc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:ce39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	46.19.15.13 46.19.15.13	51790 (SIEL) (SIEL)
1 4	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:a7d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	46.19.9.50 46.19.9.50	51790 (SIEL) (SIEL)
11	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:2093	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223c:4800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
3 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
5	18.66.97.71 18.66.97.71	16509 (AMAZON-02) (AMAZON-02)
3	52.213.132.247 52.213.132.247	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
2	2a02:26f0:6c0... 2a02:26f0:6c00:281::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
4	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	34.199.28.94 34.199.28.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	185.97.52.29 185.97.52.29	51790 (SIEL) (SIEL)
1	46.19.8.15 46.19.8.15	51790 (SIEL) (SIEL)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	63.34.36.239 63.34.36.239	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
4	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	62.122.168.72 62.122.168.72	50245 (SERVEREL-AS) (SERVEREL-AS)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 10	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.252.161.191 37.252.161.191	29990 (ASN-APPNEX) (ASN-APPNEX)
1	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
4	63.251.109.137 63.251.109.137	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1 3	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
6	204.154.111.109 204.154.111.109	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	109.236.91.3 109.236.91.3	49981 (WORLDSTREAM) (WORLDSTREAM)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	109.206.182.78 109.206.182.78	50245 (SERVEREL-AS) (SERVEREL-AS)
274	67

78 2606:4700::6812:abc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ba.n1info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:ce39 (United States)

ASN13335 (CLOUDFLARENET, US)

linker.ba	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.19.15.13 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: cex2.irv.si

ba.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker_ba.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collector_alt.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.182.200.20 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

gars.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:a7d9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.monadplug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba79 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.19.9.50 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130C26.rDNS.SiEL.si

ug.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2093 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.71 (United States)

ASN16509 (AMAZON-02, US)

script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.132.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-132-247.eu-west-1.compute.amazonaws.com

tentacles.smartocto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (Norway)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:281::f09 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.41 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hb.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.28.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-28-94.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.97.52.29 (Slovenia)

ASN51790 (SIEL, SI)
PTR: cex1.vsn.serv.si

images4.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.8.15 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130833.rDNS.SiEL.si

www.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.36.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-36-239.eu-west-1.compute.amazonaws.com

api.smartocto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.84.22.197 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.122.168.72 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
PTR: 62.122.168.72.serverel.net

eu2.adnetwork.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.45 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:286::4469 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Ascension Island) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

pr.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.161.191 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: shftr.ams1.adnexus.net

shftr.adnxs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Heppenheim an der Bergstrasse, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.251.109.137 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps724.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.154.111.109 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb06.doubleverify.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps10232.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps10203.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.236.91.3 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

extreme-ip-lookup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.182.78 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.182.78.serverel.net

sync2.adnetwork.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	n1info.com 1 redirects ba.n1info.com	2 MB
28	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	221 KB
27	googlesyndication.com f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com Failed pagead2.googlesyndication.com tpc.googlesyndication.com	157 KB
19	contentexchange.me ba.contentexchange.me ug.contentexchange.me tracker_ba.contentexchange.me collector_alt.contentexchange.me match.contentexchange.me images4.contentexchange.me www.contentexchange.me hb.contentexchange.me	259 KB
18	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps724.doubleverify.com tps.doubleverify.com tps10232.doubleverify.com tps10203.doubleverify.com	220 KB
11	google-analytics.com www.google-analytics.com	108 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com	9 KB
10	yandex.com 2 redirects mc.yandex.com	3 KB
8	adform.net 2 redirects dmp.adform.net s1.adform.net adx.adform.net	27 KB
8	clarity.ms 1 redirects www.clarity.ms c.clarity.ms f.clarity.ms	25 KB
7	adnxs.com 2 redirects ib.adnxs.com fra1-ib.adnxs.com	10 KB
7	googletagmanager.com www.googletagmanager.com	267 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal90007.redintelligence.net	11 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
5	dotmetrics.net script.dotmetrics.net	42 KB
5	gemius.pl 1 redirects gars.hit.gemius.pl ls.hit.gemius.pl	15 KB
4	googletagservices.com www.googletagservices.com	95 KB
4	smartocto.com tentacles.smartocto.com api.smartocto.com	17 KB
4	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	91 KB
3	adnetwork.agency eu2.adnetwork.agency sync2.adnetwork.agency	470 B
3	google.com adservice.google.com www.google.com	1 KB
3	facebook.net connect.facebook.net	200 KB
2	criteo.net static.criteo.net	53 KB
2	gstatic.com fonts.gstatic.com	27 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
2	google.de adservice.google.de www.google.de	1 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	linker.ba linker.ba	2 KB
1	extreme-ip-lookup.com extreme-ip-lookup.com	632 B
1	2mdn.net s0.2mdn.net	70 KB
1	contentspread.net cdn.contentspread.net	49 KB
1	adnxs.net shftr.adnxs.net	9 KB
1	twiago.com a.twiago.com	683 B
1	yahoo.com pr.ybp.yahoo.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	facebook.com www.facebook.com	424 B
1	bing.com 1 redirects c.bing.com	442 B
1	chartbeat.net ping.chartbeat.net	201 B
1	cloudflare.com cdnjs.cloudflare.com	12 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	monadplug.com cdn.monadplug.com	18 KB
274	41

	Domain	Requested by
78	ba.n1info.com	1 redirects ba.n1info.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ba.n1info.com consent.cookiebot.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	tpc.googlesyndication.com	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net
10	mc.yandex.com	2 redirects ba.n1info.com mc.yandex.ru
10	securepubads.g.doubleclick.net	ba.n1info.com securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	images4.contentexchange.me	ba.n1info.com
7	cdn.doubleverify.com	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com cdn.doubleverify.com ba.n1info.com ad.doubleclick.net
7	www.googletagmanager.com	ba.n1info.com www.googletagmanager.com cdn.monadplug.com
6	ib.adnxs.com	2 redirects hb.contentexchange.me googleads.g.doubleclick.net
5	adx.adform.net	s1.adform.net hb.contentexchange.me
5	script.dotmetrics.net	ba.n1info.com script.dotmetrics.net
4	hal90007.redintelligence.net	1 redirects f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com hal90007.redintelligence.net
4	www.googletagservices.com	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
4	googleads.g.doubleclick.net	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com ba.n1info.com
4	f.clarity.ms	www.clarity.ms
4	gars.hit.gemius.pl	1 redirects ba.n1info.com gars.hit.gemius.pl
3	tps724.doubleverify.com	cdn.doubleverify.com
3	hb.contentexchange.me	ba.n1info.com hb.contentexchange.me
3	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net consent.cookiebot.com hb.contentexchange.me
3	tentacles.smartocto.com	www.googletagmanager.com tentacles.smartocto.com
3	connect.facebook.net	ba.n1info.com connect.facebook.net consent.cookiebot.com
2	tps10203.doubleverify.com	cdn.doubleverify.com
2	tps10232.doubleverify.com	cdn.doubleverify.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	hb.contentexchange.me static.criteo.net
2	tps.doubleverify.com	cdn.doubleverify.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	5994599.fls.doubleclick.net	1 redirects ba.n1info.com
2	bidder.criteo.com	hb.contentexchange.me
2	eu2.adnetwork.agency	hb.contentexchange.me
2	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects ba.n1info.com
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	dmp.adform.net	2 redirects
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	tracker_ba.contentexchange.me	ba.contentexchange.me tracker_ba.contentexchange.me
2	mc.yandex.ru	1 redirects ba.n1info.com
2	www.clarity.ms	ba.n1info.com www.clarity.ms
2	ug.contentexchange.me	ba.n1info.com consent.cookiebot.com
2	consent.cookiebot.com	ba.n1info.com consent.cookiebot.com
2	linker.ba	ba.n1info.com linker.ba
1	sync2.adnetwork.agency
1	mug.criteo.com
1	extreme-ip-lookup.com	ba.n1info.com
1	s0.2mdn.net	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	cdn.contentspread.net	hal90007.redintelligence.net
1	ajax.googleapis.com	hal90007.redintelligence.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	hal9000.redintelligence.net	f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
1	shftr.adnxs.net	ba.n1info.com
1	fra1-ib.adnxs.com	ba.n1info.com
1	a.twiago.com	ba.n1info.com
1	pr.ybp.yahoo.com	ba.n1info.com
1	cdn.jsdelivr.net	hb.contentexchange.me
1	s1.adform.net	hb.contentexchange.me
1	www.google.de	ba.n1info.com
1	www.google.com	ba.n1info.com
1	api.smartocto.com	tentacles.smartocto.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.contentexchange.me	ba.n1info.com
1	fonts.googleapis.com	tracker_ba.contentexchange.me
1	www.facebook.com	ba.n1info.com
1	c.bing.com	1 redirects
1	adservice.google.de	securepubads.g.doubleclick.net
1	ping.chartbeat.net	ba.n1info.com
1	match.contentexchange.me	ba.n1info.com
1	collector_alt.contentexchange.me	ba.n1info.com
1	ls.hit.gemius.pl	gars.hit.gemius.pl
1	cdnjs.cloudflare.com	cdn.monadplug.com
1	static.chartbeat.com	ba.n1info.com
1	cdn.monadplug.com	ba.n1info.com
1	ba.contentexchange.me	ba.n1info.com
274	77

This site contains links to these domains. Also see Links.

Domain
www.admedo.com
www.internedservices.nl
www.sportradar.com
www.optomaton.com
www.bidswitch.com
www.cookiebot.com
policies.google.com
pulsepoint.com
www.beeswax.com
www.clickonometrics.com
crimtan.com
www.dailymotion.com
script.dotmetrics.net
www.tiktok.com
www.home.neustar
yandex.ru
privacy.microsoft.com
pubmatic.com
www.quantcast.com
www.sofascore.com
twitter.com
www.gemius.pl
www.rhythmone.com
unruly.co
www.improvedigital.com
triplelift.com
www.acuityads.com
www.addthis.com
site.adform.com
www.criteo.com
www.amobee.com
www.adition.com
www.appnexus.com
www.innovid.com
www.mediamath.com
privacy.adtriba.com
privacy.aol.com
policies.yahoo.com
policies.oath.com
www.bidtheatre.com
www.blis.com
www.oracle.com
casalemedia.com
www.geniussports.com
www.adobe.com
www.facebook.com
www.sovrn.com
www.xaxis.com
www.openx.com
www.reddit.com
zetaglobal.com
liveramp.com
www.sizmek.com
www.simpli.fi
www.sitescout.com
smartadserver.com
www.snap.com
www.spotx.tv
videologygroup.com
travelaudience.com
exponential.com
www.dataxu.com
chartbeat.com
www.contentexchange.me
smartocto.com
telegram.org
ba-8nqof7qzeod2et99kimwqegbnmsmjnby.n1info.com
www.youtube.com
www.instagram.com
rs.n1info.com
hr.n1info.com
n1info.si
pr.ybp.yahoo.com
tracker_ba.contentexchange.me
apps.apple.com
play.google.com
www.unitedmedia.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.dotmetrics.net Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
*.smartocto.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-31` - `2022-06-04`	a year	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.adnetwork.agency Sectigo RSA Domain Validation Secure Server CA	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-14`	a year	crt.sh
*.adnxs.net GeoTrust RSA CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
t1.extreme-dm.com R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://ba.n1info.com/
Frame ID: 7C9B8BCAAFA1E37339F3AA8405FA8127
Requests: 182 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 816B5309F22D8DCCD5A1F2FD020516A1
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 1ED76B227E24689B7E614ED6B9417D3F
Requests: 1 HTTP requests in this frame

Frame: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5A2DCE2EC11DA830CE1A4C7F6A817F3C
Requests: 2 HTTP requests in this frame

Frame: https://hb.contentexchange.me/hbscript?domain=ba.n1info.com
Frame ID: CC4E4AEC8DAE9FF92FD44AD7F8D97048
Requests: 14 HTTP requests in this frame

Frame: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5CD0D0BBD6EE522E4A877CA16A3A6D4E
Requests: 28 HTTP requests in this frame

Frame: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67F755972AC603FB99957DE1F5503A6A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXmljOltTZI4Ts8Ikxg9lExT1HNPXVm3WtVbM6G7Au4odwun1IqOvhQzBnsUglfITWH3xeNgjJP1KWrp_ikTq3cimrBdneQ7X-jka-JLxHQXGaXEnR336-QTMo7UqmyduqfjVNJ2jO49Vi4QGvwCgXds0Xlg5QqlmRscrCekMqAiabTRTg
Frame ID: 33D9F942CAC06486ECE66D4759181DE6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI-aibATAB&v=APEucNWISO72lkbUN7qreUhdsZN15VQr-JSpOBEL4QtlRPR9K20RyW5hp5oLGo5yiqv4Cya05JW-g6a7zyU4m7uSEAZX2txaHHFSWlxgRwUMEpjUC21MmAk-cVJTKrp3woBdp-8wIUHIiZs7sfaGe-tIwGD5cbxqcFsKxQaSqrw_rYWuMUjwnT0
Frame ID: 26547C29C3D70AF12395410B975FCEB5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 33328C80CEDF466117D56C0860452D8F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6433C60109CF77E1108019DC74317D9D
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: A8138A7A1073950530BA0621713A1ECD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: A154CF1923216FAB8E1665F508CB0B4C
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195
Frame ID: 694C2B15E8F42C687E1120BDCF308AEE
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=96913100049289100710626011756007&a=b70c58c8
Frame ID: DFAC6D848E333B2923127D3097ECF748
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: C6470DEF926AEBC1E39974BDADD489E3
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: B9E8D3573BECB944E617DF9ECBC8294B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9C57C272C7B5090345B67CAA36CFD11
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ba.n1info.com
Frame ID: 06AC01F02863373170E7133FE9BE8EBF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

N1 - Najnovije, tačne i nezavisne vijesti iz Bosne i Hercegovine i svijeta

Page URL History Show full URLs

http://ba.n1info.com/ HTTP 301
https://ba.n1info.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

274
Requests

99 %
HTTPS

49 %
IPv6

41
Domains

77
Subdomains

67
IPs

14
Countries

4120 kB
Transfer

9078 kB
Size

65
Cookies

90 Outgoing links

These are links going to different origins than the main page.

URL: https://www.admedo.com/privacy-policy
Title: Admedo

Search URL Search Domain Scan URL

URL: https://www.internedservices.nl/disclaimer-privacy-policy/
Title: KPN

Search URL Search Domain Scan URL

URL: https://www.sportradar.com/about-us/privacy/
Title: Sportradar

Search URL Search Domain Scan URL

URL: http://www.optomaton.com/privacy.html
Title: Optomaton

Search URL Search Domain Scan URL

URL: https://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://pulsepoint.com/legal/website-privacy-policy
Title: Pulsepoint

Search URL Search Domain Scan URL

URL: https://www.beeswax.com/cookies/
Title: Beeswax

Search URL Search Domain Scan URL

URL: https://www.clickonometrics.com/optout/
Title: Clickonometrics

Search URL Search Domain Scan URL

URL: https://crimtan.com/privacy/
Title: Crimtan

Search URL Search Domain Scan URL

URL: http://www.dailymotion.com/legal/privacy?localization=us
Title: Dailymotion

Search URL Search Domain Scan URL

URL: http://script.dotmetrics.net/Privacy/PrivacyCenter.html
Title: Dotmetrics

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/legal/privacy-policy?lang=en
Title: Tiktok

Search URL Search Domain Scan URL

URL: https://www.home.neustar/privacy
Title: Neustar

Search URL Search Domain Scan URL

URL: https://yandex.ru/legal/confidential/
Title: Yandex

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us/privacystatement
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy-policy/
Title: Pubmatic

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/privacy/
Title: Quantcast

Search URL Search Domain Scan URL

URL: https://www.sofascore.com/news/privacy-policy/
Title: Sofascore

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.gemius.pl/polityka-prywatnosci.html
Title: Gemius

Search URL Search Domain Scan URL

URL: https://www.rhythmone.com/privacy-policy
Title: Rhythmone

Search URL Search Domain Scan URL

URL: https://unruly.co/privacy/
Title: Unruly

Search URL Search Domain Scan URL

URL: https://www.improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: TripleLift

Search URL Search Domain Scan URL

URL: https://www.acuityads.com/privacy-policy/
Title: Acuity

Search URL Search Domain Scan URL

URL: http://www.addthis.com/privacy
Title: Oracle

Search URL Search Domain Scan URL

URL: http://site.adform.com/privacy-policy-opt-out/
Title: Adform

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/
Title: Criteo

Search URL Search Domain Scan URL

URL: https://www.amobee.com/trust/privacy-guidelines
Title: Amobee

Search URL Search Domain Scan URL

URL: https://www.adition.com/kontakt/datenschutz/
Title: Adition

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/en/company/privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: http://www.innovid.com/privacy-policy
Title: Innovid

Search URL Search Domain Scan URL

URL: http://www.mediamath.com/privacy-policy/
Title: Mediamath

Search URL Search Domain Scan URL

URL: https://privacy.adtriba.com/
Title: Atriba

Search URL Search Domain Scan URL

URL: http://privacy.aol.com/
Title: AOL

Search URL Search Domain Scan URL

URL: https://policies.yahoo.com/us/en/yahoo/privacy/index.htm
Title: Yahoo

Search URL Search Domain Scan URL

URL: https://policies.oath.com/us/en/oath/privacy/index.html
Title: Oath

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/corporate-privacy-policy/
Title: Criteo

Search URL Search Domain Scan URL

URL: http://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://www.bidtheatre.com/privacy-policy
Title: Bidtheatre

Search URL Search Domain Scan URL

URL: http://www.blis.com/privacy/
Title: Blis

Search URL Search Domain Scan URL

URL: https://www.oracle.com/legal/privacy/index.html
Title: Oracle

Search URL Search Domain Scan URL

URL: http://casalemedia.com/
Title: Casalemedia

Search URL Search Domain Scan URL

URL: https://www.geniussports.com/privacy-policy/
Title: Genius Sports

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Adobe Inc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.sovrn.com/legal/privacy-policy/
Title: Sovrn

Search URL Search Domain Scan URL

URL: https://www.xaxis.com/privacy-policy/
Title: Xaxis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: Openx

Search URL Search Domain Scan URL

URL: https://www.reddit.com/help/privacypolicy
Title: Reddit

Search URL Search Domain Scan URL

URL: https://zetaglobal.com/privacy-policy/
Title: Zeta Global

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: LiveRamp

Search URL Search Domain Scan URL

URL: https://www.sizmek.com/privacy-policy/
Title: Sizmek

Search URL Search Domain Scan URL

URL: https://www.simpli.fi/site-privacy-policy2/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: http://www.sitescout.com/privacy
Title: Sitescout

Search URL Search Domain Scan URL

URL: http://smartadserver.com/company/privacy-policy/
Title: Smart Adserver

Search URL Search Domain Scan URL

URL: https://www.snap.com/en-US/privacy/privacy-center/
Title: Snap INC

Search URL Search Domain Scan URL

URL: https://www.spotx.tv/privacy-policy/
Title: Spotx

Search URL Search Domain Scan URL

URL: https://videologygroup.com/en/privacy-policy
Title: Videology

Search URL Search Domain Scan URL

URL: https://travelaudience.com/website-privacy-policy/
Title: Travel Audience

Search URL Search Domain Scan URL

URL: http://exponential.com/privacy/
Title: Exponential

Search URL Search Domain Scan URL

URL: https://www.dataxu.com/about-us/privacy/data-collection-platform/
Title: Dataxu

Search URL Search Domain Scan URL

URL: https://chartbeat.com/privacy/
Title: Chartbeat

Search URL Search Domain Scan URL

URL: http://www.contentexchange.me/terms-of-service/
Title: Content Exchange

Search URL Search Domain Scan URL

URL: https://smartocto.com/cookiestatement/
Title: SmartOcto

Search URL Search Domain Scan URL

URL: https://telegram.org/privacy
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://ba-8nqof7qzeod2et99kimwqegbnmsmjnby.n1info.com/feed/
Title: RSS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/N1BiH/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/N1info

Search URL Search Domain Scan URL

URL: https://twitter.com/N1infoSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/n1bih/

Search URL Search Domain Scan URL

URL: https://rs.n1info.com/
Title: Srbija

Search URL Search Domain Scan URL

URL: https://hr.n1info.com/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://n1info.si/
Title: Slovenija

Search URL Search Domain Scan URL

URL: https://pr.ybp.yahoo.com/cj/crid/NuLVww3zCPRnKTIOr6LOYRMbnT2MdM4e/cd/i0wSlTJH8o2ZTLTEb7d8BU48Vw4O7SyLntgkTYLN0C1FofFFI2XbFBKqxWJmhHl8CjfRJoKvXcVg_-9Cav1NMGsIlmDI9VxykY-wWivCeY-obIf5jm1m_vGJERQ8X3ZirdmMFdOoMNBA3rQZxDWxI0NUilJz4wWpYNnVhLku4v--j2cik3p2ouMVKACKprayOS0HhpganHeWf36F6qNX798Ixv5KVME3h3TuhkTDWXu-7-cFPh5V5YsZPr7I-u6H/rurl/https://a.twiago.com/adclick.php?pid=5802&wmid=53334&gdpr_consent=[consentstring]&nvc=1&ord=[timestamp]

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/hrcx6t5C2wno7Hfks/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/CeKARJqnPpNWn2hwN/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/AFT8QM4cQDBkLpGiz/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/Pzb8T5vFaETfjm99G/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/dK5fQpWzBxcN57chv/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/nJcp54a8PvMWCnvkD/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://tracker_ba.contentexchange.me/direct/STvfAhWvsjzzzYJNh/3gJvDt2kPsJpfriQo?cb1634980312913

Search URL Search Domain Scan URL

URL: https://www.contentexchange.me/?utm_source=site&utm_medium=widget&utm_campaign=logo
Title: Preporučuje ContentExchange

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/n1-info/id920779491

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.n1info&gl=US

Search URL Search Domain Scan URL

URL: http://www.unitedmedia.net/
Title: United Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ba.n1info.com/ HTTP 301
https://ba.n1info.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://dmp.adform.net/serving/cookie/match?party=1219&cid=6173d1d8fd5354587e2f6128&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=6173d1d8fd5354587e2f6128&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://match.contentexchange.me/adform/4515157264596003548

Request Chain 119

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=0D58792DE7654B68999D10BDECFACB3D&RedC=c.clarity.ms&MXFR=30DE92C05CE463AA3C1E821958E46DDE HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=0D58792DE7654B68999D10BDECFACB3D&MUID=0C7F456FCBAC6FB90C5955B6CAC76EE3

Request Chain 129

https://gars.hit.gemius.pl/_1634980312981/rexdot.js?l=100&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=266&lsdata=X6uwNiILm8lOxoacztPOKI5BnSlRYfbHM1v.peLJQBP.c72SfXv.Mn0ZjDXVPItvEcqFXoBdKZL7lQQdgdiox7SHuk_I/Ni9hE8av1v_fS/&fpdata=XzZq7VIKJ5udY99nUsEDMjXXtogqKZjICx8zyiKP1EH.r7&vis=1&fpcap= HTTP 301
https://gars.hit.gemius.pl/__/_1634980312981/rexdot.js?l=100&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=266&lsdata=X6uwNiILm8lOxoacztPOKI5BnSlRYfbHM1v.peLJQBP.c72SfXv.Mn0ZjDXVPItvEcqFXoBdKZL7lQQdgdiox7SHuk_I/Ni9hE8av1v_fS/&fpdata=XzZq7VIKJ5udY99nUsEDMjXXtogqKZjICx8zyiKP1EH.r7&vis=1&fpcap=

Request Chain 146

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.xeE67z4qWdthuY13FHFBdviJlr2_p7ukaQRE_k-1nXdnzfmLy9r-s2CaOIMNwKtV.idwrVVmBjvfP6RMxF8-pEQZqKQ0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9435.A2L56PU1x9Xzk5O5q_VXyDeJfwAvG2tueR1g4VjuuhyXFB9Tvk-4TMGy4tmJCsKtYW5GmL96ebm_DhUgfAMGCA%2C%2C.DU65J42KaT9YSwN2-6Uytf2EXZ0%2C

Request Chain 165

https://mc.yandex.com/watch/71048401?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A425%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A692501971684%3Ahid%3A1051135%3Az%3A0%3Ai%3A202101023091153%3Aet%3A1634980313%3Ac%3A1%3Arn%3A1057083720%3Arqn%3A1%3Au%3A1634980313775256610%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980312056%3Ads%3A0%2C45%2C177%2C34%2C33%2C0%2C%2C433%2C1%2C%2C%2C%2C692%3Adsn%3A0%2C45%2C177%2C35%2C33%2C0%2C%2C402%2C0%2C%2C%2C%2C692%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980313%3At%3AN1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A425%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A692501971684%3Ahid%3A1051135%3Az%3A0%3Ai%3A202101023091153%3Aet%3A1634980313%3Ac%3A1%3Arn%3A1057083720%3Arqn%3A1%3Au%3A1634980313775256610%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980312056%3Ads%3A0%2C45%2C177%2C34%2C33%2C0%2C%2C433%2C1%2C%2C%2C%2C692%3Adsn%3A0%2C45%2C177%2C35%2C33%2C0%2C%2C402%2C0%2C%2C%2C%2C692%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980313%3At%3AN1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&t=gdpr%2814%29ti%282%29

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPR2illTr5ivO9gVF0UdwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKCeRoGymwOiaomtEr69vmc&google_cver=1

Request Chain 201

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1

Request Chain 203

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPR2illTr5ivO9gVF0UdwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENRZ0xYC2Wg3S3hY4JpKZAQ&google_cver=1

Request Chain 205

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D

Request Chain 219

https://hal90007.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCToRe2dFzYa6pGdrlgAfboIvQArXN-YNXlNu5q-UM8C4QASDZ6c97YJXikIKgB8gBCakC3NgOcLWJsz6oAwGqBIICT9C4Ue2QVE0LXuPAdkZMavAO1k_31f-l9YYVK36Z3_SoBtop6cfijWjQM90UNBgYwsagVOqLXMo5Y_NZNsAsnKHZg5p6tkadjzvQ5tbyd6AYuo5dtZ9dkUxC4MCMjz6tcIaXSP9cXCv6HmcdsEUwQhG6fvAwBZQe7a7LlP_JYofNx05Jwg8kHK8CGkNKJwJtEwFHSesmZ4kc9yxDaKNu9M7i9wrAjo4XSRvGHGPRYFasktZ9vSEZTGmRI-W3felL7NgdUvbCnOAP4J0LbgoRKpdEoYvmIT_X36_9T-oLzFIa_B9veeySYlvwePoDBLoCEH5cV0vwlOG-2IVFZ2sY9YZjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg%26sig%3DAOD64_2iitAWtak5ibP9FoXJyN4S9oax9Q%26client%3Dca-pub-5845685380979936%26dbm_c%3DAKAmf-AlsB9_Oa44pSgtOMD96nfVghIk1GXoO89SsriWtRTPjmbB3LbvoaNn4P6DjuniUDRb1wc3B5Bh1AEMj8o32nQHk9EuE0S160l_fGt_wbJozynn20NkGPRYGvIHrd7q1CVuJlRDNfB7XKXIc2gYevYFTSewtw%26cry%3D1%26dbm_d%3DAKAmf-ASBpF8tnCCKoppDTIWe9tGfjjItfIlGbem7hYLdchSMT-DepAZcmUcAYf4zIUBqRp10NgzLAW3nrZIUJ9ebhk6YXc6GxBHJDn_ZxBKX13ZZp-TjLyl8HwEl92Izg2Tnrw4zhaVngZEtkxT2DEHYN0azQ2mTACoWhtyGqhcPA-lFJs9nO09Hm9IAr8DIS4VpFFfQ2lKIWVzSgRKiayaygc1sKed4m7oe6G-nPwqvcJCIgRX0Kn4uYayC_T4cG2y44phAjiD5BOXjIpYyoXgK9YDtQOqqmAuSXW5nyzpu5T-k8hmAlaxFusTFr8JE2l20ivrbyALQlULo7gGkn5_JnwPl9xS4qunXfDxZOSqdHYmbpV4CC-WFbVoMfcbYzicO9kzVrdPmYdu7QtyD_NcOLJC16vm8Jw2R3YBXqMxxHyoS1QODUdhm-hUbTL9xcouG73qp7CL%26adurl%3D&documentReferer=https%3A%2F%2Fba.n1info.com%2F&ancestorOrigins=https%3A%2F%2Fba.n1info.com&random=3101589653134&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCToRe2dFzYa6pGdrlgAfboIvQArXN-YNXlNu5q-UM8C4QASDZ6c97YJXikIKgB8gBCakC3NgOcLWJsz6oAwGqBIICT9C4Ue2QVE0LXuPAdkZMavAO1k_31f-l9YYVK36Z3_SoBtop6cfijWjQM90UNBgYwsagVOqLXMo5Y_NZNsAsnKHZg5p6tkadjzvQ5tbyd6AYuo5dtZ9dkUxC4MCMjz6tcIaXSP9cXCv6HmcdsEUwQhG6fvAwBZQe7a7LlP_JYofNx05Jwg8kHK8CGkNKJwJtEwFHSesmZ4kc9yxDaKNu9M7i9wrAjo4XSRvGHGPRYFasktZ9vSEZTGmRI-W3felL7NgdUvbCnOAP4J0LbgoRKpdEoYvmIT_X36_9T-oLzFIa_B9veeySYlvwePoDBLoCEH5cV0vwlOG-2IVFZ2sY9YZjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg%26sig%3DAOD64_2iitAWtak5ibP9FoXJyN4S9oax9Q%26client%3Dca-pub-5845685380979936%26dbm_c%3DAKAmf-AlsB9_Oa44pSgtOMD96nfVghIk1GXoO89SsriWtRTPjmbB3LbvoaNn4P6DjuniUDRb1wc3B5Bh1AEMj8o32nQHk9EuE0S160l_fGt_wbJozynn20NkGPRYGvIHrd7q1CVuJlRDNfB7XKXIc2gYevYFTSewtw%26cry%3D1%26dbm_d%3DAKAmf-ASBpF8tnCCKoppDTIWe9tGfjjItfIlGbem7hYLdchSMT-DepAZcmUcAYf4zIUBqRp10NgzLAW3nrZIUJ9ebhk6YXc6GxBHJDn_ZxBKX13ZZp-TjLyl8HwEl92Izg2Tnrw4zhaVngZEtkxT2DEHYN0azQ2mTACoWhtyGqhcPA-lFJs9nO09Hm9IAr8DIS4VpFFfQ2lKIWVzSgRKiayaygc1sKed4m7oe6G-nPwqvcJCIgRX0Kn4uYayC_T4cG2y44phAjiD5BOXjIpYyoXgK9YDtQOqqmAuSXW5nyzpu5T-k8hmAlaxFusTFr8JE2l20ivrbyALQlULo7gGkn5_JnwPl9xS4qunXfDxZOSqdHYmbpV4CC-WFbVoMfcbYzicO9kzVrdPmYdu7QtyD_NcOLJC16vm8Jw2R3YBXqMxxHyoS1QODUdhm-hUbTL9xcouG73qp7CL%26adurl%3D&documentReferer=https%3A%2F%2Fba.n1info.com%2F&ancestorOrigins=https%3A%2F%2Fba.n1info.com&random=3101589653134&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 227

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195

Request Chain 270

https://gum.criteo.com/sid/json?origin=publishertag&domain=n1info.com&sn=ChromeSyncframe&so=0&topUrl=ba.n1info.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=SWQMkHxNT0w5M0RFWGJrR0NFVWNXMTJUcVVoYVpDYlJIREJMQlhTd21UcS9Td3ZmK2lMTVVmT1BtbWJxdWdKZEozOUY4RXVMU2piSUdrc3RDTmtXMG9jYWg4ZWlyTjREOUpYMFExRGp1eEVaL1MyRUZyZVgycy9OVkFIVjFvNE5WYkdhZlFNS2NINlM0N1RoOENFZXJBL0dNeWlRNy94VTFTbGwycHhrbXgrRnd2N3Iva0E5ZHg0Mm40RmFEd1FEUlVqVW9qVmE2YWs3aDgxM1F1Y2tWOW50cEh2KzlBbFJjN0ZuZG5UelM4dnErM2hLaVowSEhXYnhFSUZSNzM0cWY2czI5Z2tibEcvOEU5ZnE5dWNNbHE3MFo4dz09fA&cppv=2

274 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ba.n1info.com/
Redirect Chain

http://ba.n1info.com/
https://ba.n1info.com/

318 KB
28 KB

222ms
177ms

Document
text/html

2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf878d7fb3981383cf4199215260c1555d0ac664577999e1e261613ae9e4f311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: ba.n1info.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: INGRESSCOOKIE=1634980313.277.51.340342; Path=/; Secure; HttpOnly
link: <https://ba.n1info.com/wp-json/>; rel="https://api.w.org/" <https://ba.n1info.com/wp-json/wp/v2/pages/4328109>; rel="alternate"; type="application/json" <https://ba.n1info.com/>; rel=shortlink
x-fastcgi-cache: HIT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a29d726ed820e2a-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 23 Oct 2021 09:11:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 23 Oct 2021 10:11:52 GMT
Location: https://ba.n1info.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a29d7267b4f5c62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Exo2-Regular.woff2
ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/ 36 KB
36 KB 49ms
46ms Font
application/octet-stream 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-Regular.woff2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29efbdb1613dd373678cc6e8e6e6f4cf003ce3d076c2be27e456e93dfa601c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://ba.n1info.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=1634980313.277.51.340342
:path: /wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ba.n1info.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: "614a5621-90dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7281efe0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37084

GET
H2 200 Exo2-Medium.woff2
ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/ 36 KB
37 KB 48ms
45ms Font
application/octet-stream 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-Medium.woff2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5770308d93a1b620a7d57ab0b2f951ffc405085067423d4fff082db95669bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://ba.n1info.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=1634980313.277.51.340342
:path: /wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-Medium.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ba.n1info.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: "614a5621-91cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7282eff0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37324

GET
H2 200 Exo2-Bold.woff2
ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/ 37 KB
37 KB 29ms
26ms Font
application/octet-stream 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-Bold.woff2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6222f139b4071e1fc7a0a79c0da03b2b1c5ba857ea46d547528112ec8614e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://ba.n1info.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=1634980313.277.51.340342
:path: /wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ba.n1info.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: "614a5621-94c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7282f000e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38088

GET
H2 200 Exo2-SemiBold.woff2
ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/ 37 KB
37 KB 45ms
43ms Font
application/octet-stream 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-SemiBold.woff2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

749b53442e109557196c6dfd92754eb8e6e61cd51cb0d3986b7f6bd886a9aba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://ba.n1info.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=1634980313.277.51.340342
:path: /wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-SemiBold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ba.n1info.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: "614a5621-9478"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7282f020e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38008

GET
H2 200 Exo2-ExtraBold.woff2
ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/ 37 KB
37 KB 49ms
46ms Font
application/octet-stream 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-ExtraBold.woff2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd0070ca4819270200c94b6ea5ec82c771a71719a1d3c9e41ccd8d95544070e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://ba.n1info.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=1634980313.277.51.340342
:path: /wp-content/themes/ucnewsportal/src/assets/fonts/exo-2/Exo2-ExtraBold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ba.n1info.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: "614a5621-94f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7282f040e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38132

GET
H2 200 icon.woff2
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/ 10 KB
10 KB 48ms
45ms Font
application/octet-stream 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/fonts/icon.woff2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d420c16369b0e983f3ebccfb03218658ccc36fc494b9f5e0a3735c441a89932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://ba.n1info.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: INGRESSCOOKIE=1634980313.277.51.340342
:path: /wp-content/themes/ucnewsportal-n1/dist/assets/fonts/icon.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ba.n1info.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 5918
etag: "614a5621-284c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/octet-stream
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7282f060e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10316

GET
H2 200 wpp.css
ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/css/ 1 KB
599 B 47ms
45ms Stylesheet
text/css 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

951c201eceb26489dc9b4cc8ea4e408ae957410ea32b0fc7d4845d851886739f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: W/"614a5621-4c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cf-ray: 6a29d7282f070e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.css
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/ 578 KB
65 KB 54ms
52ms Stylesheet
text/css 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300ff9572a6ba149ff9ce63ce27436949396f8d758d701c13ee1b0212c0b9c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:58 GMT
server: cloudflare
age: 6033
etag: W/"614a5656-907ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cf-ray: 6a29d7282f090e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sassy-social-share-public.css
ba.n1info.com/wp-content/plugins/sassy-social-share/public/css/ 34 KB
9 KB 47ms
45ms Stylesheet
text/css 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.11

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.11
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 2119
etag: W/"614a5621-87d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cf-ray: 6a29d7282f0b0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sassy-social-share-svg.css
ba.n1info.com/wp-content/plugins/sassy-social-share/admin/css/ 109 KB
34 KB 47ms
45ms Stylesheet
text/css 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.11

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.11
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 5918
etag: W/"614a5621-1b42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cf-ray: 6a29d7282f0c0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wpp-4.2.0.min.js Show response
ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/js/ 1 KB
616 B 48ms
46ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: W/"614a5621-47b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6a29d7282f110e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.js Show response
ba.n1info.com/wp-includes/js/jquery/ 95 KB
34 KB 47ms
46ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: W/"614a5621-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6a29d7282f120e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 add-manager-variables.js Show response
ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/ 0
95 B 47ms
45ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/add-manager-variables.js?ver=1

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal/dist/assets/js/add-manager-variables.js?ver=1
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:02:35 GMT
server: cloudflare
age: 6033
etag: "614a567b-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d7282f130e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H2 200 generate-menu.js Show response
ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/ 2 KB
949 B 47ms
46ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/generate-menu.js?ver=1.0.0

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a325b95208a73289a9b744527a4bbd7b9567f0aab0246036e8268138aa2ab27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal/dist/assets/js/generate-menu.js?ver=1.0.0
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:02:35 GMT
server: cloudflare
age: 6033
etag: W/"614a567b-7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6a29d7282f140e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 219ms
195ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

b0d247d4ae74ae4879a66a19d19b8dee5f564da1dc7fd58dacf3b9d4acb7ee65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1022 / 403 of 1000 / last-modified: 1634854038"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27203
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 lw.js Show response
linker.ba/ 2 KB
1 KB 73ms
24ms Script
application/javascript 2606:4700:3035::ac43:ce39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linker.ba/lw.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ce39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0b7e0680a588ae3dba8658a482aaae69dbe9981136719abaf301ecb25223637

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 09:03:26 GMT
server: cloudflare
age: 4781
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4w1KTtKTMkmMq3IGgy6%2FnBNYh%2FTSVzU8JfEjRA7OEwt5gME%2B9kFLVsVOJiuxF7oj%2FE0lMrJNNhKO2FpBeTa5d5TDqIwLLX%2ByCMXGHl8JZQZGIyi2OoyXN6VIb%2FngwkbQ9RCv2E17bE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a29d7290d035a0d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tracker.js Show response
ba.contentexchange.me/static/ 3 KB
4 KB 115ms
36ms Script
text/javascript 46.19.15.13
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.contentexchange.me/static/tracker.js

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.15.13 Ljubljana, Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

cex2.irv.si

Software

nginx/1.19.9 /

Resource Hash

05eb32ddcaa8b70f44b82f940d519f27d2c0679d8efb8e49a3cd039ecaab89d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx/1.19.9
x-frame-options: DENY
date: Sat, 23 Oct 2021 09:11:52 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8

GET
H2 200 logo-header.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 725 B
495 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/logo-header.svg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00345329e923541aa12a1ee7499f0df770368b59488fc818afb7748681dd9db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/logo-header.svg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6033
etag: W/"614a5621-2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 6a29d728cfd80e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 xgemius.js Show response
gars.hit.gemius.pl/ 40 KB
11 KB 114ms
50ms Script
application/x-javascript 217.182.200.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/xgemius.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.20 , Poland, ASN16276 (OVH, FR),
Reverse DNS: gcm6.host.hit.gemius.pl
Software: GHC /
Resource Hash: fe51695a4ec686cc0bff2f425ec3f773c5be272d63d079eca59f40e8ce23e02f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 18:01:32 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10837
expires: Sat, 23 Oct 2021 21:11:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
49 KB 61ms
24ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56928PS

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac81abc44564470c6fe85aca120c7c6f1df6220629a155bde7b3ec327b6a9d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49931
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 hood.js Show response
cdn.monadplug.com/format/native/js/ 80 KB
18 KB 88ms
34ms Script
application/javascript 2606:4700:3030::ac43:a7d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.monadplug.com/format/native/js/hood.js?v=1219239
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a7d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8148de050d7d23d1e55bb1132abba028b6629afea6dff7acb1b7111d2f2eecad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Apr 2021 08:53:34 GMT
server: cloudflare
etag: W/"1415f-5c077b2ab4e91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uzv2aSvJ%2FkO6NOOrTFhylX3eccHeEop%2F9LOFSUnwQZMfvPbTh7MURlogFJsqmcihx9Lx7mlnPLuE1M3rnfb4lRTra%2F1xqKmXlptDgfpNS34gq7XmjuGe66Sl1OpAhtDhx3UC6z2Q38l4KA6QGQTOtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 6a29d7291c72374d-MXP
expires: 10

GET
H2 200 svg-sprite.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 35 KB
12 KB 26ms
26ms Other
image/svg+xml 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/svg-sprite.svg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccdd76a578bd45c3950d0a0ff383ff448137ea6856c654bca8b7c35236d9f484

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/svg-sprite.svg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 2117
etag: W/"614a5621-8c64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 6a29d728cfdb0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 web-responsive-menu Show response
ba.n1info.com/wp-json/menus/v1/menus/ 33 KB
3 KB 141ms
141ms Fetch
application/json 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-json/menus/v1/menus/web-responsive-menu

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/generate-menu.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bcb672544665b413f7179d20c194959fb0c5666945ffd2744c80602de09637

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /wp-json/menus/v1/menus/web-responsive-menu
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 6a29d728f81e0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
link: <https://ba.n1info.com/wp-json/>; rel="https://api.w.org/"
allow: GET
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=UTF-8
x-fastcgi-cache: HIT
vary: Origin
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 logo-white.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 722 B
523 B 156ms
155ms Image
image/svg+xml 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/logo-white.svg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53716e7c1a5967cf42986f5b299331d8ee1838c5fb467a877d4e45ec9b4addde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/logo-white.svg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
etag: W/"614a5621-2d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 6a29d728f8210e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app-store.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 4 KB
4 KB 169ms
169ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/app-store.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b45c126200684d875b3b5cb2570e43045e1b8bf2b426773d7c58642f791241

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/app-store.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
etag: "614a5621-e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f8230e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3717

GET
H2 200 google-play.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 7 KB
7 KB 157ms
157ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/google-play.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eea486681a351edbeadf812b5ecdee4f3c856db3fafd2a46a9d03bc34433f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/google-play.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
etag: "614a5621-1c09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f8240e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7177

GET
H2 200 n1-cnn-logo.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 11 KB
11 KB 28ms
28ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/n1-cnn-logo.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2f52b8b28d000c371c25aa12b5a3a271441445cbfc5d43f062a455e5e6f2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/n1-cnn-logo.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 2117
etag: "614a5621-2c8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f8260e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11407

GET
H2 200 paw-697837-1920-241524-175x117.jpeg
ba.n1info.com/wp-content/uploads/2019/04/ 5 KB
5 KB 182ms
181ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2019/04/paw-697837-1920-241524-175x117.jpeg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f74f47ea1d8cc16b68cff7b59a26d443d34b93509611fcfcd4c0fe87d285e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2019/04/paw-697837-1920-241524-175x117.jpeg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 15 Dec 2020 15:01:05 GMT
server: cloudflare
etag: "5fd8cfb1-1278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f8280e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4728
cf-bgj: h2pri

GET
H2 200 1634931860-amir-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 6 KB
6 KB 155ms
154ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634931860-amir-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a9da53f43a4fc11a7ffe7b3ed54ba66d4d49e2e26581211a9abff545c314e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634931860-amir-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 19:44:22 GMT
server: cloudflare
etag: "61731496-18ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f82a0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6317
cf-bgj: h2pri

GET
H2 200 1634914180-dodik-snsd-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 6 KB
6 KB 27ms
26ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634914180-dodik-snsd-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bcdf46f3998f7dcffebf209fa6f47e539577e94f3def65b1dc42f320a698c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634914180-dodik-snsd-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6032
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6259
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 14:49:41 GMT
server: cloudflare
etag: "6172cf85-1873"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d728f82d0e2a-MXP
cf-bgj: h2pri

GET
H2 200 1630395219-sjedeca_odbojka_tokio-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/08/31/ 9 KB
9 KB 179ms
179ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/08/31/1630395219-sjedeca_odbojka_tokio-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10762e073f9073d062cbd7e2174e093c4e7544d04b16c2de9d97dc3ccf3e57be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/08/31/1630395219-sjedeca_odbojka_tokio-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Aug 2021 07:33:40 GMT
server: cloudflare
etag: "612ddb54-2286"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f82f0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8838
cf-bgj: h2pri

GET
H2 200 1633527959-2021-09-22T113637Z_1798203539_RC2ZUP9YWIBX_RTRMADP_3_EU-COMMISSION-COLLEGE-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/06/ 7 KB
7 KB 155ms
155ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/06/1633527959-2021-09-22T113637Z_1798203539_RC2ZUP9YWIBX_RTRMADP_3_EU-COMMISSION-COLLEGE-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acfdcc9805ef5d4b5241babce6f48ea96cd049613750a74e6db2d5220118fd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/06/1633527959-2021-09-22T113637Z_1798203539_RC2ZUP9YWIBX_RTRMADP_3_EU-COMMISSION-COLLEGE-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Oct 2021 13:46:04 GMT
server: cloudflare
etag: "615da89c-1ce3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d728f8300e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7395
cf-bgj: h2pri

GET
H2 200 1634976492-9b71a7979bed2cef7d7e42d484b06251.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 230 KB
230 KB 219ms
215ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634976492-9b71a7979bed2cef7d7e42d484b06251.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9761fbbf9445df3050a132243ea6c7be5e9a048cac52136aba95d68819d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634976492-9b71a7979bed2cef7d7e42d484b06251.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 08:08:12 GMT
server: cloudflare
etag: "6173c2ec-3980b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72918610e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 235531

GET
H2 200 1634970269-FCRWSVBXsAsbr3U-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 23 KB
23 KB 160ms
156ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634970269-FCRWSVBXsAsbr3U-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3be3a5bb428415239ab4b8054ddb355a573ba1ec87cc52f8c9a2239805ed4915

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634970269-FCRWSVBXsAsbr3U-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Sat, 23 Oct 2021 06:24:30 GMT
server: cloudflare
etag: "6173aa9e-5d64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72918630e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23908
cf-bgj: h2pri

GET
H2 200 1634973243-viza-SAD-750x414-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 34 KB
34 KB 46ms
43ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634973243-viza-SAD-750x414-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fecf37b461f7d247f6874fa15bd5d092b29f75f897086ec7ec261a58b3651d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634973243-viza-SAD-750x414-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6032
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34341
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 07:14:04 GMT
server: cloudflare
etag: "6173b63c-8625"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72918660e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634978052-fdfff-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 30 KB
30 KB 195ms
192ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634978052-fdfff-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0eb95f1df71ec706abca0a053ccb9e77821589982d9f3579df8f68bc86ab093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634978052-fdfff-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 08:34:14 GMT
server: cloudflare
etag: "6173c906-796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72918670e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31087

GET
H2 200 1634967678-73134350_2700515570000827_3687075324484386816_n-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 88 KB
88 KB 28ms
25ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634967678-73134350_2700515570000827_3687075324484386816_n-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

105cc9d4f14208c3bd83011985ca2afa9b40dd7c3826c984a228d51da787454d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634967678-73134350_2700515570000827_3687075324484386816_n-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 393
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 89649
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 05:41:20 GMT
server: cloudflare
etag: "6173a080-15e31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72918680e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634972638-1634971616-000_9Q48XD-750x500-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 10 KB
10 KB 40ms
36ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634972638-1634971616-000_9Q48XD-750x500-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2de13c895a4b104022ee28e01573b40af1bf7592375a3ec2358ed273cd7a4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634972638-1634971616-000_9Q48XD-750x500-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 7138
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10112
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 07:04:00 GMT
server: cloudflare
etag: "6173b3e0-2780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d729186b0e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634973844-1634972177-PXL_261019_26569384-750x500-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 27 KB
28 KB 41ms
38ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634973844-1634972177-PXL_261019_26569384-750x500-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aff156d7fa773b99c2b5d3d3813844212d5de624e95b1779055e69aeb00face

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634973844-1634972177-PXL_261019_26569384-750x500-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6032
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28090
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 07:24:05 GMT
server: cloudflare
etag: "6173b895-6dba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d729186c0e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634971698-1632334683-000_9C477B-750x500-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 25 KB
25 KB 43ms
40ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634971698-1632334683-000_9C477B-750x500-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8f17a26f5a455a5bca14543a8401b8c18fafe6b7a4b54b3d58548d43c43c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634971698-1632334683-000_9C477B-750x500-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 386
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25675
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 06:48:19 GMT
server: cloudflare
etag: "6173b033-644b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72918740e2a-MXP
cf-bgj: h2pri

GET
H2 200 app.js Show response
ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/ 198 KB
50 KB 50ms
47ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal/dist/assets/js/app.js?ver=1632261755

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c024c716d39ceac96ebfba72c2dc0576ea5a60f5ee23332c50c462c3c723c7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal/dist/assets/js/app.js?ver=1632261755
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:02:35 GMT
server: cloudflare
age: 6033
etag: W/"614a567b-31797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6a29d729186e0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sassy-social-share-public.js Show response
ba.n1info.com/wp-content/plugins/sassy-social-share/public/js/ 43 KB
11 KB 61ms
59ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.11

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.11
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 4826
etag: W/"614a5621-ab5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6a29d729186f0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-embed.min.js Show response
ba.n1info.com/wp-includes/js/ 1 KB
813 B 44ms
42ms Script
application/javascript 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ba.n1info.com/wp-includes/js/wp-embed.min.js?ver=5.5.1

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.5.1
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:06 GMT
server: cloudflare
age: 5918
etag: W/"614a5622-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 6a29d72918720e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 90 KB
28 KB 141ms
22ms Script
application/javascript 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3269900957596b797ed22998c3ecebc6d76fc59144716c4c196f33307627b776

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 08:01:15 GMT
server: Microsoft-IIS/10.0
etag: "6c8cc17dbfc4d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=733
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27986
expires: Sat, 23 Oct 2021 09:24:05 GMT

GET
H2 200 tracker.js Show response
ug.contentexchange.me/static/ 3 KB
4 KB 124ms
41ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ug.contentexchange.me/static/tracker.js

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 Ljubljana, Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

4cff6255163553846e6123a53e2936762ba8497597985406aa144128e8414cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx/1.10.0 (Ubuntu)
date: Sat, 23 Oct 2021 09:11:00 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 background-banner-download-app-desktop-1366-px.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 1 KB
666 B 48ms
47ms Image
image/svg+xml 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/background-banner-download-app-desktop-1366-px.svg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3af9d28828195fab56321c2dca451e7199c592b87bb6884e931b7380162c4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/background-banner-download-app-desktop-1366-px.svg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6030
etag: W/"614a5621-439"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 6a29d72938980e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 background-banner-download-app-desktop-1920-px.svg
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/ 2 KB
756 B 143ms
143ms Image
image/svg+xml 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/background-banner-download-app-desktop-1920-px.svg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b33d99ba750dd512fad836f8a4e29aa941e56b164d72ff1c3ff4eea4dda870b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/background-banner-download-app-desktop-1920-px.svg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
etag: W/"614a5621-734"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/svg+xml
vary: Accept-Encoding
cf-ray: 6a29d729389e0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1634972106-Capture-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 36 KB
37 KB 28ms
25ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634972106-Capture-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9e9a2d9d0a5439f68252f7a41946ac9c33865502ae16d111818b455fd8ee9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634972106-Capture-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 385
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37241
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 06:55:08 GMT
server: cloudflare
etag: "6173b1cc-9179"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72968e20e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634974148-pexels-tim-mossholder-1722196-750x500-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 22 KB
22 KB 37ms
29ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634974148-pexels-tim-mossholder-1722196-750x500-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b096a8934aa2427a28ad4b698b9e421a71c169ccdbb1ee9a510ef8ef9f8544

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634974148-pexels-tim-mossholder-1722196-750x500-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6032
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22205
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 07:29:09 GMT
server: cloudflare
etag: "6173b9c5-56bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72968e40e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634907539-tito-volimo-te-1984-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 25 KB
25 KB 39ms
30ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634907539-tito-volimo-te-1984-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15f082cf633793821b0be2cbf6bd99d1da9e475d700b9f9093b5c541d59219b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634907539-tito-volimo-te-1984-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 7138
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25924
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 12:58:59 GMT
server: cloudflare
etag: "6172b593-6544"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978f10e2a-MXP
cf-bgj: h2pri

GET
H2 200 dodik-vucic-reuters-dado-ruvic-79231-550x360.jpeg
ba.n1info.com/wp-content/uploads/2016/08/ 32 KB
32 KB 57ms
48ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2016/08/dodik-vucic-reuters-dado-ruvic-79231-550x360.jpeg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25b00a3bae232fd6ef8b441dad75dc31a596e36a4eaac225930644f263f351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2016/08/dodik-vucic-reuters-dado-ruvic-79231-550x360.jpeg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 369
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32505
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 22:40:06 GMT
server: cloudflare
etag: "5fda8cc6-7ef9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978f20e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634973243-viza-SAD-750x414.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 50 KB
51 KB 47ms
39ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634973243-viza-SAD-750x414.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b714d33682f8ffd1ea7cfa97cd524a2bdb82bf4e1465950217283d52d8aa119

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634973243-viza-SAD-750x414.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6829
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51670
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 07:14:03 GMT
server: cloudflare
etag: "6173b63b-c9d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978f30e2a-MXP
cf-bgj: h2pri

GET
H2 200 zemljotres-potres-252236-540x304.jpeg
ba.n1info.com/wp-content/uploads/2019/07/ 38 KB
38 KB 186ms
178ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2019/07/zemljotres-potres-252236-540x304.jpeg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20dcc0eda63617bc1fd8d06bccfa7ac9cb358f73505a67cfdfe60c074bc55e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2019/07/zemljotres-potres-252236-540x304.jpeg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Tue, 15 Dec 2020 02:14:35 GMT
server: cloudflare
etag: "5fd81c0b-995f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72978f40e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39263

GET
H2 200 1634933572-1633181334-bg-tesica-ubistvo-vo-021021-mds.14_54_44_24.Still001-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 52 KB
52 KB 51ms
43ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634933572-1633181334-bg-tesica-ubistvo-vo-021021-mds.14_54_44_24.Still001-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963ed96b9cda7f6881a9913a42d7f0a0a507802c9e289880c079362ae78bd94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634933572-1633181334-bg-tesica-ubistvo-vo-021021-mds.14_54_44_24.Still001-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 368
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53275
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 20:12:52 GMT
server: cloudflare
etag: "61731b44-d01b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978f60e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634928983-000_9Q87MC-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 23 KB
23 KB 63ms
55ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634928983-000_9Q87MC-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87567972bbe1e198a17cbdf9b5b40bd9f50a1657d91ea8872c9b890ec570d042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634928983-000_9Q87MC-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 366
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23540
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 18:56:24 GMT
server: cloudflare
etag: "61730958-5bf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978f80e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634912678-1634912310-1634900844-IMG_1614-1024x768-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 62 KB
62 KB 40ms
32ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634912678-1634912310-1634900844-IMG_1614-1024x768-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3786a2cf4d0b4767e62b705b1431d627ddb5dbbe61f6de134994007a70b9812e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634912678-1634912310-1634900844-IMG_1614-1024x768-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 365
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63706
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 14:24:38 GMT
server: cloudflare
etag: "6172c9a6-f8da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978f90e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634911687-migrant-dijete-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 58 KB
59 KB 65ms
57ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634911687-migrant-dijete-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5392e2e183fb58c10d73f991558dfd289770618bf61e9297dab94f6e66e78c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634911687-migrant-dijete-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 365
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59865
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 14:08:07 GMT
server: cloudflare
etag: "6172c5c7-e9d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978fa0e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634908765-1634906173-IMG_1616-750x563-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 32 KB
32 KB 58ms
51ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634908765-1634906173-IMG_1616-750x563-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65aa872abe45427dbfd0951d1b3f5676ce8b5ea4031c0e77ac4e3eed6ddd25cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634908765-1634906173-IMG_1616-750x563-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 364
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32723
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Oct 2021 13:19:27 GMT
server: cloudflare
etag: "6172ba5f-7fd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72978fc0e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634899227-lukac-175x117.png
ba.n1info.com/wp-content/uploads/2021/10/22/ 42 KB
42 KB 67ms
60ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634899227-lukac-175x117.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c72c166625bd6243d9b8239db906e8d88a46ff06d4108f79449c45e2f0f0287b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634899227-lukac-175x117.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 10:40:30 GMT
server: cloudflare
age: 4117
etag: "6172951e-a77a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72978fd0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42874

GET
H2 200 1634896185-res_1634826733_lukac-na-sastanku-sa-zamjenikom-ambasade-sad-500x376-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 6 KB
6 KB 169ms
162ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634896185-res_1634826733_lukac-na-sastanku-sa-zamjenikom-ambasade-sad-500x376-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cdffbee099ce1843276d981a860c5a4b8a61f8dcdc1e4c45c33808c019aaf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634896185-res_1634826733_lukac-na-sastanku-sa-zamjenikom-ambasade-sad-500x376-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 09:49:46 GMT
server: cloudflare
etag: "6172893a-186a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72978ff0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6250
cf-bgj: h2pri

GET
H2 200 1634842792-2021-10-19T094400Z_167607427_RC2VCQ9OQ43A_RTRMADP_3_POLAND-EU-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/21/ 8 KB
9 KB 60ms
53ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/21/1634842792-2021-10-19T094400Z_167607427_RC2VCQ9OQ43A_RTRMADP_3_POLAND-EU-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4845d25fce1a34bca25fe5cd88b904202b2b66bfbd974baddd0089f2664ab69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/21/1634842792-2021-10-19T094400Z_167607427_RC2VCQ9OQ43A_RTRMADP_3_POLAND-EU-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 4117
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8616
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Oct 2021 18:59:56 GMT
server: cloudflare
etag: "6171b8ac-21a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72979000e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634557705-245779529_478267596557633_1465969471305512654_n-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/18/ 6 KB
6 KB 60ms
54ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/18/1634557705-245779529_478267596557633_1465969471305512654_n-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aceaed3689381853ff3c7ab0d98711a29a1ab9970a3b4bacf1d7a99e0373358

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/18/1634557705-245779529_478267596557633_1465969471305512654_n-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 4102
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5729
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Oct 2021 11:48:26 GMT
server: cloudflare
etag: "616d5f0a-1661"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72979010e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634900191-pomaze-bog-175x117.png
ba.n1info.com/wp-content/uploads/2021/10/22/ 42 KB
42 KB 170ms
164ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634900191-pomaze-bog-175x117.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfeaf982f02024b34d468b5a986d2bda19b472706bd5c4ee397a8e1f83662555

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634900191-pomaze-bog-175x117.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 10:56:34 GMT
server: cloudflare
etag: "617298e2-a89a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979020e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43162

GET
H2 200 1634282113-1-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/15/ 6 KB
7 KB 173ms
167ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/15/1634282113-1-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1002e78b0076ceb24824cfc8e6f3cc8bdf53c0e149bbd31ddc28f891039889

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/15/1634282113-1-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 15 Oct 2021 07:15:14 GMT
server: cloudflare
etag: "61692a82-19f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979030e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6645
cf-bgj: h2pri

GET
H2 200 1634974148-pexels-tim-mossholder-1722196-750x500.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 52 KB
53 KB 65ms
60ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634974148-pexels-tim-mossholder-1722196-750x500.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

383ecfccdfe714fa5d66c35039b9a24f8913ae9a903d88b99cf1c84697f512b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634974148-pexels-tim-mossholder-1722196-750x500.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6031
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53648
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Oct 2021 07:29:08 GMT
server: cloudflare
etag: "6173b9c4-d190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72979040e2a-MXP
cf-bgj: h2pri

GET
H2 200 pomegranate-open-196800-960-720-54491-550x360.jpeg
ba.n1info.com/wp-content/uploads/2016/01/ 37 KB
37 KB 66ms
60ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2016/01/pomegranate-open-196800-960-720-54491-550x360.jpeg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d54cf363dc2e95b197c219975544e7285f83a453248197114b39a629b6ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2016/01/pomegranate-open-196800-960-720-54491-550x360.jpeg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
cf-cache-status: HIT
age: 6031
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37432
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Dec 2020 04:29:59 GMT
server: cloudflare
etag: "5fdadec7-9238"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6a29d72979050e2a-MXP
cf-bgj: h2pri

GET
H2 200 1634906334-1634198857-signal-2021-10-13-132331_001-750x500-550x360.jpeg
ba.n1info.com/wp-content/uploads/2021/10/22/ 30 KB
30 KB 148ms
143ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634906334-1634198857-signal-2021-10-13-132331_001-750x500-550x360.jpeg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c515478ab9ddc828d94184f4c605a68dc7de15b7ab40c9cc2cfe1bbcf6c2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634906334-1634198857-signal-2021-10-13-132331_001-750x500-550x360.jpeg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 12:38:55 GMT
server: cloudflare
etag: "6172b0df-7909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979060e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30985
cf-bgj: h2pri

GET
H2 200 1634892261-1634714924-adrien-delforge-CrHG_ZYn1Dw-unsplash-900x600-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 36 KB
36 KB 148ms
143ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634892261-1634714924-adrien-delforge-CrHG_ZYn1Dw-unsplash-900x600-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6b26d172a586c0b70f8993128a9d379ad6a8245ba12b23367bba4911559ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634892261-1634714924-adrien-delforge-CrHG_ZYn1Dw-unsplash-900x600-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 08:44:21 GMT
server: cloudflare
etag: "617279e5-8e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979070e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36380
cf-bgj: h2pri

GET
H2 200 horoscope-993144-1280-192227-550x360.jpeg
ba.n1info.com/wp-content/uploads/2016/12/ 28 KB
28 KB 145ms
140ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2016/12/horoscope-993144-1280-192227-550x360.jpeg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc3bac9691afbf4099c4a8fc9eca3846beecb95341437f8148f3bc086603691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2016/12/horoscope-993144-1280-192227-550x360.jpeg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Wed, 16 Dec 2020 23:27:41 GMT
server: cloudflare
etag: "5fda97ed-6f64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979080e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28516
cf-bgj: h2pri

GET
H2 200 1634972638-1634971616-000_9Q48XD-750x500.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 16 KB
16 KB 141ms
138ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634972638-1634971616-000_9Q48XD-750x500.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae101a5f7f8ca00ae78fdc9cc776b6abfd9e1f9ddc852ac6e2394b44df2f8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634972638-1634971616-000_9Q48XD-750x500.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Sat, 23 Oct 2021 07:03:58 GMT
server: cloudflare
etag: "6173b3de-4063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979090e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16483
cf-bgj: h2pri

GET
H2 200 1634936413-1630492121-000_9LY6L8-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 63 KB
63 KB 146ms
143ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634936413-1630492121-000_9LY6L8-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

085a96f68a4fa59fc998f2db8ea3e44ceaf21bb0f7838f753c84be8e4f9b1ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634936413-1630492121-000_9LY6L8-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 21:00:13 GMT
server: cloudflare
etag: "6173265d-fc87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729790b0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64647
cf-bgj: h2pri

GET
H2 200 1632466992-angela-merkel-123-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/09/24/ 29 KB
30 KB 159ms
156ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/09/24/1632466992-angela-merkel-123-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2469d9f8fc9bcd567207d1cbdcb85d220ae3fe4c46577944c8ed477aa6c878ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/09/24/1632466992-angela-merkel-123-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Sep 2021 07:03:13 GMT
server: cloudflare
etag: "614d7831-75ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729790c0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30158
cf-bgj: h2pri

GET
H2 200 1634978052-fdfff-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 6 KB
6 KB 171ms
168ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634978052-fdfff-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb216249bb02d3a584ce8cde4c5f3d37d6e3f5b4d246739494726a6187e774a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634978052-fdfff-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 08:34:14 GMT
server: cloudflare
etag: "6173c906-1707"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729790d0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5895

GET
H2 200 1634976492-9b71a7979bed2cef7d7e42d484b06251-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 6 KB
6 KB 146ms
143ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634976492-9b71a7979bed2cef7d7e42d484b06251-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a632081f251631212e6841c59b28a8528aab5a42726061f82cefcca8bfdc2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634976492-9b71a7979bed2cef7d7e42d484b06251-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 08:08:13 GMT
server: cloudflare
etag: "6173c2ed-192a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729790e0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6442

GET
H2 200 1634973844-1634972177-PXL_261019_26569384-750x500-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 5 KB
6 KB 142ms
140ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634973844-1634972177-PXL_261019_26569384-750x500-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2dd7f1505044f378a4d3f22ca09af095981527a140e0ec1c6a96d6bf570076

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634973844-1634972177-PXL_261019_26569384-750x500-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 07:24:05 GMT
server: cloudflare
etag: "6173b895-15c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729790f0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5572

GET
H2 200 1634973243-viza-SAD-750x414-175x117.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 6 KB
6 KB 171ms
169ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634973243-viza-SAD-750x414-175x117.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

419467cab02f49399a331e1d91975bf48bdf9ef2169cdc722dca47f815397e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634973243-viza-SAD-750x414-175x117.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 07:14:04 GMT
server: cloudflare
etag: "6173b63c-17f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72979100e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6131

GET
H2 200 flag_serbia.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/ 4 KB
4 KB 52ms
50ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_serbia.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4f01d25f4038c67570c28418418a7398e6c082909efb2fe271636a3c6dd0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_serbia.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6030
etag: "614a5621-e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d72999370e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3717

GET
H2 200 flag_croatia.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/ 2 KB
3 KB 51ms
51ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_croatia.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9f199bedd330f271f2a1f503aa6012fca850fa0cd7f442385a5c703c645481

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_croatia.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6030
etag: "614a5621-9bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729993b0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2495

GET
H2 200 flag_bih.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/ 3 KB
3 KB 52ms
51ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_bih.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d30405f475ab4cedef48acb729862fff953970816983a92e8688de0d922b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_bih.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6030
etag: "614a5621-a38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729993c0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2616

GET
H2 200 flag_slovenia.png
ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/ 1 KB
1 KB 52ms
52ms Image
image/png 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_slovenia.png

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7cb3272ac8b8e3d5a248977ca95b73874b20f7c4b109689f736d4c9cb2eed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/themes/ucnewsportal-n1/dist/assets/images/flags/flag_slovenia.png
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/wp-content/themes/ucnewsportal-n1/dist/assets/css/app.css?ver=1632261718
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 22:01:05 GMT
server: cloudflare
age: 6030
etag: "614a5621-50d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729993e0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1293

GET
H2 200 1634971207-1634968076-pjimage39-750x516-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/23/ 34 KB
34 KB 137ms
136ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/23/1634971207-1634968076-pjimage39-750x516-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57826b01c7e5f468e1939a6bdbd586c071e0732fcd22a7f93746cf14a40a45ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/23/1634971207-1634968076-pjimage39-750x516-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Sat, 23 Oct 2021 06:40:08 GMT
server: cloudflare
etag: "6173ae48-878f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729f9b20e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34703
cf-bgj: h2pri

GET
H2 200 1634754956-2021-10-20T173146Z_2123385771_UP1EHAK1COX8J_RTRMADP_3_SOCCER-CHAMPIONS-FCB-DYK-REPORT-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/20/ 38 KB
38 KB 147ms
146ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/20/1634754956-2021-10-20T173146Z_2123385771_UP1EHAK1COX8J_RTRMADP_3_SOCCER-CHAMPIONS-FCB-DYK-REPORT-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b6f33ba1903f782cb03c3e5d3809dd9fb6e2535b219fad4eca58568100560d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/20/1634754956-2021-10-20T173146Z_2123385771_UP1EHAK1COX8J_RTRMADP_3_SOCCER-CHAMPIONS-FCB-DYK-REPORT-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Oct 2021 18:35:58 GMT
server: cloudflare
etag: "6170618e-9642"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729f9b50e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38466
cf-bgj: h2pri

GET
H2 200 1634929388-godinjak-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/10/22/ 29 KB
29 KB 139ms
139ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/10/22/1634929388-godinjak-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a50a6893eecd2102a09cd2e28164ae607f36951bc50388e78d9a78739e1c6c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/10/22/1634929388-godinjak-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Oct 2021 19:03:09 GMT
server: cloudflare
etag: "61730aed-74ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729f9b80e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29951
cf-bgj: h2pri

GET
H2 200 1630395219-sjedeca_odbojka_tokio-550x360.jpg
ba.n1info.com/wp-content/uploads/2021/08/31/ 50 KB
50 KB 142ms
141ms Image
image/jpeg 2606:4700::6812:abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ba.n1info.com/wp-content/uploads/2021/08/31/1630395219-sjedeca_odbojka_tokio-550x360.jpg

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:abc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86a9a2188af92551c9902c54c569cbda1e64f9c81e762fe1d544aa58b826caa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/08/31/1630395219-sjedeca_odbojka_tokio-550x360.jpg
pragma: no-cache
cookie: INGRESSCOOKIE=1634980313.277.51.340342
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ba.n1info.com
referer: https://ba.n1info.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Aug 2021 07:33:40 GMT
server: cloudflare
etag: "612ddb54-c796"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 6a29d729f9b90e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51094
cf-bgj: h2pri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPGS7W0SPD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8e9c9e8c54fb9ab9e18072d1505171ea2a7cb79e900d954031898d8724dbbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49380
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
13ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4278
date: Sat, 23 Oct 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sat, 23 Oct 2021 10:00:34 GMT

GET
H2 200 45bgd8wg0l Show response
www.clarity.ms/tag/ 947 B
1 KB 156ms
111ms Script
application/x-javascript 2620:1ec:27::cafe:2093
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/45bgd8wg0l
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2093 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 23338364b941444372adb377460081b6ea24f8d210c989a8a90860922ea10cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
x-powered-by: ASP.NET
x-azure-ref: 02NFzYQAAAABkrZ9pUjTOQLQF1s2YrIRcTVVDMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 947
expires: -1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 52ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: gS9gDYxmtG6T07RLrMAcD7ssypB0mZ8pUK6l6sZZbp0uRW6YtSK+Kq5VQfxh62olTcXn76vMO1DSvVbG7WWglg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 23 Oct 2021 09:11:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 74ms
18ms Script
application/x-javascript 2600:9000:223c:4800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 07:18:48 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 6784
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 11e35514d631a9a9566fd489de935c07.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: ocbRq7X3ydoN_ebU-SHUxV48-xs_-vkN7PE2CEAmW2e6bjJxh5r6pA==
expires: Sat, 23 Oct 2021 09:18:48 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
64 KB 220ms
92ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 12:25:47 GMT
etag: "6172839b-10089"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65673
expires: Sat, 23 Oct 2021 10:11:52 GMT

GET
H2 200 door.js Show response
script.dotmetrics.net/ 7 KB
3 KB 111ms
34ms Script
application/javascript 18.66.97.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.dotmetrics.net/door.js?id=2420
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: f6c148acf82398c43bfcd58b97b041a921d2bdfb0566f68e1c686889f880c789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA56-P2
etag: "2420...185.2021102309"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: Q6W5fc8v3EQMhxgdcLxSCn8GgHAI5K5FOb_mQHNiiMcyeTe1aXEtRg==

GET
H2 200 door.js Show response
script.dotmetrics.net/ 7 KB
3 KB 111ms
35ms Script
application/javascript 18.66.97.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.dotmetrics.net/door.js?id=2429
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8fc8362411160d2c261c70cbdec80543967bfc3ce7bdba41a4cf166fb425d4d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA56-P2
etag: "2429...185.2021102309"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: nfCTVs-K0CjB66kqBT6N6aAZHXC9-ghp9a9-Cnfm6UXLgypBJs5S-Q==

GET
H2 200 tentacle.js Show response
tentacles.smartocto.com/ten/ 27 KB
8 KB 138ms
34ms Script
application/javascript 52.213.132.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tentacles.smartocto.com/ten/tentacle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.132.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-132-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 06e155a3f27234aeef39bfa1341f4346909251fb37b48310d77b60d6198910c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 08:37:55 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60, public
expires: Sat, 23 Oct 2021 09:12:52 GMT

GET
H2 200 html2canvas.min.js Show response
cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/ 36 KB
12 KB 88ms
34ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.min.js

Requested by

Host: cdn.monadplug.com
URL: https://cdn.monadplug.com/format/native/js/hood.js?v=1219239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2035698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11066
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9d-9079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AT%2BfSvCbZaE8LCHKZJEpVtnDpGbU1X0iNxezocUAzjtF0BtXGLPOcEXGcnp6DEhaet6QxrxHXV70TmVPTPnJUSd0OsoJIJYGTk9SiPqGqQlWDJiYRX%2FIq%2BK0ii9BTX8f%2B7W5cooxpUN4Sngx2bFmciI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a29d72aaf5c5a07-MXP
expires: Thu, 13 Oct 2022 09:11:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162781796-6

Requested by

Host: cdn.monadplug.com
URL: https://cdn.monadplug.com/format/native/js/hood.js?v=1219239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a52608edb468a1c97561d0c2af604e05757a20b87895b9886e3e9c62280a824d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35791
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 boot Show response
tracker_ba.contentexchange.me/ 9 KB
10 KB 47ms
34ms Script
text/javascript 46.19.15.13
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new

Requested by

Host: ba.contentexchange.me
URL: https://ba.contentexchange.me/static/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.15.13 Ljubljana, Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

cex2.irv.si

Software

nginx/1.19.9 /

Resource Hash

f8cdf05e444618081e27b3ba9637fdea11c76ba6f47b9fb3ec15044ed655cca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
x-content-type-options: nosniff
server: nginx/1.19.9
etag: W/"6173d1d8fd5354587e2f6128"
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 9491
x-xss-protection: 1; mode=block

GET
H2 200 fpdata.js Show response
gars.hit.gemius.pl/ 279 B
393 B 29ms
26ms Script
application/x-javascript 217.182.200.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/fpdata.js?href=ba.n1info.com
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.20 , Poland, ASN16276 (OVH, FR),
Reverse DNS: gcm6.host.hit.gemius.pl
Software: GHC /
Resource Hash: df684c1836074c2757b39f6075341d00839ee81934ed358230493823d5245f91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Mon, 22 Nov 2021 09:11:52 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 816B 5 KB
3 KB 80ms
25ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , Norway, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 5a6c85f1bcaa24581dd452b04a36521c43dfcd61e2ecee270c52cd6188d2cb2b

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ba.n1info.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
expires: Mon, 22 Nov 2021 09:11:52 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2724
content-encoding: gzip

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 1ED7 2 KB
1 KB 72ms
18ms Document
text/html 2a02:26f0:6c00:281::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:281::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

:method: GET
:authority: consentcdn.cookiebot.com
:scheme: https
:path: /sdk/bc-v3.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ba.n1info.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=263
expires: Sat, 23 Oct 2021 09:16:15 GMT
date: Sat, 23 Oct 2021 09:11:52 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/729d2675-1276-4b08-83ce-5ec1c0b68cb5/ba.n1info.com/ 2 KB
1 KB 72ms
18ms Script
application/x-javascript 2a02:26f0:6c00:281::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/729d2675-1276-4b08-83ce-5ec1c0b68cb5/ba.n1info.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:281::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c710eba769ce3f75c8f2e549df24b89586144c00529b04325287cf0038ebc979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 04:06:27 GMT
server: AkamaiNetStorage
etag: "8d68c5dbcc9ed062e9bdf2a169c2f61b:1634184387.368622"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=47335
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 851
expires: Sat, 23 Oct 2021 22:20:47 GMT

GET
H2 200 pubads_impl_2021101901.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 18ms
17ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125444
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 08:35:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 156 B
133 B 34ms
18ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ba.n1info.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

bd071c9121b23faa1b717d949f6aef33462c5b728b156d422f93565d175d5af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 lw.css
linker.ba/widget/ 2 KB
743 B 23ms
23ms Stylesheet
text/css 2606:4700:3035::ac43:ce39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linker.ba/widget/lw.css
Requested by: Host: linker.ba
URL: https://linker.ba/lw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ce39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70ad4750c8e0d12236baba3fd03546eda8dd7a6a851596087c89561ae4089d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 14:53:27 GMT
server: cloudflare
age: 1577
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXH7gMe21EO2ef04uQOeX3YvH6DNN%2B1ZdpsjIzzUPWasZCK7EHJvkjUaAnCTTUIOAEDLNcPaCJa%2FS3L40MRBPExFc6yAQxHSTq0x5C83egU%2Fz66nqT%2B6eCLhG30mMcXJxSC2vOlbRD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a29d72af9355a0d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 21ms
20ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EPGS7W0SPD&gtm=2oeak0&_p=1892734834&sr=1600x1200&ul=en-us&cid=1893457142.1634980313&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sid=1634980312&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPGS7W0SPD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162781796-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1919835fdb83f96a0e915a8438b436096115d01e92263577791d181ec0cbb12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35796
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162781796-7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a896c6dfeb015beb3c9a9b742eecf64ee64f80904389de5b04624443ad9ddcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35797
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 2034936679973890 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2034936679973890?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ad947be529a76270d40ec4fbd39bbd2a37f05ee240cbac0048d689ead32962b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 88828
x-xss-protection: 0
pragma: public
x-fb-debug: 3p0m10LZyNTGlTKZ/wHMQNec7qAP4e2lX2VAsYderv6fVNFh6s6CZxvoH6JLQzFLZjTCC7LdOUF1MInPyXJItg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 23 Oct 2021 09:11:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 20ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1892734834&t=pageview&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CjAAUADQAAAAC~&jid=1477934468&gjid=468339950&cid=1893457142.1634980313&tid=UA-162781796-6&_gid=1021061132.1634980313&_r=1&gtm=2ouak0&z=359318329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-MQ4MQV5&t=gtm4&cid=1893457142.1634980313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83aa3147ae3e2c330311cd8e197be4eef80153ecfcb2f6c6ac55502bd9efb97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34609
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 collect
collector_alt.contentexchange.me/ba/ 43 B
325 B 51ms
44ms Image
image/gif 46.19.15.13
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collector_alt.contentexchange.me/ba/collect?event=pageview&gdpr=2&pv=3b5359d6-485d-45d7-ae92-3a1b13cc4aa7&url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&user_id=6173d1d8fd5354587e2f6128&new=true&tz=0&cs=UTF-8&ns=1634980312707&ts=1634980312841&screen=1200x1600x24

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.15.13 Ljubljana, Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

cex2.irv.si

Software

nginx/1.19.9 /

Resource Hash

d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx/1.19.9
x-frame-options: DENY
date: Sat, 23 Oct 2021 09:11:52 GMT
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2

200

4515157264596003548
match.contentexchange.me/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1219&cid=6173d1d8fd5354587e2f6128&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=6173d1d8fd5354587e2f6128&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://match.contentexchange.me/adform/4515157264596003548

0
49 B

90ms
25ms

Image
text/plain

46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/4515157264596003548
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-length: 0
server: nginx/1.16.1

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:52 GMT
server: nginx
location: https://match.contentexchange.me/adform/4515157264596003548
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 318ms
103ms Image
image/gif 34.199.28.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=ba.n1info.com&p=%2F&u=B1mQQdDWp0PDIKM49&d=ba.n1info.com&g=66131&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9633&o=1700&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=827&t=DumHSvChMVybreT6FCdau6lD-bbcb&V=128&i=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&tz=0&sn=1&sv=BWblRiDpOgrPCsQcKIBIYCGwCp4nOW&sd=1&im=067b2fff&_
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.28.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-28-94.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 3gJvDt2kPsJpfriQo-rsamjfmdt2n Show response
tracker_ba.contentexchange.me/widget/ 15 KB
15 KB 46ms
45ms Script
text/javascript 46.19.15.13
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ba.contentexchange.me/widget/3gJvDt2kPsJpfriQo-rsamjfmdt2n?gdpr=2

Requested by

Host: tracker_ba.contentexchange.me
URL: https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.15.13 Ljubljana, Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

cex2.irv.si

Software

nginx/1.19.9 /

Resource Hash

8d883aca765436acdc3def820ef0371fc586912325f0adc945e2ffcf9b8572ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
referrer-policy: unsafe-url
server: nginx/1.19.9
x-frame-options: DENY
content-type: text/javascript; charset=utf8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
29 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

506af3dd21782ae082bd4b4364e8289762251e0e91555a61eb417f5146c75ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29683
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-51336095-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56928PS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10a6ae5ce7d00ef26118ce34a4989dc890f60fed12a9a3a591a3b028bf06de93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35763
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:52 GMT

GET
H2 200 hit.gif
script.dotmetrics.net/ 43 B
1 KB 40ms
39ms Image
image/gif 18.66.97.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://script.dotmetrics.net/hit.gif?id=2420&url=https%3A%2F%2Fba.n1info.com%2F&dom=ba.n1info.com&r=1634980312892&pvs=1&pvid=kv3l2beknrlwf1tmy8&c=true
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: qmPR-E7vaHQOHKRK60ZmwLs5fzx1tKRo_pKmLerTCKz6KYqFprVeIw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 62ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ba.n1info.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 63ms
25ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ba.n1info.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.24/ 51 KB
22 KB 111ms
110ms Script
application/javascript 2620:1ec:27::cafe:2093
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/45bgd8wg0l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2093 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 6bbb5e354138bdacaf7fe81409ec991637f79792f4a140480764628a993e7251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:52 GMT
content-encoding: br
etag: "1d7c035062bca5c"
last-modified: Wed, 13 Oct 2021 13:20:00 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 02NFzYQAAAABXD0GbhBtxSqWNy9kFr01ATVVDMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=0D58792DE7654B68999D10BDECFACB3D&RedC=c.clarity.ms&MXFR=30DE92C05CE463AA3C1E821958E46DDE
https://c.clarity.ms/c.gif?CtsSyncId=0D58792DE7654B68999D10BDECFACB3D&MUID=0C7F456FCBAC6FB90C5955B6CAC76EE3

42 B
369 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=0D58792DE7654B68999D10BDECFACB3D&MUID=0C7F456FCBAC6FB90C5955B6CAC76EE3
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:52 GMT
last-modified: Thu, 14 Oct 2021 22:27:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "af5a8b34ac1d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:52 GMT
x-msedge-ref: Ref A: 53DBF23E46DF463F87FCA0DB47CADD6B Ref B: FRAEDGE1513 Ref C: 2021-10-23T09:11:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=0D58792DE7654B68999D10BDECFACB3D&MUID=0C7F456FCBAC6FB90C5955B6CAC76EE3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
275 B 201ms
200ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1BIH-Billboard-inFeed-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312955&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=971784980&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=4&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1b914cd72e125a609c70fea5d3da256a225c93fbc79a82558eb5a4a3489cb64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A2D 0
0

GET
H2 200 container.html Show response
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A2D 6 KB
4 KB 87ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ba.n1info.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 09:11:53 GMT
expires: Sun, 23 Oct 2022 09:11:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
277 B 331ms
331ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1BIH-Billboard-inFeed-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312964&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2156650868&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=4&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

362fd1c9d300aad5df6bc3f275b21a4b7c652f6655b0bbbb5d898d9446282536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 466ms
466ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1-BIH-Billboard-P&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312967&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2351808677&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=900x250&msz=0x0&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=4&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

05c29f4843ff66f0a84b8194dcdd2f55152a4bf760c5ff7c5ece98a143048c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10189
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 596ms
596ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1-BIH-Billboard-inFeed-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x180%7C970x90%7C728x90&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312971&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=813914017&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x0&msz=1000x0&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=4&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

045342acacc0c5cc361d38a45745307278ea8491d4c72a057a7e808ca30e0523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8308
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 464 B
277 B 596ms
596ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1BIHWALLPAPERR&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=360x1080%7C120x600%7C160x600&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312973&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2488576670&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x1080&msz=360x-1&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=4&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6fa2b45dd74f3a7966a621f5a23b176ea665d8b0ae5a50b1b1cd6ce959fe066f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 461 B
277 B 614ms
613ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1BIHFOOTER%2CSTICKY&enc_prev_ius=%2F0%2F1%2F2%2F%2F3&prev_iu_szs=750x200&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312976&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=425&adys=1200&adks=3862401852&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eaf4e7a61a70d1d7e7d9b6b881972dd531579bdeea4ae410e01d51992ac430b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 B
268 B 605ms
604ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2259660265596520&correlator=4172916034368877&output=ldjh&impl=fif&eid=31063267%2C31062525&vrg=2021101901&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=21876124292%2CN1BIH%2CN1BIHWALLPAPERL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=360x1080%7C120x600%7C160x600&cust_params=n1_ba_category%3Dhome%26n1_ba_id%3D%26n1_ba_url%3D%26n1_ba_tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1634980312&dt=1634980312979&dlt=1634980312315&idt=584&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=415710711&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fba.n1info.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x1080&msz=360x-1&ga_vid=1893457142.1634980313&ga_sid=1634980313&ga_hid=1892734834&ga_fc=true&fws=4&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

54f623f7cb27a379103f76bd08dcfc74992c886378fd68bc35a471e74391a77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gars.hit.gemius.pl/__/_1634980312981/
Redirect Chain

https://gars.hit.gemius.pl/_1634980312981/rexdot.js?l=100&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.c...
https://gars.hit.gemius.pl/__/_1634980312981/rexdot.js?l=100&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1inf...

169 B
474 B

28ms
27ms

Script
application/x-javascript

217.182.200.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/__/_1634980312981/rexdot.js?l=100&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=266&lsdata=X6uwNiILm8lOxoacztPOKI5BnSlRYfbHM1v.peLJQBP.c72SfXv.Mn0ZjDXVPItvEcqFXoBdKZL7lQQdgdiox7SHuk_I/Ni9hE8av1v_fS/&fpdata=XzZq7VIKJ5udY99nUsEDMjXXtogqKZjICx8zyiKP1EH.r7&vis=1&fpcap=
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.20 , Poland, ASN16276 (OVH, FR),
Reverse DNS: gcm6.host.hit.gemius.pl
Software: GHC /
Resource Hash: c995417e49d98eabb066b0d6e34684fb99a490105dd83f55c9546102d3d264d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Fri, 22 Oct 2021 09:11:53 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:52 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1634980312981/rexdot.js?l=100&id=d1Y634tNJvhBg0bpcBFOl6dy33LUKruj1BU8lA7r6Dn.77&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fba.n1info.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=266&lsdata=X6uwNiILm8lOxoacztPOKI5BnSlRYfbHM1v.peLJQBP.c72SfXv.Mn0ZjDXVPItvEcqFXoBdKZL7lQQdgdiox7SHuk_I/Ni9hE8av1v_fS/&fpdata=XzZq7VIKJ5udY99nUsEDMjXXtogqKZjICx8zyiKP1EH.r7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 22 Oct 2021 09:11:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
424 B 27ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2034936679973890&ev=PageView&dl=https%3A%2F%2Fba.n1info.com%2F&rl=&if=false&ts=1634980312997&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634980312996.1150188249&it=1634980312823&coo=false&rqm=GET

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 23 Oct 2021 09:11:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 21ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1892734834&t=pageview&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CjAAUADQAAAAC~&jid=1771150053&gjid=1740178580&cid=1893457142.1634980313&tid=UA-51336095-6&_gid=552489371.1634980313&_r=1&gtm=2wgak056928PS&cd1=0&cd3=2021-06-01T12%3A11%3A39%2B00%3A00&cd4=&cd5=&cd7=(not%20set)&z=687416339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 22ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1892734834&t=pageview&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CjAAUADQAAAAC~&jid=1850713426&gjid=1151951442&cid=1893457142.1634980313&tid=UA-162781796-7&_gid=265160244.1634980313&_r=1&gtm=2ouak0&z=1680848205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 14ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1892734834&t=event&_s=2&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=invalid_widget_id&el=native%20*%20https%3A%2F%2Fba.n1info.com%2F%20*%2011797-100929-101861&_u=6CjAAUADQAAAAC~&jid=&gjid=&cid=1893457142.1634980313&tid=UA-162781796-7&_gid=265160244.1634980313&gtm=2ouak0&cd1=native&cd2=11797-100929-101861&cd3=https%3A%2F%2Fba.n1info.com%2F&cd4=N%2FA&cd5=v%3D2.1&z=524097855

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 04:17:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17644
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 61ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Exo+2:wght@600&display=swap

Requested by

Host: tracker_ba.contentexchange.me
URL: https://tracker_ba.contentexchange.me/boot?url=https%3A%2F%2Fba.n1info.com%2F&ref=direct&gdpr=2&cx_id=new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dba6e8d20ec50022dde171e5bbf5fd4e0e783cc92a18fa45018da7d8ce28c256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 07:44:08 GMT
server: ESF
date: Sat, 23 Oct 2021 09:11:53 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 16 KB
16 KB 118ms
42ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F10%2F21%2F1634833328-kostur-scaled.jpg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 02ca78ab3f22b249b0c24ec6b79f67db2e0ad80718ee621cf9aee256be5b8985

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 9 KB
9 KB 119ms
43ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F10%2F22%2F1634919157-genske.jpg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 488d623c712b6289868ace4cb586b25cbe868c9fdd96e491520e8b5f1c05a46b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 18 KB
18 KB 131ms
57ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F03%2F2021-03-16T121226Z_1239581978_RC2CCM97REM4_RTRMADP_3_SOCCER-SWEDEN-scaled.jpg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 5ae4fb28be6c5f648510fd05214221c872907f8dacd1dae029f44c0383a9fe37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 18 KB
18 KB 137ms
62ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2016%2F01%2Fpomegranate-open-196800-960-720-54491.jpeg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: f682f0c51ca805d8fc070c2c5b0592413544a0ca1bb0da6d121c0e66cbdf5418

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 16 KB
16 KB 138ms
64ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F10%2F22%2F1634916327-image2-e1634916351818.jpeg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 7a2271ae6b6581fc32679345bee349f1fd7c7810efc08d96d89bb508b4588b2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 13 KB
14 KB 139ms
65ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F10%2F22%2F1634907539-tito-volimo-te-1984.jpg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 827baeefc193cd3bdc7a9a139863d20509835eeb4970a35f941ec2aeb724992b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 12 KB
12 KB 54ms
53ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F10%2F22%2F1634916018-zivi-zid.jpg&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 7e6717167b034a59f8deb7f34b811fb8cadeff96b1b27c85acc404e4cdeebf09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 22 KB
23 KB 54ms
53ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fba.n1info.com%2Fwp-content%2Fuploads%2F2021%2F09%2F18%2F1631947267-foto1.JPG&size=400x209
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 095d1edb97e400feb09c91d81ad59f207df190e99c30460eb1162234dff3636c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:53 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sun, 23 Oct 2022 09:11:53 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ce_thumb.png
www.contentexchange.me/static/ 2 KB
3 KB 100ms
30ms Image
image/png 46.19.8.15
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.contentexchange.me/static/ce_thumb.png
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.8.15 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: 2E130833.rDNS.SiEL.si
Software: nginx/1.12.1 / SIEL.NINJA
Resource Hash: 8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
via: 1.1 varnish-v4
last-modified: Mon, 19 Jan 2015 12:15:40 GMT
server: nginx/1.12.1
age: 82096
x-powered-by: SIEL.NINJA
etag: "950-50d0047d73300"
x-cache: HIT
content-type: image/png
cache-control: private, max-age=3153600
x-varnish: 569832425 562455223
accept-ranges: bytes
content-length: 2384

GET
H2 200 script.js Show response
script.dotmetrics.net/Scripts/ 78 KB
34 KB 34ms
34ms Script
application/javascript 18.66.97.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.dotmetrics.net/Scripts/script.js?v=185
Requested by: Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/door.js?id=2420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 6256ff909ac645c09866bab6875459e7ab2fb055ff6422c78ee1870713a5c206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 08:29:54 GMT
server: Kestrel
x-amz-cf-pop: FRA56-P2
etag: "1d7c655d2b11bc4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: HLU3u5dKTvMBaY1B4Hl34unMxFwetDw5hfsoNExq8s8_q3dl_qZAbg==

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.xeE67z4qWdthuY13FHFBdviJlr2_p7ukaQRE_k-1nXdnzfmLy9r-s2CaOIMNwKtV.idwrVVmBjvfP6RMxF8-pEQZqKQ0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9435.A2L56PU1x9Xzk5O5q_VXyDeJfwAvG2tueR1g4VjuuhyXFB9Tvk-4TMGy4tmJCsKtYW5GmL96ebm_DhUgfAMGCA%2C%2C.DU65J42KaT9YSwN2-6Uytf2EXZ0%2C

75 B
75 B

57ms
56ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9435.A2L56PU1x9Xzk5O5q_VXyDeJfwAvG2tueR1g4VjuuhyXFB9Tvk-4TMGy4tmJCsKtYW5GmL96ebm_DhUgfAMGCA%2C%2C.DU65J42KaT9YSwN2-6Uytf2EXZ0%2C

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9435.A2L56PU1x9Xzk5O5q_VXyDeJfwAvG2tueR1g4VjuuhyXFB9Tvk-4TMGy4tmJCsKtYW5GmL96ebm_DhUgfAMGCA%2C%2C.DU65J42KaT9YSwN2-6Uytf2EXZ0%2C
date: Sat, 23 Oct 2021 09:11:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 3gJvDt2kPsJpfriQo Show response
hb.contentexchange.me/widget/ 4 KB
2 KB 34ms
27ms Script
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.contentexchange.me/widget/3gJvDt2kPsJpfriQo?domain=ba.n1info.com
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 6f6c07f3b9f9d5d741c3197d738464de4006569829327e54397955876f5db812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
server: nginx/1.16.1
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
411 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-51336095-6&cid=1893457142.1634980313&jid=1771150053&gjid=1740178580&_gid=552489371.1634980313&_u=6CjAAUADQAAAAC~&z=197803532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Oct 2021 09:11:53 GMT
content-type: text/plain
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 50ms
49ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
last-modified: Wed, 20 Oct 2021 16:44:53 GMT
etag: "61701d55-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 23 Oct 2021 10:11:53 GMT

GET
H2 200 tentacles Show response
api.smartocto.com/api/brands/ 315 B
671 B 109ms
34ms XHR
application/json 63.34.36.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.smartocto.com/api/brands/tentacles?i=as6npffbnk9qj2qp9fxu3n5b6wpfk4rr
Requested by: Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.36.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-36-239.eu-west-1.compute.amazonaws.com
Software: / SmartOcto
Resource Hash: ebb5753493440d813afcf1028aeeefa7f75d460fb9b5bbca6c37f9f268b149ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 09:11:51 +0000
max-age: 10
x-powered-by: SmartOcto
x-cache: HIT from SmartOcto Cache
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ba.n1info.com
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 sotm.js Show response
tentacles.smartocto.com/ten/ 9 KB
4 KB 30ms
30ms Script
application/javascript 52.213.132.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tentacles.smartocto.com/ten/sotm.js
Requested by: Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.132.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-132-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f719c75c13cab0545892abf639eba086c8e1c4d35c9ab8ffecc709de87d3bb7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 09:04:45 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60, public
expires: Sat, 23 Oct 2021 09:12:53 GMT

GET
H2 200 ingestion.js Show response
tentacles.smartocto.com/ten/ 10 KB
4 KB 31ms
30ms Script
application/javascript 52.213.132.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tentacles.smartocto.com/ten/ingestion.js
Requested by: Host: tentacles.smartocto.com
URL: https://tentacles.smartocto.com/ten/tentacle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.132.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-132-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4ae23b733c66469abced359fef58fa78b6d9fbbe62f832e1296162da5c299cb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 08:37:50 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60, public
expires: Sat, 23 Oct 2021 09:12:53 GMT

GET
H2 200 7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsOdC_.woff2
fonts.gstatic.com/s/exo2/v10/ 15 KB
16 KB 52ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v10/7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsOdC_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

243248a9e62b74a90d4c729a5e1ab3a174d59d0630a9a91eaa07c8e28de63e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 04:51:32 GMT
x-content-type-options: nosniff
age: 188421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15420
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:21:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 04:51:32 GMT

GET
H2 200 7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsN9C_nps.woff2
fonts.gstatic.com/s/exo2/v10/ 11 KB
11 KB 59ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v10/7cH1v4okm5zmbvwkAx_sfcEuiD8jYPWsN9C_nps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6a54f1178b9fb48d021669c8d807ff36413c1f48160e5f8a37ea4b90583e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ba.n1info.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:26:32 GMT
x-content-type-options: nosniff
age: 243921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11088
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:56:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 13:26:32 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 81ms
45ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-51336095-6&cid=1893457142.1634980313&jid=1771150053&_u=6CjAAUADQAAAAC~&z=1152186193

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
472 B 83ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-51336095-6&cid=1893457142.1634980313&jid=1771150053&_u=6CjAAUADQAAAAC~&z=1152186193

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbscript Show response
hb.contentexchange.me/ Frame CC4E 15 KB
6 KB 30ms
29ms Script
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.contentexchange.me/hbscript?domain=ba.n1info.com
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/3gJvDt2kPsJpfriQo?domain=ba.n1info.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 77417d0a4cfac17490fafc88cea412982dfdececd2c4641bd98248d327588a06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
server: nginx/1.16.1
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 157ms
21ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/3gJvDt2kPsJpfriQo?domain=ba.n1info.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:56:02 GMT
server: nginx
etag: W/"612c9d22-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H2 204 collect Show response
f.clarity.ms/ 0
174 B 303ms
100ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://ba.n1info.com
date: Sat, 23 Oct 2021 09:11:52 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 SiteEvent.dotmetrics Show response
script.dotmetrics.net/ 316 B
1 KB 35ms
34ms Script
application/javascript 18.66.97.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MjQyMCwiZmwiOnRydWUsImRvbSI6ImJhLm4xaW5mby5jb20iLCJmc28iOm51bGwsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly9iYS5uMWluZm8uY29tLyIsInJ1cmwiOiIiLCJwdnMiOjEsInB2aWQiOiJrdjNsMmJla25ybHdmMXRteTgiLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1634980313383
Requested by: Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/Scripts/script.js?v=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 7e7721866c4b8de3164d293ceca8b1deedc274975b6fd59a5aea89cb27e44fbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA56-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: application/javascript
x-amz-cf-id: g_vklw7TrQ1_V4zTDPLpIdilcSbwwF8IpeM0V0ZsXPteuqvcthikrA==

GET
H2 200 prebid Show response
hb.contentexchange.me/ Frame CC4E 235 KB
87 KB 52ms
51ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.contentexchange.me/prebid
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/hbscript?domain=ba.n1info.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 823b07c600f3e1b127d07728c1b5f9f0c2d5adca6b57bb14bbbe8af72339e5a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
server: nginx/1.16.1
vary: Origin
content-type: text/javascript

GET
H2 200 cc.js Show response
consent.cookiebot.com/729d2675-1276-4b08-83ce-5ec1c0b68cb5/ 254 KB
61 KB 127ms
127ms Script
application/x-javascript 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/729d2675-1276-4b08-83ce-5ec1c0b68cb5/cc.js?renew=false&referer=ba.n1info.com&dnt=false&forceshow=false&cbid=729d2675-1276-4b08-83ce-5ec1c0b68cb5&brandid=Cookiebot&framework=
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 14d3beabeb36f0548abb03d3fad5fbf4f5ef7d1600afe2550f01c30fbf706f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
last-modified: Sat, 23 Oct 2021 09:11:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 61696
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET container.html
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5CD0 0
0

GET
H2 200 container.html Show response
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5CD0 6 KB
3 KB 312ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/hbscript?domain=ba.n1info.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ba.n1info.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 09:11:53 GMT
expires: Sun, 23 Oct 2022 09:11:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

1 Show response
mc.yandex.com/watch/71048401/
Redirect Chain

https://mc.yandex.com/watch/71048401?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A425%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A425%3Afu%3A0%3Aen%3Autf-8%3Ala%...

364 B
446 B

57ms
57ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A425%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A692501971684%3Ahid%3A1051135%3Az%3A0%3Ai%3A202101023091153%3Aet%3A1634980313%3Ac%3A1%3Arn%3A1057083720%3Arqn%3A1%3Au%3A1634980313775256610%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980312056%3Ads%3A0%2C45%2C177%2C34%2C33%2C0%2C%2C433%2C1%2C%2C%2C%2C692%3Adsn%3A0%2C45%2C177%2C35%2C33%2C0%2C%2C402%2C0%2C%2C%2C%2C692%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980313%3At%3AN1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&t=gdpr%2814%29ti%282%29

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

bda7ae7f326918eb5738321268ffca9841f41e05652f9f1646bd74092c5d8b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
last-modified: Sat, 23-Oct-2021 09:11:53 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 364
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:53 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
last-modified: Sat, 23-Oct-2021 09:11:53 GMT
location: /watch/71048401/1?wmode=7&page-url=https%3A%2F%2Fba.n1info.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A425%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A692501971684%3Ahid%3A1051135%3Az%3A0%3Ai%3A202101023091153%3Aet%3A1634980313%3Ac%3A1%3Arn%3A1057083720%3Arqn%3A1%3Au%3A1634980313775256610%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634980312056%3Ads%3A0%2C45%2C177%2C34%2C33%2C0%2C%2C433%2C1%2C%2C%2C%2C692%3Adsn%3A0%2C45%2C177%2C35%2C33%2C0%2C%2C402%2C0%2C%2C%2C%2C692%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634980313%3At%3AN1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:53 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame CC4E 2 KB
1 KB 80ms
36ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211023

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3513a5809d681c144ae6ec0e759110fa3d0c6bfb9fc09c6997b02761a916296a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22257
x-jsd-version: 1.0.1138
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19156-FRA, cache-mxp6921-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69b-Sulr/zQaiHXOtK7z7n+ZRBu6AlQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a29d72fbb005a1f-MXP

GET
H2 200 / Show response
adx.adform.net/adx/ 1 KB
1 KB 83ms
28ms Script
text/javascript 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTEwOTczOTMmcm5kPTk5MTg&bWlkPTEwOTczOTEmcm5kPTc5Mw&url=https%3A%2F%2Fba.n1info.com%2F&callback=_adform_cb_1634980313541_6008560010282542

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2f7d75c4ce1dc28cd119ac010a7ed63d174fea0e348b7cf02412c38731b9432e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 791
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1892734834&t=event&ni=1&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=8ju9f1&_u=6DjAAUADQAAAAC~&jid=&gjid=&cid=1893457142.1634980313&tid=UA-51336095-6&_gid=552489371.1634980313&gtm=2wgak056928PS&cd6=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F45bgd8wg0l%2F1suync2%2F8ju9f1&z=213157111

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 04:17:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17644
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET container.html
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67F7 0
0

GET
H2 200 container.html Show response
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67F7 6 KB
3 KB 174ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/hbscript?domain=ba.n1info.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ba.n1info.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 09:11:53 GMT
expires: Sun, 23 Oct 2022 09:11:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 114ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=n1info.com&host=ba.n1info.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea058413a6122efaf3fb58216d79bd6886a87e206304a50c4a3b0e477bc3941c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK pbjs Show response
eu2.adnetwork.agency/ Frame CC4E 2 B
225 B 210ms
106ms XHR
application/json 62.122.168.72
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu2.adnetwork.agency/pbjs
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.168.72 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.168.72.serverel.net
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ba.n1info.com
Date: Sat, 23 Oct 2021 09:11:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CC4E 0
186 B 150ms
47ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.11.0&cb=16823899267
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ba.n1info.com
date: Sat, 23 Oct 2021 09:11:53 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CC4E 144 B
1 KB 275ms
174ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

18a331e70b9a3f31f04f1f4570acdf64effa31260badca36488527f7fb4ffa18

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:53 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3a553d8d-679b-423d-a55d-6b5b0cb04aa3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ba.n1info.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame CC4E 0
497 B 49ms
49ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame CC4E 0
497 B 70ms
69ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ba.n1info.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CC4E 6 KB
4 KB 164ms
71ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

347ef0300665cca93674647de112d393b4305f5c41cbdfe1757c187d8fd53947

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 23 Oct 2021 09:11:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5193ab6a-407d-413a-9154-0136b698e433
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ba.n1info.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK pbjs Show response
eu2.adnetwork.agency/ Frame CC4E 2 B
225 B 309ms
215ms XHR
application/json 62.122.168.72
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu2.adnetwork.agency/pbjs
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.168.72 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.168.72.serverel.net
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ba.n1info.com
Date: Sat, 23 Oct 2021 09:11:54 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CC4E 0
186 B 140ms
47ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.11.0&cb=1653799780
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ba.n1info.com
date: Sat, 23 Oct 2021 09:11:53 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 96ms
41ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ba.n1info.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 23 Oct 2021 09:11:53 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://ba.n1info.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 95ms
41ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ba.n1info.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 23 Oct 2021 09:11:53 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://ba.n1info.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 33D9 624 B
946 B 86ms
25ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXmljOltTZI4Ts8Ikxg9lExT1HNPXVm3WtVbM6G7Au4odwun1IqOvhQzBnsUglfITWH3xeNgjJP1KWrp_ikTq3cimrBdneQ7X-jka-JLxHQXGaXEnR336-QTMo7UqmyduqfjVNJ2jO49Vi4QGvwCgXds0Xlg5QqlmRscrCekMqAiabTRTg

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXmljOltTZI4Ts8Ikxg9lExT1HNPXVm3WtVbM6G7Au4odwun1IqOvhQzBnsUglfITWH3xeNgjJP1KWrp_ikTq3cimrBdneQ7X-jka-JLxHQXGaXEnR336-QTMo7UqmyduqfjVNJ2jO49Vi4QGvwCgXds0Xlg5QqlmRscrCekMqAiabTRTg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 09:11:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnB5sgTHAVzXclfzEoY2IdDF7x55Tsyb9Y0IdWmeWOCrYmhJdDeQQQynsdU; expires=Thu, 17-Nov-2022 09:11:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 09:11:53 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 67F7 25 KB
13 KB 113ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQg3m8K4kAu378Mc-RxRg5OYSx7JfVAY59qII6CnMGduuM3_pdYdmPYNP946qEHw1TnuXSd4RCYa20LnOt8y8doF7nN_GyhGsZJqYmq1capk2jQhEwE9fW6cw4q8heHvIeEnzelIwcKszilMMStM7Cd9ETBQ&cry=1&dbm_d=AKAmf-BE8oxdljbgtfLZBajkBxQPJiHy3lAouqI8dixJpjTg_OQ7LlcQeajoqveT9_ERfvo8TKZv6GvBJvOUbdOgtAwpYQQouXrAYj2bD0suE9g6Hef7i7orq1IW5Y19op4TvfBCDWzhW__ca9QMGPGanxLvFiL8RjRC2fbs9tVcxuEuZE_kO7F1CWaO4ysUIviAF1LJOw0NSgU7ANmnOKE8KPaqE9kcvAflOEUZMT4GQsfsyk4vQfMfWZ-R95iU14m3y1S6egCqNQu9hGDECF3iKK66eLqZZ3vtE2DpICJ6b2KjCJCRRqCIBRc1PiFa0Mm6oeGeUAxX07x636SR5WQP4DX2Hja-eTm-lAp4vKvJdh4YzhMsONHedcv4ooJ0yGKfWROmfW4SrlSzfdUYIp8fq5mGHJy8dTZ7x9E_cHsYBpH5p18DZ2zm3c11-pzTuJoW89_-xDqi0j2OVNprpkh5VWswQJdT-z8Vgd5m8OwVciPpVN4CNhCmBIVFiKN-F6dCQabkuX5D0EzHaPKGvhw-bPqPZot35swXO5r6sMC9ypnymTUlt6tvzIEGgGyYATWPgLBNackciwSKAWoTTcPB5TsWEbnY4Wda8TX8WkIZhxnyiyapaah2daLCr8nG3FO4gH8iyLsVFkFkBSGLEcJ9RDi-RiiJyilCtNEA6XCfXxieYq3g5AUqDS7DZrNwQujRiwcB4GykEQxkT9mrfkpmPqTlmr1OH5cbu-S1KyoPOKnY-_jgu5EcHxFGbVpib_HfCN5huKzbPywKjcjNfp73gpEYWQ7CLfYgQNhmYdNmej935wxrFHnmTN18yRfhtum3woFh21-jDZ-d1ojS2HTOm-KKvPFx--G9XOLXZ7X1HjJz7X2O3Nd4KqHAeyR4DMF9IypiRupOOAlecrr68IBoN1GnwHmYKYtzWjoOgMsRvmt78yZd0alz4TEWLuzyBWxvoI73RxOi6KY5x3CH0fe9OrVzklDxUBO8ARgsy4_ENWOysGQZfC0_O_lbcaJOnzhpHz3lp-wTRNVcgrnz_4jThsbAKmwlXkUpC3g3IzTdHOm4ugmEzAq_X_U8MIrTy9Wtff557kNmrkad43dR9W_qxXp4Lbkvj6hE4ZIbrZ7t0ra3tAdSYv3ss5jiQE8h8KLtKX3tGCvMCPTwTNrzQYDFvbbd7cPnZ21CnOv5an77TXseICyJJ_vtgeM4UHsJz3AL5rAwTmyOU3AJ7ckU74dowSEopjY8TQAwns8hswHNN1jc_e1wtgzBq_Wju6Prp4in9KFqXbvb3jQ1sRGhXsh1zCrJB6JhtOQLEnFznYkwFJvy2_NGtntUZd0WLBgdSdfqVE8Tw8X6xnnWGNrhljeqFGLjpuJbVQk27zZ7GXdN8Y5LapjPfjnVB-Vqyr21HfvDG1yDqi4vcGkq5XRy8fpnInY5aSrzJjBoLHTDt8AeaGVgnQIdd8RgLu1ASXu5uh_OsxaurDa9JPVkX1ZVV7GG_yKVLLYWRESMR3sMy0lVzKQi0MuVUZ8DQRApZipUnM9CN6SeOamr-jEBmEzC-Q7RUI6vFpHjhgwtVwWw2uyPeVGxe3TJSZAEi7g2UFf2baAJmlwvTU4Z6IxO8FnbC7i5FmR4X9SXlxvzvhMSD_NCozS79TsC3bvgL1_8jh3dvOuzJXvnIuLw_3tBL-X-LOf6YOJ1axuaXJY8RusmTGPinrh5dAH3haYQ-izGGWUzK_2BeJAvAMTVKKRyVpCJuAomPYTl1WeTXZIws-vNj3Vea0jEv7SJB4cXj_q-ND2Rg4811tx2i-kyEE3nPwu0vhOtyjy8k7ZmftGXuX280M8RFJN6SWq9RxVjPTHIFxRCRQuMTCf-kQ7xKUWl-JM2JstvUpL40KNfKsYFNLEOkQly7xv5zs5gM3BGjaUy3EkceeR1kBb2WKDzwuAQsq-kcmN9M2tbpTtOL42Y6WgcJa4qej1EZw6j54ydjZ32bC54amMy1gMLNS-8oqWCQLFOGKhJH97fm31M_lytuUnU9jTZk37qCU44BzS3lC3jqGB84p59eEyB_pJe3C4nKdzZJX88eI0lGVKqCr7LYVwaAPfqUmaFnnyQzMw76w4qUFvnssLDYVrxqALkYsIXsgMrKasRO-Y_uKzZgJXLDCxQLFotQFdvt_68_zzJDfeWjm_RiMf-9CRPPa5NqP9ZWUKRAT5SScHlpfqRIM0v58rNwpt6dqf04UwGs7fFbXD-VTwN6nvrGrJESkxALYcVBs-NuzX8vIFWchRlUttGPOoC3czQyXhfSjbDtN-9K9qlhoA0G7GpN8I61g1s-GcRIExI8C9_S3T1Emna_GxMfsjaAOyEW6dFxceZRrOWL2cdf9ed3fA4dHnMb8Xus3iJzgvgewP2q9wrGSqhw49IP-2lQDBBPoOsZmDqr6tOKuX9pITE3ZPS7AVTncKE7dw04p5itiHqqhrq7aRy1kzmR_FmR7sQ4O5PzuQdLxDbDiLpAoCft4-nCLWRT2gcw7_hWJwIaL6rbG7FDc11j8C2PMw2c_gVqXhrhG0pLYPDu2UjRRxdlZq2BfIUw_SuMLrD7MGBYsEETRuFIAvOKNUZWHNB0RdeVqZiqV7M6GWUjUX1M2V7JacwE9tRIN_rS2sYg0F0DDuffMjzdw_uR5uv0m7mk5e_4ZH7OCF6mN8e1h264SUsSfCEvcTaPT7g6KjWM9bkqFnjCPbc_PL8HR4pwslfqANKVAtso4rr0CE2-0TtY588i6IA9tn5fTZUZCkf7x1IDcdrdsJzOmPWEtu_TMLxZeOLGJOCJdAlCCRJpygIXEcuitUmBlppuQ_cwGHGr206HEOhqQe52Kzl7LFMOcD8xXQUWbMbuLZ4s39p_z_NVqO9UsvAJHCJskPYc2TCLM2_nRZnELi-Wn4IS1KPldiLEr-kvLsOb56Dyt46sr1AMX3rRbc11bKfbq0v0J9UstiCEzBMIVeIpf-438n7FtsymvvrsG6jTKVmUN-xtVlPH_Ne52Z-DkWHAiEUn7yTQj_opFf7zZADW5e7wpJmURh_a_770BJJGkuny6BDPQRPIQSuCZ1PoAnjv_Inm_cBjgwXe7MhXzomQNk6KbgWlDmrP34gtQJhdiga7eitj48L_fDZPvDx_UrUr1AfYMg2CTZc3j7KoRpwmcRlv2_dmCiBJzJv2OifJYuBOuCbvT_Pv4dUNJ-EnIy9LIXSttTNjnUsIQwYQA8I_NAbAtCEvT7Rj14SNxx6d-6Euo8&cid=CAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e1203f56c8cc58c0c3cba9c8d0026e4665073d50d0dccd3e33924800ec3aaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67F7 42 B
110 B 51ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AN53QHYSZnJCcF5hN02oYnULYvqNVERUKS8-YmGAJNjQSwUf6MR20F7q5lr3VO6V82F32YlK3NbDrM7cUus2FAfhOpel36HlC3Wv1qyPvlwaw8ouE

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 67F7 3 KB
1 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:57:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67F7 120 KB
37 KB 55ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 09:11:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 67F7 14 KB
7 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:58:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2654 624 B
559 B 88ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI-aibATAB&v=APEucNWISO72lkbUN7qreUhdsZN15VQr-JSpOBEL4QtlRPR9K20RyW5hp5oLGo5yiqv4Cya05JW-g6a7zyU4m7uSEAZX2txaHHFSWlxgRwUMEpjUC21MmAk-cVJTKrp3woBdp-8wIUHIiZs7sfaGe-tIwGD5cbxqcFsKxQaSqrw_rYWuMUjwnT0

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjI-aibATAB&v=APEucNWISO72lkbUN7qreUhdsZN15VQr-JSpOBEL4QtlRPR9K20RyW5hp5oLGo5yiqv4Cya05JW-g6a7zyU4m7uSEAZX2txaHHFSWlxgRwUMEpjUC21MmAk-cVJTKrp3woBdp-8wIUHIiZs7sfaGe-tIwGD5cbxqcFsKxQaSqrw_rYWuMUjwnT0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 09:11:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmMYIxgadzyEmJ0CRaYKr1QQgkGVtTA4QdScr-zSnDwkU6I-0fKSFouQ1xA; expires=Thu, 17-Nov-2022 09:11:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 09:11:53 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5CD0 25 KB
13 KB 115ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbrq0QRgRJ37ZYwoIKZgXk_UzbCX1iu8VYlWQyPK8cYfjfkZRYnv-xzHAwMfa1zGrfFPI5VDA6NbNyKtYkDHtJnO3Cz_-unvgJA3B54hhW2djiSGN5RvY4riUGqnpgMCS52pkzD77_YwlxbpaBRqinar1CpQ&cry=1&dbm_d=AKAmf-DdQL6RG-5zZlDGner9zIkEbPTZ23YTfpwsAxDXMRmWVwAraQjt_vb28eSsXCnP6_9rMyev8hCU4x9jGMrJs_p-DpGxyBtE3jzHpV8dgD-0UQpVMQ9zSKd0LcZGS3xUyRYliaRWk8b3_PBz584T4y0uwPGGmbvuMJck2P0_e9dqemSs9lc0VgCMYOOez3oRBZh8tekS34aBSC7RAZrlLiWRIgA-tQOU2lvO6GdFSfrJW1jlHqS6wNbQedg0J1HugqeqNRWvvvRrBuGlQNNlErzu-G7PV8fM2atdIUlcn62YNUzXVOx4BQnuAMk5LtZqRGSa-32Q7VN_qTcZ7OxNHk36v4RI4bWNKcLHIWkjUz4GsQ_-OlB5VEoDvXqQZ38am9o1GKv_2i7Z3EY1uNA8vfmyPz-uWi136oiQWe_g1A6KKkb0Qxb5A7AbbaDds37U5QQsLKWpGD8jE1GGgJsfmPJlmLTEiO_ZXaXQsIjz_SU3wIC0bcEOwkHuWuTh_dOKonJ1RLYAiiO5jzMsVigql-kzMTdCfwgBpluyhalfTpuZ4OanbCLVNHVhw6qPf49wXPYVWKaCYGxq7jEehssJb0s_tMsnnqIWrs1pq_Qb_FHYOfI1nvqkECElJviJ_-66J2bMCV9u7OKmYBGnB_K2iP6EhwfSzMAHdjeIZpj6KQVP6i3MjDJbKxQroyMCswnIa1sW72OdhfEMAB6Fza4-vFslGlAS2k215VfHtsdYhy50EKqaZdTzbISDvU74uH4q_-EhFPSvQeruAwnN_NPPVXpwEne_G18_eTHqg31SOHgMEGB0mx4pl4zJfi1114CQhcP0AGYRTbyAL0J_1jRF6ydlq0crKXmPQmYQBFaYigDHbUkEe4sBO8HgJ6MqTaflS24uOIW338GZapjybkd6vFeUPZ7LKsOUg0AAUTSrvcnKdPGYoN_mh8nyHioO4rtj2MdQCLlL1UIYrh4eOEI4akgl-iKTTZ2UGpOMRai6eik3DvBXJBXczl74yVUwHpXN8WYp6__Gvtf7JuOu-blO_KYMkfpkhsySfw3ujW5NK3OqV7sswRSAFd3b1Q-iuZE-5U17Z4fuKemz8Dd40GlPtKcQ_z-qguvKRAIQhDoEVblQ3Av_XRQthnMllA0G0ZFH3B-uPwp9YY-TIKzbV35-Ij-6Ge0K9tITwV3tnyUZ3Hfuwc55svIXMJJXL7IuEaV75sHgPzFZd0M0l0JXaS6CnH9ctxybxyLUvJwengonVIggfcxA3rKfgpu9idXFESMlJupSqaOHLgc7-Oxpm2iOpB1vM02E_zO8ct1MuYRU4Pk3QlJ8UnZF_CgwI6o2aw1kGqIxju9sODEPiRWWCGhA68GjPZhl_lo1UcXiXKvS1GD5J7KLs1-hCVh_LQW-LAFlZyvPVdtH9a_QPMjHXOQ6D3IdZ8Siaa3nt_EQuj7edftyc2qIV1PDaA7mb-iPl1H86syx9w5MG6dr9oyXx_N-wtvruPODMRB3ZCTja6uiSpNi6tyUpR1-uYYete23-8MAH6Nummr7nZdOX3cnBktQhqYrxrtXY3EbZvfqiEWAX8aib-CFBylqKU2A8cPElV7agPiFUGfViZiJUGZKR_SessfsXw7SEXgft1Nhrv8DBefXjayQ43Goi9y2m1FamypLP7wp2755oTChZYZFaflMfsQcPUDozRjddwqZqnNhIyilsD8JR7iqTAon7mZ-HZl4PtPy6DcqA3TqxDP4o_aHYxUa47DPQuhxbWmbIIzRR6tsLav5Flcon6rXhSubJGox0u4ucEO46boGYKSjHk-OZIooKp8QlISRC0j91K6eDLVdJJ2rXjLCNV0X-_oIwoHc-Y1My2sTMNeXQ_kWqcPO99Lt_YYB5FAC4DlrAsHRFWBe1Mz2TlabXkrnag1O0KW4DKQrXjphJOEsL2HdFOg6cTh3UWki8k_1TmqAeA75zDaiNg-Lc0OIfTJC_1tSNCFXPagurWzp3CnglHHNluJ3cMCmQ3dU1WvDAcM4IZ0Um1OvezwAKpvC0Ij-FGGxW3U4g5pyT693sqrkoEPZy_twu_TeL0BwXYbRPpLvCdG9y5AB_JedJyNeesOtNJ0f0M6h-rKsay6oIqh3u78vqh7XqNFBP63J1co_mTC09Kq3sjZV9-JqKMpl7viL-nfMu_PodfRB6uPKnHho1nVXTrUuXRTCYwpLVKLerHkoHMhLLNmDbORHKIt89gYjx8xyXOZ30E9cR9doc7qeUvaRobolJX6V7He5gJBfahmOCegvZ3_c7QqyKxYVeOrTzl_28qYnE2z4JHg_bTUNuSAX5FaotqWVHGqlzSXYVilrVp0MFuwLBAoo3pe8S4p6Uc7WvZ4rXqmWgDfz36KqARPuod3VYnpb4xE8sRk1s0S1AUwwi9GZIcaDptv9ikFjXvkJK3RR8QXKTOIpOP9qgfezwe0eocz8345WwHepybFg8IwTfz5bE9_ZbKo64wfx80W_hcpDVMBFpCaMXfAA8-a-UYuEXWrU75N7sg9DR0EFRd8nQMRdLQz7Kzw9SToHuqPDb9xbD-ipqBs6rI_TtFOJwU-ulXh8Ks_8shSLfG4gU1xLYeIPDzSEGhuqzWyrm0A6Nzb52tu28lg9sZd76-LeXH6mHS-RDAPWjZ5BAPrLLmbQ-GLMPWMN6pF1duhLLGSAK8_VLZugUdB-xq_g_KN2jqVQH4nUXEXf_wlSrU86mZbik0_nLPYViEBccLN9k84Pr4c_He1z7Lh0NLCIO3QWR4Zt2RSPftmdf5ruHhPxsLRoxYHph0dZYYBmoR1cnHcM6moj_IkTi5ElKTz5cPYIv5JcRE943YHksVKZXOXFeJGiNnt-qvyBJnIkxgf8s6dM6lqzvTQKvihV9V9krxSrnkJ9zka70uZJ78enXPR-aimT4XuqVO5aG-Yd5SxVJBsvi0ibl1HnSaP_u0cfaSzNGcBClAN7RcgsqIcNUfYEjFFuDjoeifxtB9JpMXLxN_OQSeEzQolVZ2pEY_cddgt0qQEJ7fqPYG-FpomIdmeV9CkhqnZuP3C7LMP_Fxfj3oDSU2lWb5PHZFBLOehtnX7vqIOrMJrnfn_TOq-8dGNVZoFKYmJxCL6hT-Hin8N9ONn32glBz3y9ZKYxTsB4iO9Sxc45ami73Fr1yltHx8bHpeTKeX2bS_u2fkCZfF0XhbqJrnBi83zDlnu5hW0TYxFEQSBlWWxYflreGtea71Zt8XZoH3DgfcRGjEWTflV2KbwwUxdS94xAPE9Ov2jVB5MXOvMH4cV2-6ZpQ5R4gNnDCEQ3xL9NQfLuqr_W0VcAshQNMYcKvtE9P33x1TqwJPXV1FmtaNwwTX6SzA&cid=CAASFeRoA4qo1FRhRrfTrJdvP_De-QGymg&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3972e1acea2375a5024efd2df897e87fef781b9d78b0ca7dfa14f68ccc8f21fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CD0 42 B
107 B 50ms
50ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3sVdqMMdHPf2NzD9HYVcNoEhFpJFbDNWsiOBtojIluxQGD6kIuVSjKYhJ0BQJZzPaRForxCYbv0nG7ZXLWxVnXn2Rgg-kebpKRs6zdw-ZmkOZuh4

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 5CD0 2 KB
2 KB 82ms
14ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=125994&plc=5131262&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iI-4yXxklWUUBKd_PzQqrV&DVP_DBM_1=3060631&DVP_DBM_2=17645341&DVP_DBM_3=46006603&DVP_DBM_4=325729480&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21347144487&turl=https://ba.n1info.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5CD0 8 KB
4 KB 83ms
15ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iI-4yXxklWUUBKd_PzQqrV&DVP_DBM_1=3060631&DVP_DBM_2=17645341&DVP_DBM_3=46006603&DVP_DBM_4=325729480&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21347144487&turl=https://ba.n1info.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5CD0 3 KB
1 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:57:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CD0 120 KB
37 KB 62ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 09:11:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5CD0 14 KB
6 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:58:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 33D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1

43 B
1014 B

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXmljOltTZI4Ts8Ikxg9lExT1HNPXVm3WtVbM6G7Au4odwun1IqOvhQzBnsUglfITWH3xeNgjJP1KWrp_ikTq3cimrBdneQ7X-jka-JLxHQXGaXEnR336-QTMo7UqmyduqfjVNJ2jO49Vi4QGvwCgXds0Xlg5QqlmRscrCekMqAiabTRTg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 09:11:54 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 23 Oct 2021 09:11:54 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 33D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPR2illTr5ivO9gVF0UdwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1

43 B
894 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXmljOltTZI4Ts8Ikxg9lExT1HNPXVm3WtVbM6G7Au4odwun1IqOvhQzBnsUglfITWH3xeNgjJP1KWrp_ikTq3cimrBdneQ7X-jka-JLxHQXGaXEnR336-QTMo7UqmyduqfjVNJ2jO49Vi4QGvwCgXds0Xlg5QqlmRscrCekMqAiabTRTg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 09:11:54 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 33D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKCeRoGymwOiaomtEr69vmc&google_cver=1

43 B
1006 B

10ms
10ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKCeRoGymwOiaomtEr69vmc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNXmljOltTZI4Ts8Ikxg9lExT1HNPXVm3WtVbM6G7Au4odwun1IqOvhQzBnsUglfITWH3xeNgjJP1KWrp_ikTq3cimrBdneQ7X-jka-JLxHQXGaXEnR336-QTMo7UqmyduqfjVNJ2jO49Vi4QGvwCgXds0Xlg5QqlmRscrCekMqAiabTRTg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: abf9884f-0549-4895-87a4-5b460560e7a9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKCeRoGymwOiaomtEr69vmc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 33D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D

170 B
232 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:53 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 45e16cb8-cc71-437f-8c04-a2da958b52d8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2654
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1

43 B
1014 B

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI-aibATAB&v=APEucNWISO72lkbUN7qreUhdsZN15VQr-JSpOBEL4QtlRPR9K20RyW5hp5oLGo5yiqv4Cya05JW-g6a7zyU4m7uSEAZX2txaHHFSWlxgRwUMEpjUC21MmAk-cVJTKrp3woBdp-8wIUHIiZs7sfaGe-tIwGD5cbxqcFsKxQaSqrw_rYWuMUjwnT0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 09:11:54 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMcbu-ExAD2sDiaIIjTQ_dk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 23 Oct 2021 09:11:54 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2654
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPR2illTr5ivO9gVF0UdwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1

43 B
894 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI-aibATAB&v=APEucNWISO72lkbUN7qreUhdsZN15VQr-JSpOBEL4QtlRPR9K20RyW5hp5oLGo5yiqv4Cya05JW-g6a7zyU4m7uSEAZX2txaHHFSWlxgRwUMEpjUC21MmAk-cVJTKrp3woBdp-8wIUHIiZs7sfaGe-tIwGD5cbxqcFsKxQaSqrw_rYWuMUjwnT0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 09:11:54 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDen570_sTc8zMThWdaH5G8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2654
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENRZ0xYC2Wg3S3hY4JpKZAQ&google_cver=1

43 B
1006 B

8ms
8ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENRZ0xYC2Wg3S3hY4JpKZAQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI-aibATAB&v=APEucNWISO72lkbUN7qreUhdsZN15VQr-JSpOBEL4QtlRPR9K20RyW5hp5oLGo5yiqv4Cya05JW-g6a7zyU4m7uSEAZX2txaHHFSWlxgRwUMEpjUC21MmAk-cVJTKrp3woBdp-8wIUHIiZs7sfaGe-tIwGD5cbxqcFsKxQaSqrw_rYWuMUjwnT0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 33ef506f-daf2-458d-8a9f-3d51584e4e1e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENRZ0xYC2Wg3S3hY4JpKZAQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2654
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D

170 B
243 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:53 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c980e835-a52f-44de-b130-3709d82ba481
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3NTgwNzc1MTA4ODU0Mzc3MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 67F7 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQg3m8K4kAu378Mc-RxRg5OYSx7JfVAY59qII6CnMGduuM3_pdYdmPYNP946qEHw1TnuXSd4RCYa20LnOt8y8doF7nN_GyhGsZJqYmq1capk2jQhEwE9fW6cw4q8heHvIeEnzelIwcKszilMMStM7Cd9ETBQ&cry=1&dbm_d=AKAmf-BE8oxdljbgtfLZBajkBxQPJiHy3lAouqI8dixJpjTg_OQ7LlcQeajoqveT9_ERfvo8TKZv6GvBJvOUbdOgtAwpYQQouXrAYj2bD0suE9g6Hef7i7orq1IW5Y19op4TvfBCDWzhW__ca9QMGPGanxLvFiL8RjRC2fbs9tVcxuEuZE_kO7F1CWaO4ysUIviAF1LJOw0NSgU7ANmnOKE8KPaqE9kcvAflOEUZMT4GQsfsyk4vQfMfWZ-R95iU14m3y1S6egCqNQu9hGDECF3iKK66eLqZZ3vtE2DpICJ6b2KjCJCRRqCIBRc1PiFa0Mm6oeGeUAxX07x636SR5WQP4DX2Hja-eTm-lAp4vKvJdh4YzhMsONHedcv4ooJ0yGKfWROmfW4SrlSzfdUYIp8fq5mGHJy8dTZ7x9E_cHsYBpH5p18DZ2zm3c11-pzTuJoW89_-xDqi0j2OVNprpkh5VWswQJdT-z8Vgd5m8OwVciPpVN4CNhCmBIVFiKN-F6dCQabkuX5D0EzHaPKGvhw-bPqPZot35swXO5r6sMC9ypnymTUlt6tvzIEGgGyYATWPgLBNackciwSKAWoTTcPB5TsWEbnY4Wda8TX8WkIZhxnyiyapaah2daLCr8nG3FO4gH8iyLsVFkFkBSGLEcJ9RDi-RiiJyilCtNEA6XCfXxieYq3g5AUqDS7DZrNwQujRiwcB4GykEQxkT9mrfkpmPqTlmr1OH5cbu-S1KyoPOKnY-_jgu5EcHxFGbVpib_HfCN5huKzbPywKjcjNfp73gpEYWQ7CLfYgQNhmYdNmej935wxrFHnmTN18yRfhtum3woFh21-jDZ-d1ojS2HTOm-KKvPFx--G9XOLXZ7X1HjJz7X2O3Nd4KqHAeyR4DMF9IypiRupOOAlecrr68IBoN1GnwHmYKYtzWjoOgMsRvmt78yZd0alz4TEWLuzyBWxvoI73RxOi6KY5x3CH0fe9OrVzklDxUBO8ARgsy4_ENWOysGQZfC0_O_lbcaJOnzhpHz3lp-wTRNVcgrnz_4jThsbAKmwlXkUpC3g3IzTdHOm4ugmEzAq_X_U8MIrTy9Wtff557kNmrkad43dR9W_qxXp4Lbkvj6hE4ZIbrZ7t0ra3tAdSYv3ss5jiQE8h8KLtKX3tGCvMCPTwTNrzQYDFvbbd7cPnZ21CnOv5an77TXseICyJJ_vtgeM4UHsJz3AL5rAwTmyOU3AJ7ckU74dowSEopjY8TQAwns8hswHNN1jc_e1wtgzBq_Wju6Prp4in9KFqXbvb3jQ1sRGhXsh1zCrJB6JhtOQLEnFznYkwFJvy2_NGtntUZd0WLBgdSdfqVE8Tw8X6xnnWGNrhljeqFGLjpuJbVQk27zZ7GXdN8Y5LapjPfjnVB-Vqyr21HfvDG1yDqi4vcGkq5XRy8fpnInY5aSrzJjBoLHTDt8AeaGVgnQIdd8RgLu1ASXu5uh_OsxaurDa9JPVkX1ZVV7GG_yKVLLYWRESMR3sMy0lVzKQi0MuVUZ8DQRApZipUnM9CN6SeOamr-jEBmEzC-Q7RUI6vFpHjhgwtVwWw2uyPeVGxe3TJSZAEi7g2UFf2baAJmlwvTU4Z6IxO8FnbC7i5FmR4X9SXlxvzvhMSD_NCozS79TsC3bvgL1_8jh3dvOuzJXvnIuLw_3tBL-X-LOf6YOJ1axuaXJY8RusmTGPinrh5dAH3haYQ-izGGWUzK_2BeJAvAMTVKKRyVpCJuAomPYTl1WeTXZIws-vNj3Vea0jEv7SJB4cXj_q-ND2Rg4811tx2i-kyEE3nPwu0vhOtyjy8k7ZmftGXuX280M8RFJN6SWq9RxVjPTHIFxRCRQuMTCf-kQ7xKUWl-JM2JstvUpL40KNfKsYFNLEOkQly7xv5zs5gM3BGjaUy3EkceeR1kBb2WKDzwuAQsq-kcmN9M2tbpTtOL42Y6WgcJa4qej1EZw6j54ydjZ32bC54amMy1gMLNS-8oqWCQLFOGKhJH97fm31M_lytuUnU9jTZk37qCU44BzS3lC3jqGB84p59eEyB_pJe3C4nKdzZJX88eI0lGVKqCr7LYVwaAPfqUmaFnnyQzMw76w4qUFvnssLDYVrxqALkYsIXsgMrKasRO-Y_uKzZgJXLDCxQLFotQFdvt_68_zzJDfeWjm_RiMf-9CRPPa5NqP9ZWUKRAT5SScHlpfqRIM0v58rNwpt6dqf04UwGs7fFbXD-VTwN6nvrGrJESkxALYcVBs-NuzX8vIFWchRlUttGPOoC3czQyXhfSjbDtN-9K9qlhoA0G7GpN8I61g1s-GcRIExI8C9_S3T1Emna_GxMfsjaAOyEW6dFxceZRrOWL2cdf9ed3fA4dHnMb8Xus3iJzgvgewP2q9wrGSqhw49IP-2lQDBBPoOsZmDqr6tOKuX9pITE3ZPS7AVTncKE7dw04p5itiHqqhrq7aRy1kzmR_FmR7sQ4O5PzuQdLxDbDiLpAoCft4-nCLWRT2gcw7_hWJwIaL6rbG7FDc11j8C2PMw2c_gVqXhrhG0pLYPDu2UjRRxdlZq2BfIUw_SuMLrD7MGBYsEETRuFIAvOKNUZWHNB0RdeVqZiqV7M6GWUjUX1M2V7JacwE9tRIN_rS2sYg0F0DDuffMjzdw_uR5uv0m7mk5e_4ZH7OCF6mN8e1h264SUsSfCEvcTaPT7g6KjWM9bkqFnjCPbc_PL8HR4pwslfqANKVAtso4rr0CE2-0TtY588i6IA9tn5fTZUZCkf7x1IDcdrdsJzOmPWEtu_TMLxZeOLGJOCJdAlCCRJpygIXEcuitUmBlppuQ_cwGHGr206HEOhqQe52Kzl7LFMOcD8xXQUWbMbuLZ4s39p_z_NVqO9UsvAJHCJskPYc2TCLM2_nRZnELi-Wn4IS1KPldiLEr-kvLsOb56Dyt46sr1AMX3rRbc11bKfbq0v0J9UstiCEzBMIVeIpf-438n7FtsymvvrsG6jTKVmUN-xtVlPH_Ne52Z-DkWHAiEUn7yTQj_opFf7zZADW5e7wpJmURh_a_770BJJGkuny6BDPQRPIQSuCZ1PoAnjv_Inm_cBjgwXe7MhXzomQNk6KbgWlDmrP34gtQJhdiga7eitj48L_fDZPvDx_UrUr1AfYMg2CTZc3j7KoRpwmcRlv2_dmCiBJzJv2OifJYuBOuCbvT_Pv4dUNJ-EnIy9LIXSttTNjnUsIQwYQA8I_NAbAtCEvT7Rj14SNxx6d-6Euo8&cid=CAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 09:10:30 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 67F7 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 5CD0 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbrq0QRgRJ37ZYwoIKZgXk_UzbCX1iu8VYlWQyPK8cYfjfkZRYnv-xzHAwMfa1zGrfFPI5VDA6NbNyKtYkDHtJnO3Cz_-unvgJA3B54hhW2djiSGN5RvY4riUGqnpgMCS52pkzD77_YwlxbpaBRqinar1CpQ&cry=1&dbm_d=AKAmf-DdQL6RG-5zZlDGner9zIkEbPTZ23YTfpwsAxDXMRmWVwAraQjt_vb28eSsXCnP6_9rMyev8hCU4x9jGMrJs_p-DpGxyBtE3jzHpV8dgD-0UQpVMQ9zSKd0LcZGS3xUyRYliaRWk8b3_PBz584T4y0uwPGGmbvuMJck2P0_e9dqemSs9lc0VgCMYOOez3oRBZh8tekS34aBSC7RAZrlLiWRIgA-tQOU2lvO6GdFSfrJW1jlHqS6wNbQedg0J1HugqeqNRWvvvRrBuGlQNNlErzu-G7PV8fM2atdIUlcn62YNUzXVOx4BQnuAMk5LtZqRGSa-32Q7VN_qTcZ7OxNHk36v4RI4bWNKcLHIWkjUz4GsQ_-OlB5VEoDvXqQZ38am9o1GKv_2i7Z3EY1uNA8vfmyPz-uWi136oiQWe_g1A6KKkb0Qxb5A7AbbaDds37U5QQsLKWpGD8jE1GGgJsfmPJlmLTEiO_ZXaXQsIjz_SU3wIC0bcEOwkHuWuTh_dOKonJ1RLYAiiO5jzMsVigql-kzMTdCfwgBpluyhalfTpuZ4OanbCLVNHVhw6qPf49wXPYVWKaCYGxq7jEehssJb0s_tMsnnqIWrs1pq_Qb_FHYOfI1nvqkECElJviJ_-66J2bMCV9u7OKmYBGnB_K2iP6EhwfSzMAHdjeIZpj6KQVP6i3MjDJbKxQroyMCswnIa1sW72OdhfEMAB6Fza4-vFslGlAS2k215VfHtsdYhy50EKqaZdTzbISDvU74uH4q_-EhFPSvQeruAwnN_NPPVXpwEne_G18_eTHqg31SOHgMEGB0mx4pl4zJfi1114CQhcP0AGYRTbyAL0J_1jRF6ydlq0crKXmPQmYQBFaYigDHbUkEe4sBO8HgJ6MqTaflS24uOIW338GZapjybkd6vFeUPZ7LKsOUg0AAUTSrvcnKdPGYoN_mh8nyHioO4rtj2MdQCLlL1UIYrh4eOEI4akgl-iKTTZ2UGpOMRai6eik3DvBXJBXczl74yVUwHpXN8WYp6__Gvtf7JuOu-blO_KYMkfpkhsySfw3ujW5NK3OqV7sswRSAFd3b1Q-iuZE-5U17Z4fuKemz8Dd40GlPtKcQ_z-qguvKRAIQhDoEVblQ3Av_XRQthnMllA0G0ZFH3B-uPwp9YY-TIKzbV35-Ij-6Ge0K9tITwV3tnyUZ3Hfuwc55svIXMJJXL7IuEaV75sHgPzFZd0M0l0JXaS6CnH9ctxybxyLUvJwengonVIggfcxA3rKfgpu9idXFESMlJupSqaOHLgc7-Oxpm2iOpB1vM02E_zO8ct1MuYRU4Pk3QlJ8UnZF_CgwI6o2aw1kGqIxju9sODEPiRWWCGhA68GjPZhl_lo1UcXiXKvS1GD5J7KLs1-hCVh_LQW-LAFlZyvPVdtH9a_QPMjHXOQ6D3IdZ8Siaa3nt_EQuj7edftyc2qIV1PDaA7mb-iPl1H86syx9w5MG6dr9oyXx_N-wtvruPODMRB3ZCTja6uiSpNi6tyUpR1-uYYete23-8MAH6Nummr7nZdOX3cnBktQhqYrxrtXY3EbZvfqiEWAX8aib-CFBylqKU2A8cPElV7agPiFUGfViZiJUGZKR_SessfsXw7SEXgft1Nhrv8DBefXjayQ43Goi9y2m1FamypLP7wp2755oTChZYZFaflMfsQcPUDozRjddwqZqnNhIyilsD8JR7iqTAon7mZ-HZl4PtPy6DcqA3TqxDP4o_aHYxUa47DPQuhxbWmbIIzRR6tsLav5Flcon6rXhSubJGox0u4ucEO46boGYKSjHk-OZIooKp8QlISRC0j91K6eDLVdJJ2rXjLCNV0X-_oIwoHc-Y1My2sTMNeXQ_kWqcPO99Lt_YYB5FAC4DlrAsHRFWBe1Mz2TlabXkrnag1O0KW4DKQrXjphJOEsL2HdFOg6cTh3UWki8k_1TmqAeA75zDaiNg-Lc0OIfTJC_1tSNCFXPagurWzp3CnglHHNluJ3cMCmQ3dU1WvDAcM4IZ0Um1OvezwAKpvC0Ij-FGGxW3U4g5pyT693sqrkoEPZy_twu_TeL0BwXYbRPpLvCdG9y5AB_JedJyNeesOtNJ0f0M6h-rKsay6oIqh3u78vqh7XqNFBP63J1co_mTC09Kq3sjZV9-JqKMpl7viL-nfMu_PodfRB6uPKnHho1nVXTrUuXRTCYwpLVKLerHkoHMhLLNmDbORHKIt89gYjx8xyXOZ30E9cR9doc7qeUvaRobolJX6V7He5gJBfahmOCegvZ3_c7QqyKxYVeOrTzl_28qYnE2z4JHg_bTUNuSAX5FaotqWVHGqlzSXYVilrVp0MFuwLBAoo3pe8S4p6Uc7WvZ4rXqmWgDfz36KqARPuod3VYnpb4xE8sRk1s0S1AUwwi9GZIcaDptv9ikFjXvkJK3RR8QXKTOIpOP9qgfezwe0eocz8345WwHepybFg8IwTfz5bE9_ZbKo64wfx80W_hcpDVMBFpCaMXfAA8-a-UYuEXWrU75N7sg9DR0EFRd8nQMRdLQz7Kzw9SToHuqPDb9xbD-ipqBs6rI_TtFOJwU-ulXh8Ks_8shSLfG4gU1xLYeIPDzSEGhuqzWyrm0A6Nzb52tu28lg9sZd76-LeXH6mHS-RDAPWjZ5BAPrLLmbQ-GLMPWMN6pF1duhLLGSAK8_VLZugUdB-xq_g_KN2jqVQH4nUXEXf_wlSrU86mZbik0_nLPYViEBccLN9k84Pr4c_He1z7Lh0NLCIO3QWR4Zt2RSPftmdf5ruHhPxsLRoxYHph0dZYYBmoR1cnHcM6moj_IkTi5ElKTz5cPYIv5JcRE943YHksVKZXOXFeJGiNnt-qvyBJnIkxgf8s6dM6lqzvTQKvihV9V9krxSrnkJ9zka70uZJ78enXPR-aimT4XuqVO5aG-Yd5SxVJBsvi0ibl1HnSaP_u0cfaSzNGcBClAN7RcgsqIcNUfYEjFFuDjoeifxtB9JpMXLxN_OQSeEzQolVZ2pEY_cddgt0qQEJ7fqPYG-FpomIdmeV9CkhqnZuP3C7LMP_Fxfj3oDSU2lWb5PHZFBLOehtnX7vqIOrMJrnfn_TOq-8dGNVZoFKYmJxCL6hT-Hin8N9ONn32glBz3y9ZKYxTsB4iO9Sxc45ami73Fr1yltHx8bHpeTKeX2bS_u2fkCZfF0XhbqJrnBi83zDlnu5hW0TYxFEQSBlWWxYflreGtea71Zt8XZoH3DgfcRGjEWTflV2KbwwUxdS94xAPE9Ov2jVB5MXOvMH4cV2-6ZpQ5R4gNnDCEQ3xL9NQfLuqr_W0VcAshQNMYcKvtE9P33x1TqwJPXV1FmtaNwwTX6SzA&cid=CAASFeRoA4qo1FRhRrfTrJdvP_De-QGymg&rfl=1%2Chttps%253A%252F%252Fba.n1info.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 09:10:30 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CD0 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H2 200 0.03857
pr.ybp.yahoo.com/bw/appnexus/imp/JANbQKXdGKf8sEJv74uWoYLjRqpnpdIsKx_CN0DSFVJuYTQ8HjMiztLTSYwafFwMVRqeBe6a3FW-9_BIDcuYQuAXh-wOMGDT3IyxF80wnOf6IQo6fxcL8ScTG_TTrtswT7sAKDg2xgPJHA1RPX2s0Kw2JQbHs5R6ptT7... 0
1 KB 126ms
66ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr.ybp.yahoo.com/bw/appnexus/imp/JANbQKXdGKf8sEJv74uWoYLjRqpnpdIsKx_CN0DSFVJuYTQ8HjMiztLTSYwafFwMVRqeBe6a3FW-9_BIDcuYQuAXh-wOMGDT3IyxF80wnOf6IQo6fxcL8ScTG_TTrtswT7sAKDg2xgPJHA1RPX2s0Kw2JQbHs5R6ptT7hrOhg-sVx1nMZru0hh-kSWW8Mi-QJG0GfbVDvi-ThjMQ9QH66wU-qhXk3whde05Dq8G-VO9KtfcsmDXtFaebJHc-MDCu1w35monBA_AmVQZWxP9CPnSeVXKos6Yr3fj0D44SpxidILJZCxj9FJSrPfg7lxnT4vStHTaP0t1FjNoyqFAxhJXm9sgybsVy6ntgifLhTQBjMY5FOIWtwo_cQga1kDNZkIPM7R_tMQ6uu5aoeevCbSvdXp1hf-da0R98JzBKKA07wSVPwUgeOaVHXx8KpWA-oBpl3yVehOUBv3dp54ANvbqC9iH8Cc1a_DB-1X7ElrPOmbmuxMiW30ULXDRJttKRvzSgbZHeUqwsADfgjbHha0yq7LNYVtaA9B3X9C_ckPiqcLjp8uQHG5_rIpNaHp_cmu_fOQqL8lu_zof3_FXiXZRKf7WcFyZkPTMxkoI1wemnOOLr3NW8Oj5YR8iPOadm28OPelFKi3h2D3zX0x4xcfZZGPKMoxlXmxxsSr-0cEPTPzXvG0i-6P_dzIgoKIiJNS7Hks4UaH2NeZ97MtMN6aIjiDu9ln8y476MWK3pKKBzK2Msuuwr0ghztEcDgBkDCNChBCyq1iUc9koPCgKkmkUSzkxEHA0ZoMKpuhUZXDgq6o9mpn-HZh-x8LN2W6aMQ_iqHBx834DvBeJCifM4jGFvzcz8AsX85txrP6ztHtooHL4-cfRDuRMVwFmy65GUXkkJ42LgDQb8HXAoYe0Q-54ZYOwagqQWzsJJNV8TgCcqxd16dm_A0orsorEe0oq7denfX1bt9zQmp5FHYOYu7doq0Vubl4rFsVsbmw_t2S2QbORuCxeeTFpEChv1qs-REHoY7JGnD4u7EnTvnyZit66lQX4mvOGSqtyphtyaZ4OumpJ1coSS15BxTLD-sJUVO9dQg4K_biPLgUqHn65UGGy0MPfz2nc205P9LhwlCA1mTUwcUl4IqHiONNaTWPC-MAR0SlUU_1BVFtU9vLZRRYQYnPitWEywTnXLvETEMUiKmfmdmlv68hVn2EdDeiR0LjHdsW8u3iVILHoW8DD1r24O9lANXZwBYu49OSSn8M1ik4C17dBcu1aPm8L6fD-8YUJub1mC7rx4qWVORxCOHQfX9Ri1o4cK6UJ3EqZt1aM/wp/0.03857

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:54 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK adview.php
a.twiago.com/ 43 B
683 B 109ms
39ms Image
image/gif 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.twiago.com/adview.php?pid=5802&wmid=53334&gdpr_consent=[consentstring]&chc=1&nvc=1&ord=4859664216141024126&target=-

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache / PHP/7.3.29

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
last-modified: Sat, 23 Oct 2021 09:11:54 GMT
server: Apache
x-powered-by: PHP/7.3.29
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
connection: close
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ 0
805 B 46ms
21ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fba.n1info.com%2F&e=wqT_3QKCBeiCAgAAAwDWAAUBCNmjz4sGENuc9uWp5OvWFRgAKjYJMJwEYXi_oz8RFXxvU7T7oD8ZAAAA4HoU3j8hFQ0SACkRJAAxARv0PgFRuL4_MPuR6go4t1lAnxdItwFQ5JfrlwFY5Z2CAWAAaKXOmgF4r9YFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALm91bqAhZodHRwczovL2JhLm4xaW5mby5jb20vgAMAiAMBkAMAmAMXoAMBqgNNEhM1OTUzNzg3Nzc4NDg3Nzg4NjM0GhMxNTYyMDk3MjA4OTYwODQ3NDUxIgkzMTg0MjYwODQqDU9BVEgxMDE3NjcwMDA6BzM4MzQxMTfAA-CoAcgDANgDkLhW4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4yMzIuMjMuMTgyqAQAsgQQCAAQARj6ASCWASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATkIStYiAUBmAUAoAXO-dfU3Njx6SnABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeixLfoFBAgAEACQBgGYBgC4BgDBBgEhNAAA8D_QBoPhAdoGFgoQCRIZAYgQABgA4AYM8gYCCACABwGIBwCgB0GqBwcxNzc5NTgzugcPCAUkQCAAMAA4vwZAAMgHr9YF0gcNFYEBQgjaBwYBekQYAOAHAOoHAggA8AfWjAL6BxIVJgAREXMEgghKFQA.&s=67e4e0d7adaf1f9fb2f7c7816e41823dda239d6b

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2607bb24-500e-4297-818e-7b1e53ce87dd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK r
shftr.adnxs.net/ 8 KB
9 KB 158ms
95ms Image
image/jpeg 37.252.161.191
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shftr.adnxs.net/r?url=https%3A%2F%2Fs.yimg.com%2Fch%2F2e23ad83-48a4-4471-b2e2-427315e4e62f.jpeg&width=250&height=125&crop=1
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.191 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: shftr.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 13e6d8e6fceb026e47add64d510c9d126fa939b0b047ba00a8d63a16469f4ffd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: nginx/1.19.0
Connection: keep-alive
Content-Length: 8671
Content-Type: image/jpeg

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3332 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6433 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK 7sx2ojnml039 Show response
hal9000.redintelligence.net/zone/ Frame 67F7 11 KB
4 KB 48ms
14ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/7sx2ojnml039?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCToRe2dFzYa6pGdrlgAfboIvQArXN-YNXlNu5q-UM8C4QASDZ6c97YJXikIKgB8gBCakC3NgOcLWJsz6oAwGqBIICT9C4Ue2QVE0LXuPAdkZMavAO1k_31f-l9YYVK36Z3_SoBtop6cfijWjQM90UNBgYwsagVOqLXMo5Y_NZNsAsnKHZg5p6tkadjzvQ5tbyd6AYuo5dtZ9dkUxC4MCMjz6tcIaXSP9cXCv6HmcdsEUwQhG6fvAwBZQe7a7LlP_JYofNx05Jwg8kHK8CGkNKJwJtEwFHSesmZ4kc9yxDaKNu9M7i9wrAjo4XSRvGHGPRYFasktZ9vSEZTGmRI-W3felL7NgdUvbCnOAP4J0LbgoRKpdEoYvmIT_X36_9T-oLzFIa_B9veeySYlvwePoDBLoCEH5cV0vwlOG-2IVFZ2sY9YZjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg%26sig%3DAOD64_2iitAWtak5ibP9FoXJyN4S9oax9Q%26client%3Dca-pub-5845685380979936%26dbm_c%3DAKAmf-AlsB9_Oa44pSgtOMD96nfVghIk1GXoO89SsriWtRTPjmbB3LbvoaNn4P6DjuniUDRb1wc3B5Bh1AEMj8o32nQHk9EuE0S160l_fGt_wbJozynn20NkGPRYGvIHrd7q1CVuJlRDNfB7XKXIc2gYevYFTSewtw%26cry%3D1%26dbm_d%3DAKAmf-ASBpF8tnCCKoppDTIWe9tGfjjItfIlGbem7hYLdchSMT-DepAZcmUcAYf4zIUBqRp10NgzLAW3nrZIUJ9ebhk6YXc6GxBHJDn_ZxBKX13ZZp-TjLyl8HwEl92Izg2Tnrw4zhaVngZEtkxT2DEHYN0azQ2mTACoWhtyGqhcPA-lFJs9nO09Hm9IAr8DIS4VpFFfQ2lKIWVzSgRKiayaygc1sKed4m7oe6G-nPwqvcJCIgRX0Kn4uYayC_T4cG2y44phAjiD5BOXjIpYyoXgK9YDtQOqqmAuSXW5nyzpu5T-k8hmAlaxFusTFr8JE2l20ivrbyALQlULo7gGkn5_JnwPl9xS4qunXfDxZOSqdHYmbpV4CC-WFbVoMfcbYzicO9kzVrdPmYdu7QtyD_NcOLJC16vm8Jw2R3YBXqMxxHyoS1QODUdhm-hUbTL9xcouG73qp7CL%26adurl%3D
Requested by: Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 669e70008efa777408288b7b60157e571c688bc688ce25014b0b37a887b86d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3931
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ Frame 5CD0 61 KB
19 KB 21ms
21ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=125994&plc=5131262&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iI-4yXxklWUUBKd_PzQqrV&DVP_DBM_1=3060631&DVP_DBM_2=17645341&DVP_DBM_3=46006603&DVP_DBM_4=325729480&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21347144487&turl=https://ba.n1info.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:43 GMT
Server: Microsoft-IIS/10.0
ETag: "802192821a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 406ms
394ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://ba.n1info.com
date: Sat, 23 Oct 2021 09:11:53 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 67F7
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

120ms
95ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCToRe2dFzYa6pGdrlgAfboIvQArXN-YNXlNu5q-UM8C4QASDZ6c97YJXikIKgB8gBCakC3NgOcLWJsz6oAwGqBIICT9C4Ue2QVE0LXuPAdkZMavAO1k_31f-l9YYVK36Z3_SoBtop6cfijWjQM90UNBgYwsagVOqLXMo5Y_NZNsAsnKHZg5p6tkadjzvQ5tbyd6AYuo5dtZ9dkUxC4MCMjz6tcIaXSP9cXCv6HmcdsEUwQhG6fvAwBZQe7a7LlP_JYofNx05Jwg8kHK8CGkNKJwJtEwFHSesmZ4kc9yxDaKNu9M7i9wrAjo4XSRvGHGPRYFasktZ9vSEZTGmRI-W3felL7NgdUvbCnOAP4J0LbgoRKpdEoYvmIT_X36_9T-oLzFIa_B9veeySYlvwePoDBLoCEH5cV0vwlOG-2IVFZ2sY9YZjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg%26sig%3DAOD64_2iitAWtak5ibP9FoXJyN4S9oax9Q%26client%3Dca-pub-5845685380979936%26dbm_c%3DAKAmf-AlsB9_Oa44pSgtOMD96nfVghIk1GXoO89SsriWtRTPjmbB3LbvoaNn4P6DjuniUDRb1wc3B5Bh1AEMj8o32nQHk9EuE0S160l_fGt_wbJozynn20NkGPRYGvIHrd7q1CVuJlRDNfB7XKXIc2gYevYFTSewtw%26cry%3D1%26dbm_d%3DAKAmf-ASBpF8tnCCKoppDTIWe9tGfjjItfIlGbem7hYLdchSMT-DepAZcmUcAYf4zIUBqRp10NgzLAW3nrZIUJ9ebhk6YXc6GxBHJDn_ZxBKX13ZZp-TjLyl8HwEl92Izg2Tnrw4zhaVngZEtkxT2DEHYN0azQ2mTACoWhtyGqhcPA-lFJs9nO09Hm9IAr8DIS4VpFFfQ2lKIWVzSgRKiayaygc1sKed4m7oe6G-nPwqvcJCIgRX0Kn4uYayC_T4cG2y44phAjiD5BOXjIpYyoXgK9YDtQOqqmAuSXW5nyzpu5T-k8hmAlaxFusTFr8JE2l20ivrbyALQlULo7gGkn5_JnwPl9xS4qunXfDxZOSqdHYmbpV4CC-WFbVoMfcbYzicO9kzVrdPmYdu7QtyD_NcOLJC16vm8Jw2R3YBXqMxxHyoS1QODUdhm-hUbTL9xcouG73qp7CL%26adurl%3D&documentReferer=https%3A%2F%2Fba.n1info.com%2F&ancestorOrigins=https%3A%2F%2Fba.n1info.com&random=3101589653134&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bddc33cbb79aa36b4338d69065e751216bb306989801bdb0f443a87c75676644

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96913100049289100710626011756007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 893
Expires: Sat, 23 Oct 2021 10:11:54 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCToRe2dFzYa6pGdrlgAfboIvQArXN-YNXlNu5q-UM8C4QASDZ6c97YJXikIKgB8gBCakC3NgOcLWJsz6oAwGqBIICT9C4Ue2QVE0LXuPAdkZMavAO1k_31f-l9YYVK36Z3_SoBtop6cfijWjQM90UNBgYwsagVOqLXMo5Y_NZNsAsnKHZg5p6tkadjzvQ5tbyd6AYuo5dtZ9dkUxC4MCMjz6tcIaXSP9cXCv6HmcdsEUwQhG6fvAwBZQe7a7LlP_JYofNx05Jwg8kHK8CGkNKJwJtEwFHSesmZ4kc9yxDaKNu9M7i9wrAjo4XSRvGHGPRYFasktZ9vSEZTGmRI-W3felL7NgdUvbCnOAP4J0LbgoRKpdEoYvmIT_X36_9T-oLzFIa_B9veeySYlvwePoDBLoCEH5cV0vwlOG-2IVFZ2sY9YZjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg%26sig%3DAOD64_2iitAWtak5ibP9FoXJyN4S9oax9Q%26client%3Dca-pub-5845685380979936%26dbm_c%3DAKAmf-AlsB9_Oa44pSgtOMD96nfVghIk1GXoO89SsriWtRTPjmbB3LbvoaNn4P6DjuniUDRb1wc3B5Bh1AEMj8o32nQHk9EuE0S160l_fGt_wbJozynn20NkGPRYGvIHrd7q1CVuJlRDNfB7XKXIc2gYevYFTSewtw%26cry%3D1%26dbm_d%3DAKAmf-ASBpF8tnCCKoppDTIWe9tGfjjItfIlGbem7hYLdchSMT-DepAZcmUcAYf4zIUBqRp10NgzLAW3nrZIUJ9ebhk6YXc6GxBHJDn_ZxBKX13ZZp-TjLyl8HwEl92Izg2Tnrw4zhaVngZEtkxT2DEHYN0azQ2mTACoWhtyGqhcPA-lFJs9nO09Hm9IAr8DIS4VpFFfQ2lKIWVzSgRKiayaygc1sKed4m7oe6G-nPwqvcJCIgRX0Kn4uYayC_T4cG2y44phAjiD5BOXjIpYyoXgK9YDtQOqqmAuSXW5nyzpu5T-k8hmAlaxFusTFr8JE2l20ivrbyALQlULo7gGkn5_JnwPl9xS4qunXfDxZOSqdHYmbpV4CC-WFbVoMfcbYzicO9kzVrdPmYdu7QtyD_NcOLJC16vm8Jw2R3YBXqMxxHyoS1QODUdhm-hUbTL9xcouG73qp7CL%26adurl%3D&documentReferer=https%3A%2F%2Fba.n1info.com%2F&ancestorOrigins=https%3A%2F%2Fba.n1info.com&random=3101589653134&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 23 Oct 2021 10:11:54 +0200

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame A813 1 KB
1 KB 97ms
16ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=19791
Date: Sat, 23 Oct 2021 09:11:54 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 5CD0 2 KB
1 KB 646ms
168ms Script
text/javascript 63.251.109.137
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_684703578705&jsTagObjCallback=__tagObject_callback_684703578705&num=6&ctx=1828362&cmp=125994&plc=5131262&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=684703578705&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=93&bridua=3&dup=null&turl=https://ba.n1info.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iI-4yXxklWUUBKd_PzQqrV&DVP_DBM_1=3060631&DVP_DBM_2=17645341&DVP_DBM_3=46006603&DVP_DBM_4=325729480&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21347144487&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau32%5D%3F%60%3A%3F7%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau32%5D%3F%60%3A%3F7%40%5D4%40%3ETar9EEADTbpTauTau7%60e4ga7b4547a5hdda27cgd65_7c2e76%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.50&callbackName=__verify_callback_684703578705
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.137 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 3a5c27f44e09f88e8e75bd70035bc9ba0d35f1b91e7e486962415fb8f4091cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Sat, 23 Oct 2021 09:11:54 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/22/2021 9:11:54 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame A154 4 KB
2 KB 29ms
29ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=38797
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3332 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 16:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 22 Oct 2022 16:42:37 GMT

GET
H2 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6433 35 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 16:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 22 Oct 2022 16:42:37 GMT

POST
H2 200 71048401 Show response
mc.yandex.com/webvisor/ 43 B
145 B 795ms
50ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71048401?wmode=0&wv-part=1&wv-hit=1051135&page-url=https%3A%2F%2Fba.n1info.com%2F&rn=390032060&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980315%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023091154%3Au%3A1634980313775256610%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980315&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:55 GMT
last-modified: Sat, 23-Oct-2021 09:11:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:55 GMT

POST
H2 200 71048401 Show response
mc.yandex.com/webvisor/ 43 B
73 B 836ms
51ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71048401?wmode=0&wv-part=2&wv-hit=1051135&page-url=https%3A%2F%2Fba.n1info.com%2F&rn=1026205753&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980315%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023091154%3Au%3A1634980313775256610%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980315&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:55 GMT
last-modified: Sat, 23-Oct-2021 09:11:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:55 GMT

GET
H3

200

activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195 Show response
5994599.fls.doubleclick.net/ Frame 694C
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195?

392 B
345 B

61ms
30ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195?

Requested by

Host: ba.n1info.com
URL: https://ba.n1info.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

311b6c1a6eba52adbbf75badda0d60b7bbc73ab361694a3dfa38f7e1e597b3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUn9dz91YhvLH4CRYH1U-2tM9-QdokwoBVX3R0PmR3KxLeSMZ4YS0A1S2HmQKVM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Oct 2021 09:11:54 GMT
expires: Sat, 23 Oct 2021 09:11:54 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Oct 2021 09:11:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame DFAC 7 KB
3 KB 62ms
35ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=96913100049289100710626011756007&a=b70c58c8
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=226e2a9478&subid=&uid=00ccd842472c73a1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCToRe2dFzYa6pGdrlgAfboIvQArXN-YNXlNu5q-UM8C4QASDZ6c97YJXikIKgB8gBCakC3NgOcLWJsz6oAwGqBIICT9C4Ue2QVE0LXuPAdkZMavAO1k_31f-l9YYVK36Z3_SoBtop6cfijWjQM90UNBgYwsagVOqLXMo5Y_NZNsAsnKHZg5p6tkadjzvQ5tbyd6AYuo5dtZ9dkUxC4MCMjz6tcIaXSP9cXCv6HmcdsEUwQhG6fvAwBZQe7a7LlP_JYofNx05Jwg8kHK8CGkNKJwJtEwFHSesmZ4kc9yxDaKNu9M7i9wrAjo4XSRvGHGPRYFasktZ9vSEZTGmRI-W3felL7NgdUvbCnOAP4J0LbgoRKpdEoYvmIT_X36_9T-oLzFIa_B9veeySYlvwePoDBLoCEH5cV0vwlOG-2IVFZ2sY9YZjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGPL45QyB-5ErirOkE31EoEN_Pg%26sig%3DAOD64_2iitAWtak5ibP9FoXJyN4S9oax9Q%26client%3Dca-pub-5845685380979936%26dbm_c%3DAKAmf-AlsB9_Oa44pSgtOMD96nfVghIk1GXoO89SsriWtRTPjmbB3LbvoaNn4P6DjuniUDRb1wc3B5Bh1AEMj8o32nQHk9EuE0S160l_fGt_wbJozynn20NkGPRYGvIHrd7q1CVuJlRDNfB7XKXIc2gYevYFTSewtw%26cry%3D1%26dbm_d%3DAKAmf-ASBpF8tnCCKoppDTIWe9tGfjjItfIlGbem7hYLdchSMT-DepAZcmUcAYf4zIUBqRp10NgzLAW3nrZIUJ9ebhk6YXc6GxBHJDn_ZxBKX13ZZp-TjLyl8HwEl92Izg2Tnrw4zhaVngZEtkxT2DEHYN0azQ2mTACoWhtyGqhcPA-lFJs9nO09Hm9IAr8DIS4VpFFfQ2lKIWVzSgRKiayaygc1sKed4m7oe6G-nPwqvcJCIgRX0Kn4uYayC_T4cG2y44phAjiD5BOXjIpYyoXgK9YDtQOqqmAuSXW5nyzpu5T-k8hmAlaxFusTFr8JE2l20ivrbyALQlULo7gGkn5_JnwPl9xS4qunXfDxZOSqdHYmbpV4CC-WFbVoMfcbYzicO9kzVrdPmYdu7QtyD_NcOLJC16vm8Jw2R3YBXqMxxHyoS1QODUdhm-hUbTL9xcouG73qp7CL%26adurl%3D&documentReferer=https%3A%2F%2Fba.n1info.com%2F&ancestorOrigins=https%3A%2F%2Fba.n1info.com&random=3101589653134&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f8ca0542a29f726c2ed5e04e131c6b2bd8e173480f68b413c13fa2b1ab71cb65

Request headers

Host: hal90007.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=78534bde23c2d4ab
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 23 Oct 2021 10:11:54 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2309
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 67F7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97642feeb9f3421b920b0cbc0b9c2e4dae6e31fa014b988bb61399a0fe0b8226

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame DFAC 89 KB
32 KB 72ms
17ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=96913100049289100710626011756007&a=b70c58c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 13:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 22 Oct 2022 13:09:50 GMT

GET
H/1.1 200
OK office-970x250.jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame DFAC 49 KB
49 KB 77ms
18ms Image
image/jpeg 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/office-970x250.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=96913100049289100710626011756007&a=b70c58c8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Last-Modified: Thu, 23 Jun 2016 13:50:03 GMT
Server: nginx
ETag: "576be90b-c36d"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 50029

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6433 0
56 B 56ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIxSi2dFzYcjKOruHjuwP5LWliAsAAAAAOAHgBAI&bg=!v7ylvPjNAAbUs_yW1LM7ACkAdvg8WiJhjmldkc2TrxYzdGU3n43rAxTCGu5x0lOCVZgzPjT8Ok141gIAAAHbUgAAAAtoAQeZAu6PAzaBE7EPsC7LdXefF9C_2HZXNqftBGIt6zt6AuF5ZY8K9D_Sejz9IQynCDbErm9JGHY9wDT4efdRdM7TaMfYeEM8UY1NapJBcneDiZY4nyN8UVdRWD5qc9ENlr1MPyCnTqQkd3yFTJeLx-OhhGNqq84lDSYbYYeuAIrHTcGQ3ipJ5Wl_ICkPiNDrflb8icEbe5K87fq9NHhYzcb2LYB2wNENYSkDgd8Tgt8EP4IrVMg7B-7FzEPZV6m8m6DfSCgSpf_qPB6UAAf01CtDofasBluBtP7ghs3SWGygjqjHiEcbu44QSVz-nMh6Nnv2d2jol-XZ0-q-NSJR0gNTyzXr1_hy6nbwuQQccrNUgNGGpWD3XOZFl50K933KMP_9Wrq7C-MrrTuTE1_B18TCdj0-oSybM5CdyEkDb2nwqnROfsTQIQe2P-jWgpW3OTkikVWLasjXyHgtwL09wkUmyO1Xu7xepSVQw45sC6zcOeYy79ps45HWI0CNLprs8wnNrzAgtX4In40CPylxrc7RGW8o9KOpoFzalfQaJz_-S6P8rr3QCEIfKXEg66ci6Et_USunj2hZk6h2IMv6nUqbLuDcfd1zu16-X6nzvXZHbKkJh4Ts7krHFdAkYCyoJeLfMlcdVka1TeY3VXIUL1j4R4JmFXBu5xuHCuDlGfW4_U-fb1zA7r2nwXrTBUGP5NXia_wbuQQa4KlubpvepQFCFGQSZkYL_LdJg4kUc0kc6GO2lOSyq3-mg6pGynw7zRldKfsAqEvJLao8mze0foihGKQQm3Ybuw41J79a9OOxvufwVH3HpoMc1pN_0EbCqCZifBFGsug5ngqguARgmzggkoLjpnX53T1HFN0bo4fE2XgjVk_jOlc2fYoQ560Ok1Aqk2SupbS7o9dfNrP08DARCMNwdu9WKM9uv9nBImPLCkJlTf4MCTdzNfJFHO1mW0HiF1mjnPpiWY13uDRLCwIjIUNEaEsJhoP8iUrOTT7SR-g

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3332 0
56 B 54ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDsgB2dFzYfb8OeCL7_UPyoC80AoAAAAAOAHgBAI&bg=!BAelB0PNAAbUs_yW1LM7ACkAdvg8WjfDZzr4sZyZEurcJl0xM-Kh2WKLgrfmM_lgVlk0jQLQdpobOAIAAAH0UgAAAApoAQcKAHmquZFwv_SFBUUe2KAB-UrQcW2jnjQ_MFvDNyee6Dcz7YygA7AJ29KowLX5JfoGk2KW2W7qG-4uD-dxpxfLT-Pp4UCX3TbZWgjtWkPsXC-g51_acia10H9Iksy3O_K1fcHyG5TpCJF556xOwBdVtRZ9IGfs7-OpBcx4mQL6e5RgIN3RlmZRcV2bU3imSyvV1M7z2Dxyej1pZFps7bUa6WRLw2uE-bSNu4Pyf1-0X2PgOyt1ZAlTSEZZotqJl70zJXIp0JXZuGEKcczJKMBA0ixvOEV5E73iPAWtIIzVAdPqnOTBSb2-YOvceY3LxDUcz0kOZfiRNVQI6w19Kl8XX-FltPBji8fs4TPYO7gV0L0hQd6Wj9_z8RWrSIB1JJ1t200MqwpIvQRs_BSXJILUP94HoKXfbLEaOFx7EB4OBkRz0_vuvo9_bv9mHMCczBCYy1hn9jLvoUU95XHmBEcUO6507UpsqSDE3jUDw8dO1mCIBStD_M9L_6TmbOYQuZFbh580g63VGs3ekRVxQYduLpc0dnmpPjWMEdsyu7WpDCqriYXyt6jOK4DGDBUJdPcSsOKDAYd--rU2J_eouf30w2nkWxYLv3aR_VMvyqyZryi4RRCHzj0jq6IRxec7gzFqBdgcbhYa0v_UEV63UpdmudH7hySrf4Pq5cRGyD2Kr3n_YN20w52feg6tzPH0v038Ewfxwdl5TJjnDHY5jm6a6IjWWyV-pfduOIx8Jk3BuyK_EvPzE9F6w7topuUMRsDCN3FuqFoHqj4F9AlrfzMhFiDbKSpgcttdax6g8oUF9EkYMs0q2Cn3lMSELovlF29gu85X0mc7L2FvwA0GvwLng5aNOLtT-mVJz08iQlEkiI4o7VZYvjsaU_qgG9tbBuSLm85hDgoFVa4ND9cvAnUUV5PuGYLZp60uwHbmGP0Jo3IIc9IRh0aKVApi601MYXcklisPaBt__SOdMamnckM5IJLan175pCnOuFtZJ8vyJr7BWX-kmhkNCDBNd_IkOdPrayQrj0nnA5BU_VsUVUeq7_NpXJdT5SC7G-Yk-PAlQjWMfHMuYt4p7xnqa2o-mRIgPfZ-i20ySgPsUaorQigUQC6Lh3NLr1ZOwpv0FjH3z_Xk4JfZV8UpDJrBqpMPxiQDeoRVYTFswzsGzXppdNBVOQQflMhdD7tL

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195
adservice.google.com/ddm/fls/z/ Frame 694C 42 B
262 B 53ms
52ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKrm-aaY4PMCFcTu5godJ7gCIw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=122493235622.17195?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bsevent.gif
tps724.doubleverify.com/ Frame 5CD0 807 B
1 KB 515ms
160ms Ping
image/gif 63.251.109.137
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps724.doubleverify.com/bsevent.gif?impid=0076c01775d64ff79975414502ec4e06&dvp_or2=1&cbust=1634980314788118
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.137 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/22/2021 9:11:55 AM

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 5CD0 9 KB
4 KB 9ms
9ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Oct 2021 09:16:00 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 5CD0 41 KB
17 KB 8ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Oct 2022 02:10:40 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame DFAC 0
150 B 41ms
17ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=96913100049289100710626011756007&a=2f1de8e8&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=96913100049289100710626011756007&a=b70c58c8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=96913100049289100710626011756007&a=b70c58c8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame DFAC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 B9689862.280630144;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=3346616624;ord=uv9696;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fba.n1info... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5CD0 43 KB
21 KB 54ms
53ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=3346616624;ord=uv9696;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fba.n1info.com%2F$0;xdt=1;crlt=nPCfdkW)9x;sttr=25;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

3dddcc8b471e8467eb53c2746e66366d3dd1bc28e1765d55c932ceff288ee383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21371
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 5CD0 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=3346616624;ord=uv9696;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fba.n1info.com%2F$0;xdt=1;crlt=nPCfdkW)9x;sttr=25;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 09:09:08 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CD0 0
495 B 105ms
64ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulLGmD3nAEm3Xzf9lJ-or-Hd2ZKuR7xkxjT6e6954iO7GV7IogNPjFroNjPSmbshl1bQv7hlu7ZpMfx-xvZVV5WNRCm9xMg0mHQINqV5HB9I4sj_15dyaNoUSQbrr5WEWARg4JKKtebn2u-JMi4g&sig=Cg0ArKJSzK8XttlJ-DonEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20211020.48916&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 09:11:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5CD0 8 KB
4 KB 18ms
18ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=3346616624;ord=uv9696;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fba.n1info.com%2F$0;xdt=1;crlt=nPCfdkW)9x;sttr=25;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CD0 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H2 200 17721130591974731406
s0.2mdn.net/simgad/ Frame 5CD0 69 KB
70 KB 56ms
16ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 05:08:25 GMT
x-content-type-options: nosniff
age: 101009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Oct 2022 05:08:25 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame C647 495 KB
90 KB 17ms
17ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
DATA 200
OK truncated
/ Frame 5CD0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db06b50a3f6b4222be0ee20b40ff4bb92cc7e304b6563407c10875aa0d5982ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame B9E8 495 KB
90 KB 42ms
41ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A9C5 22 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C647 1 KB
1 KB 429ms
99ms Script
text/javascript 204.154.111.109
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=56&ttfrms=23&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau32%5D%3F%60%3A%3F7%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau32%5D%3F%60%3A%3F7%40%5D4%40%3ETar9EEADTbpTauTau7%60e4ga7b4547a5hdda27cgd65_7c2e76%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1432&ddur=19&uid=1634980315000444&jsCallback=dvCallback_1634980315000890&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Ff16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=8&brh=2&sdf=2&dvp_epl=229&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ba.n1info.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iI-4yXxklWUUBKd_PzQqrV&DVP_DBM_1=3060631&DVP_DBM_2=17645341&DVP_DBM_3=46006603&DVP_DBM_4=325729480&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21347144487&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=6774485404.333965&dvp_tukv=5479171873.315399&dvp_uuid=34082910.321036436&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1390314570614
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.109 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb06.doubleverify.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e0b0d082b947bcb3409d1246d38c28733b1e9c320c832e21e96a306f4c2daea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/22/2021 9:11:55 AM

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CD0 0
23 B 64ms
43ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 09:11:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame A9C5 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 20:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 21 Oct 2022 20:36:56 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B9E8 2 KB
1 KB 369ms
98ms Script
text/javascript 204.154.111.109
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=107&ttfrms=8&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau32%5D%3F%60%3A%3F7%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau32%5D%3F%60%3A%3F7%40%5D4%40%3ETar9EEADTbpTauTau7%60e4ga7b4547a5hdda27cgd65_7c2e76%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1432&ddur=19&uid=1634980315062537&jsCallback=dvCallback_1634980315062150&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Ff16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=8&brh=2&sdf=2&dvp_epl=229&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=6774485404.333965&dvp_tukv=199088902.12868014&dvp_uuid=481211694.7478284&dvp_strhd=0.40000009536743164&dvpx_strhd=0.40000009536743164&dvp_tuid=383992376403
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.109 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb06.doubleverify.com
Software: /
Resource Hash: b113087067c8050cd07805224f84815ed84fbeb57943935fc3537940464c0611

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/22/2021 9:11:55 AM

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9C5 0
56 B 49ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKgHj2tFzYefWM6jR7_UPnb-gkAsAAAAAOAHgBAI&bg=!QkGlQQXNAAbUs_yW1LM7ACkAdvg8WopYBbOWSM8aNBpEDn6yy5JBGRDAZra2Zqab68niUssDksdmeQIAAABiUgAAAA1oAQcKAHomIXz5iQWSO94kv_hYTQdF3AcbJIR_T4Iv-yHRNlDs7kwFLtwAFAsKql9epcffv3sXorlcowd-cZ1yIaQOPtOcApq2K8ib_COYNxrlR6w8z-3KoAI1Ll5tHOyddfpoyboYVwBeJv6YCH6523O5Jao-w5vvWVqE7KVsA5kC87fl_nJQjmADxfB2Yx1mLiCbirJIIkUaemibqkF42EEVxQ_2hICR9WXCR5g5sfr0VDTopdOUZcSNCEbzBaI_NH7qNtOjsZYPq4FSMH8C70njAnnMjPV962DkDcBp5soxetXQXUkm06Ru2Fgda-zh6dGCzr9N9HHV2vfuMh86lTVrX5lhzifBZxnZPsRI7z3kO6ksFKie3Hx_E8nXrmJw6u4vBTIcGeSlfhyEI6J9WduZkKYXg3GVQsss-Na8uPkjUf_nBWtQYCiTcZ7faQGlMJkp8_fZw3jKYRJ7CqLEeU9pUqzdy3UNcNFIW2LlSV-92tmqPa9VAGCvnNvtFDZ-6VuiitsEc2lBDiWSxqzlo42qENq72_pk3SHM4vZC630joC8IfzVI42RA2gMmA3d8EbBXU3p7uSjxe16ulFkEdi3AXZ_iVctleWYuDTUHj0kN_dOl4guTX6plUj13fJ3tbvnh6m6A4vvNz216A49jdE-Ai09jZ41NWSSiou21LSensd2jXBUctKHIa9xcEO_RZ3bwyCjBUfdsac2qQ4f-nyeXZs6mZK7KBhgCJ13Scr-7Bq6X9DrStVineiPrpwORAE2J3BCK7ljLNHc-NF1lSTPZRLEFVOpreDCQl2YRj7MakOWEuyYVg-Q2jD6U9ZosW6DNswhYQyJiyKmVyxhiqEB67LE5eYYjXhjLJhp-JgNsulolaQMnxNPh1jeodBUkVhnKPG9QklsI-mFIJIqnBiMvbZtL7GcmnUhl-laKZDVnVFTjEeVRbRvvdbKvDnPOUjlSlwMb1VGeUG6Kpmaow-p618xEZtcCoveQUzTnJDT5hpjzutyOwtAF65H4x-0WTnllc0iiV6u31FrR2i4h4_PgvegDkBH2Do265W9p8HsT-AbwQxrhYF9nni7D831Fy0a8S-bzPHvP5tMCHJSItAd6l-YveRG5qVBGeIEqWBtj6Aw7oNkitdMIzJdj-GyeisF5caTprvIBmBt7D7sT00WcON-R

Requested by

Host: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracker.js Show response
ug.contentexchange.me/static/ 3 KB
4 KB 25ms
25ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ug.contentexchange.me/static/tracker.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 Ljubljana, Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

4cff6255163553846e6123a53e2936762ba8497597985406aa144128e8414cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx/1.10.0 (Ubuntu)
date: Sat, 23 Oct 2021 09:11:03 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
extreme-ip-lookup.com/json/ 484 B
632 B 60ms
16ms XHR
application/json 109.236.91.3
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme-ip-lookup.com/json/
Requested by: Host: ba.n1info.com
URL: https://ba.n1info.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.236.91.3 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx /
Resource Hash: a91824e97a33fb2315087949f417a955dfd42fd4d54b78ef60359cb3a5dca6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 09:11:55 GMT
cache-control: max-age=3600
server: nginx
access-control-allow-headers: *
content-length: 484
content-type: application/json; charset=utf-8;

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 14ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1892734834&t=event&ni=1&_s=1&dl=https%3A%2F%2Fba.n1info.com%2F&ul=en-us&de=UTF-8&dt=N1%20-%20Najnovije%2C%20ta%C4%8Dne%20i%20nezavisne%20vijesti%20iz%20Bosne%20i%20Hercegovine%20i%20svijeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=10%25&_u=6DjAAUADQAAAAC~&jid=&gjid=&cid=1893457142.1634980313&tid=UA-51336095-6&_gid=552489371.1634980313&gtm=2wgak056928PS&cd7=(not%20set)&z=717571619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 04:17:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17646
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2034936679973890 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2034936679973890?v=2.9.47&r=stable

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ad947be529a76270d40ec4fbd39bbd2a37f05ee240cbac0048d689ead32962b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 88828
x-xss-protection: 0
pragma: public
x-fb-debug: 3p0m10LZyNTGlTKZ/wHMQNec7qAP4e2lX2VAsYderv6fVNFh6s6CZxvoH6JLQzFLZjTCC7LdOUF1MInPyXJItg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 23 Oct 2021 09:11:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4281
date: Sat, 23 Oct 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sat, 23 Oct 2021 10:00:34 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-MQ4MQV5&t=gtm4&cid=1893457142.1634980313

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83aa3147ae3e2c330311cd8e197be4eef80153ecfcb2f6c6ac55502bd9efb97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34609
x-xss-protection: 0
expires: Sat, 23 Oct 2021 09:11:55 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CD0 42 B
468 B 83ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDTtcESBhscroB-IHs6FD_MKBc4WzVyBGzg9ExC7PEIrtBdyt-6S0iDJ5F6zeo-bm6Mt8_AysB9dQtlKDhDC8ymDr9NWHf&sig=Cg0ArKJSzGrqzLHLkmdCEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3346616624&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634980313465&rpt=1562&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CD0 42 B
108 B 82ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAJdrkdOxaON2FY-ClXtbK82epHDfDYnRt5PxmQfV-mZVwl9OQ3ggeUq-RCzMAk6ngf82qaGKH8rL1i8ULIZbcNSp6XAAQQdP2nTg8RaKODvApplnb_A&sai=AMfl-YQpJ-ktOY3IcDvvV3k9D0RjzwwdflDptiudHnPAh1fC-M5hnqiLM2PTmXGejmPSfMSs7QuUn73luk6jDcUp_aeAlh_9jhLnEuuicNsfnFsCT_76C1H5tRNffEVRiVg&sig=Cg0ArKJSzPIMsWkRvEZjEAE&cid=CAASFeRoA4qo1FRhRrfTrJdvP_De-QGymg&id=lidar2&mcvt=1004&p=259,436,353,1164&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2351808677&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634980313465&rpt=1559&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 71048401 Show response
mc.yandex.com/webvisor/ 43 B
176 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71048401?wmode=0&wv-part=1&wv-hit=1051135&page-url=https%3A%2F%2Fba.n1info.com%2F&rn=173336018&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1634980316%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023091156%3Au%3A1634980313775256610%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980316&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:56 GMT
last-modified: Sat, 23-Oct-2021 09:11:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:56 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 96ms
96ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://ba.n1info.com
date: Sat, 23 Oct 2021 09:11:55 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 200 71048401 Show response
mc.yandex.com/webvisor/ 43 B
73 B 50ms
49ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71048401?wmode=0&wv-part=3&wv-hit=1051135&page-url=https%3A%2F%2Fba.n1info.com%2F&rn=511688087&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980317%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023091156%3Au%3A1634980313775256610%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980317&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:56 GMT
last-modified: Sat, 23-Oct-2021 09:11:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:56 GMT

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ Frame CC4E 80 KB
26 KB 55ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:56 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Oct 2021 09:11:56 GMT

POST
H/1.1 200
OK bsevent.gif
tps724.doubleverify.com/ Frame 5CD0 807 B
1 KB 160ms
160ms Ping
image/gif 63.251.109.137
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps724.doubleverify.com/bsevent.gif?impid=0076c01775d64ff79975414502ec4e06&pltfrm=Linux%20x86_64&cbust=1634980316790287
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.137 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/22/2021 9:11:56 AM

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 06AC 11 KB
5 KB 58ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=ba.n1info.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=ba.n1info.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ba.n1info.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ba.n1info.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1988
set-cookie: uid=a2f936bb-4b96-4ad1-aa19-92ea44afb3d8; expires=Thu, 17 Nov 2022 09:11:56 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sat, 23 Oct 2021 09:11:56 GMT
content-length: 4685

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame CC4E 85 KB
27 KB 62ms
28ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:11:56 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:24 GMT
server: nginx
etag: W/"615af4d0-1535c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Oct 2021 09:11:56 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 06AC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=n1info.com&sn=ChromeSyncframe&so=0&topUrl=ba.n1info.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=SWQMkHxNT0w5M0RFWGJrR0NFVWNXMTJUcVVoYVpDYlJIREJMQlhTd21UcS9Td3ZmK2lMTVVmT1BtbWJxdWdKZEozOUY4RXVMU2piSUdrc3RDTmtXMG9jYWg4ZWlyTjREOUpYMFExRGp1eEVaL1MyRUZyZVgycy9OVkFIVj...

419 B
612 B

65ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SWQMkHxNT0w5M0RFWGJrR0NFVWNXMTJUcVVoYVpDYlJIREJMQlhTd21UcS9Td3ZmK2lMTVVmT1BtbWJxdWdKZEozOUY4RXVMU2piSUdrc3RDTmtXMG9jYWg4ZWlyTjREOUpYMFExRGp1eEVaL1MyRUZyZVgycy9OVkFIVjFvNE5WYkdhZlFNS2NINlM0N1RoOENFZXJBL0dNeWlRNy94VTFTbGwycHhrbXgrRnd2N3Iva0E5ZHg0Mm40RmFEd1FEUlVqVW9qVmE2YWs3aDgxM1F1Y2tWOW50cEh2KzlBbFJjN0ZuZG5UelM4dnErM2hLaVowSEhXYnhFSUZSNzM0cWY2czI5Z2tibEcvOEU5ZnE5dWNNbHE3MFo4dz09fA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0d5176500e066bde7d47875395fc4fd3760f2e51eee5de5ffe69ac20b1a185a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 23 Oct 2021 09:11:56 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2514
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 23 Oct 2021 09:11:56 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=SWQMkHxNT0w5M0RFWGJrR0NFVWNXMTJUcVVoYVpDYlJIREJMQlhTd21UcS9Td3ZmK2lMTVVmT1BtbWJxdWdKZEozOUY4RXVMU2piSUdrc3RDTmtXMG9jYWg4ZWlyTjREOUpYMFExRGp1eEVaL1MyRUZyZVgycy9OVkFIVjFvNE5WYkdhZlFNS2NINlM0N1RoOENFZXJBL0dNeWlRNy94VTFTbGwycHhrbXgrRnd2N3Iva0E5ZHg0Mm40RmFEd1FEUlVqVW9qVmE2YWs3aDgxM1F1Y2tWOW50cEh2KzlBbFJjN0ZuZG5UelM4dnErM2hLaVowSEhXYnhFSUZSNzM0cWY2czI5Z2tibEcvOEU5ZnE5dWNNbHE3MFo4dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1759
content-length: 541
expires: 0

GET
H/1.1 400
Bad Request image
sync2.adnetwork.agency/ Frame CC4E 20 B
20 B 113ms
64ms Image
text/plain 109.206.182.78
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync2.adnetwork.agency/image?pbjs=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.182.78 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.182.78.serverel.net
Software: /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 09:11:57 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/plain

POST
H/1.1 200
OK event.png
tps10232.doubleverify.com/ Frame C647 67 B
515 B 311ms
89ms Ping
image/png 204.154.111.109
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10232.doubleverify.com/event.png?impid=83ecbd74015c41ee9ef6e24dcdfe03b6&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=50&vdur=430&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=19&tetms=6&msltms=30&vltms=430&sei=289&vetms=5&engms=1&engisel=1&ttfurm=2456&cbust=1634980317437361
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.109 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb06.doubleverify.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/22/2021 9:11:57 AM

POST
H/1.1 200
OK event.png
tps10203.doubleverify.com/ Frame B9E8 67 B
465 B 306ms
88ms Ping
image/png 204.154.111.109
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10203.doubleverify.com/event.png?impid=0e402d754b06464c99a7e0b3238d3978&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=16&vdur=371&eoid=9&dvp_isMMVpaid=false&dvp_MMCertified=false&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=19&tetms=7&msltms=88&vltms=371&sei=290&vetms=5&engms=1&engisel=1&ttfurm=2385&cbust=1634980317440339
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.109 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb06.doubleverify.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/22/2021 9:11:57 AM

POST
H/1.1 200
OK event.png
tps10232.doubleverify.com/ Frame C647 67 B
515 B 96ms
95ms Ping
image/png 204.154.111.109
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10232.doubleverify.com/event.png?impid=83ecbd74015c41ee9ef6e24dcdfe03b6&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=31&isumms=30&isvelg=1&nvr=6&isgmmims=31&isgmv4mims=31&elmtp=6&isbxdms=2531&b0=100&b11=2505&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2605&sftb=2605&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1031&isuiabvms=1031&isgmpims=135&isgmv4dpims=1031&ispmxpms=1031&engalms=29&engscrlms=135&dvp_pageEng=true&dvp_dpr=1&cbust=1634980318436748
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.109 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb06.doubleverify.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/22/2021 9:11:58 AM

POST
H/1.1 200
OK event.png
tps10203.doubleverify.com/ Frame B9E8 67 B
465 B 93ms
92ms Ping
image/png 204.154.111.109
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10203.doubleverify.com/event.png?impid=0e402d754b06464c99a7e0b3238d3978&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=11&ismms=13&isumms=12&isvelg=1&nvr=6&elmtp=3&isbxdms=2412&b0=100&b11=2407&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2507&sftb=2507&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1012&isuiabvms=1012&ispmxpms=1012&engalms=12&engscrlms=112&dvp_pageEng=true&dvp_dpr=1&cbust=1634980318440926
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.109 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb06.doubleverify.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/22/2021 9:11:58 AM

POST
H2 200 71048401 Show response
mc.yandex.com/webvisor/ 43 B
145 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71048401?wmode=0&wv-part=4&wv-hit=1051135&page-url=https%3A%2F%2Fba.n1info.com%2F&rn=659979462&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634980319%3Aw%3A1600x1200%3Av%3A675%3Az%3A0%3Ai%3A202101023091158%3Au%3A1634980313775256610%3Avf%3A25rt5q1nhcbdg9bm2d%3Awe%3A1%3Ast%3A1634980319&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 09:11:58 GMT
last-modified: Sat, 23-Oct-2021 09:11:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ba.n1info.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 09:11:58 GMT

POST
H/1.1 200
OK bsevent.gif
tps724.doubleverify.com/ Frame 5CD0 807 B
1 KB 160ms
160ms Ping
image/gif 63.251.109.137
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps724.doubleverify.com/bsevent.gif?impid=0076c01775d64ff79975414502ec4e06&mascid=kv3l2ce9lxf1ujkq5vy8jffz6m5leauy&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=845&cbust=1634980319177623
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.137 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 09:11:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/22/2021 9:11:59 AM

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 93ms
93ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.24/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://ba.n1info.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://ba.n1info.com
date: Sat, 23 Oct 2021 09:11:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
URL: https://f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ba.n1info.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1634980313.277.51.340342
ba.n1info.com/	1969-12-31 23:59:59	Name: Value: cx_test
.contentexchange.me/	1970-01-20 15:26:28	Name: cx_id Value: 6173d1d8fd5354587e2f6128
.contentexchange.me/	1970-01-20 15:26:28	Name: cx_last_match Value: 1634980312733
.n1info.com/	1970-01-20 15:40:52	Name: _ga_EPGS7W0SPD Value: GS1.1.1634980312.1.0.1634980312.0
.n1info.com/	1970-01-20 15:40:52	Name: _ga Value: GA1.2.1893457142.1634980313
.n1info.com/	1970-01-19 22:11:06	Name: _gid Value: GA1.2.552489371.1634980313
.n1info.com/	1970-01-20 15:40:52	Name: mpn_ga Value: GA1.2.1893457142.1634980313
.n1info.com/	1970-01-19 22:11:06	Name: mpn_ga_gid Value: GA1.2.1021061132.1634980313
www.clarity.ms/	1970-01-20 06:55:16	Name: CLID Value: 0d8043510bc849ca8390ed8247139531.20211023.20221023
.n1info.com/	1970-01-19 22:09:40	Name: _gat_gtag_UA_162781796_6 Value: 1
ba.n1info.com/	1970-01-20 15:26:28	Name: cx_id Value: 6173d1d8fd5354587e2f6128
ba.n1info.com/	1970-01-20 07:38:28	Name: _cb_ls Value: 1
ba.n1info.com/	1970-01-20 07:38:28	Name: _cb Value: B1mQQdDWp0PDIKM49
ba.n1info.com/	1970-01-20 07:38:28	Name: _chartbeat2 Value: .1634980312872.1634980312872.1.BWblRiDpOgrPCsQcKIBIYCGwCp4nOW.1
ba.n1info.com/	1970-01-19 22:09:42	Name: _cb_svref Value: null
.n1info.com/	1970-01-20 07:38:28	Name: __gfp_64b Value: XzZq7VIKJ5udY99nUsEDMjXXtogqKZjICx8zyiKP1EH.r7\|1634980312
.adform.net/	1970-01-19 22:54:18	Name: C Value: 1
.dotmetrics.net/	1970-01-20 06:55:16	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 06:55:16	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=b7301db0-17ac-4df2-abf0-81ae839904db&Created=10/23/2021 09:11:52&UserMode=0&guid=a70e0a97-36c6-4cc5-9c70-953573e42461&ver=1
.adform.net/	1970-01-19 23:36:07	Name: uid Value: 4515157264596003548
.n1info.com/	1970-01-20 00:19:16	Name: _fbp Value: fb.1.1634980312996.1150188249
.hit.gemius.pl/	1970-01-20 07:38:28	Name: Gtest Value: KlSqmRMGQMGGvf0j0XM5kRcissGMXP8c25nSGYScxxS7XBG.
.n1info.com/	1970-01-19 22:09:40	Name: _gat_UA-51336095-6 Value: 1
.n1info.com/	1970-01-20 15:40:52	Name: mpn-devE_ga Value: GA1.2.1893457142.1634980313
.n1info.com/	1970-01-19 22:11:06	Name: mpn-devE_ga_gid Value: GA1.2.265160244.1634980313
.n1info.com/	1970-01-19 22:09:40	Name: _gat_gtag_UA_162781796_7 Value: 1
.facebook.com/	1970-01-20 00:19:16	Name: fr Value: 0vLfrCV1RmGt2himJ..Bhc9HZ...1.0.Bhc9HZ.
.n1info.com/	1970-01-20 06:55:16	Name: _ym_uid Value: 1634980313775256610
.n1info.com/	1970-01-20 06:55:16	Name: _ym_d Value: 1634980313
.hit.gemius.pl/	1970-01-20 07:38:28	Name: Gdyn Value: KlGDGMMGQMGGvf0j0XM5kRcissGMU19iL6nxmG7s2SLslAaiGsRPtP7iGKGGqjJBgGb8EoG2GxGK4Fl_XFyGsG..
.c.bing.com/	1970-01-20 07:31:16	Name: SRM_B Value: 0C7F456FCBAC6FB90C5955B6CAC76EE3
.n1info.com/	1970-01-20 06:55:16	Name: _clck Value: 1suync2\|1\|evt\|0
.mc.yandex.com/	1970-01-19 22:09:40	Name: sync_cookie_csrf Value: 2013598449fake
.n1info.com/	1970-01-19 22:10:52	Name: _ym_isad Value: 2
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 07:31:16	Name: MUID Value: 0C7F456FCBAC6FB90C5955B6CAC76EE3
.c.clarity.ms/	1970-01-19 22:09:40	Name: ANONCHK Value: 0
.mc.yandex.ru/	1970-01-19 22:09:40	Name: sync_cookie_csrf Value: 3438410609fake
ba.n1info.com/	1969-12-31 23:59:59	Name: DM_SitId495 Value: true
ba.n1info.com/	1969-12-31 23:59:59	Name: DM_SitId495SecId2420 Value: true
ba.n1info.com/	1970-01-19 22:09:42	Name: DM_SitIdT495 Value: true
ba.n1info.com/	1970-01-19 22:09:42	Name: DM_SitId495SecIdT2420 Value: true
script.dotmetrics.net/	1970-01-19 22:19:45	Name: AWSALBCORS Value: kcXqDqNowm9c5va6VX4o+FgMC1n7m+pHfujbA9uaycQFnh7J8BfvIhq++3ShyTH61R2CBIG6XZ6gnlndFnioIJ4nQnh6opRUPVw0EPpL0kzc+yhl3lrPN5pD0YiI
.yandex.com/	1970-01-20 06:55:16	Name: yandexuid Value: 3948566141634980313
.yandex.com/	1970-01-20 06:55:16	Name: yuidss Value: 3948566141634980313
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1167451771634980313
.yandex.com/	1970-01-23 13:45:40	Name: i Value: Ea9m4gZ93KKgK22F3EwYcpMR/V2jv2TuCmfYH+dUqs8O0TxDMrgqvQ2E+rc+J/GHuFQgdmhUFLAXPh+moMxh/k8BVRM=
.yandex.com/	1970-01-20 06:55:16	Name: ymex Value: 1666516313.yrts.1634980313#1666516313.yrtsi.1634980313
.n1info.com/	1970-01-19 22:11:06	Name: _clsk Value: 8ju9f1\|1634980313575\|1\|1\|f.clarity.ms/collect
.n1info.com/	1970-01-20 07:31:16	Name: __gads Value: ID=0b341abcd2aad658-2289ae5efeca001b:T=1634980312:S=ALNI_Mal3vc0STzsM4ju_YMnog6pItsyZw
.n1info.com/	1970-01-19 22:09:42	Name: _ym_visorc Value: w
.adnxs.com/	1970-01-20 00:19:16	Name: icu Value: ChgI1u5nEAoYASABKAEw2aPPiwY4AUABSAEQ2aPPiwYYAA..
.adnxs.com/	1970-01-20 00:19:16	Name: uuid2 Value: 4375807751088543771
.doubleclick.net/	1970-01-20 07:31:16	Name: IDE Value: AHWqTUn9dz91YhvLH4CRYH1U-2tM9-QdokwoBVX3R0PmR3KxLeSMZ4YS0A1S2HmQKVM
.adnxs.com/	1970-01-20 00:19:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVLuv8nV!]tbPl1M>e)ZlrFUfJ+tGXxpOJ+#ShL^'--MvI2AHQe1pV>XRA_K@XbpMbGrbpRzqF1`b_Mt7qQi
.casalemedia.com/	1970-01-20 00:19:16	Name: CMPS Value: 5204
.casalemedia.com/	1970-01-20 06:55:16	Name: CMID Value: YXPR2illTr5ivO9gVF0UdwAA
a.twiago.com/	1970-01-19 22:52:52	Name: deuxesse_uxid Value: 5eea94af0607182db9a672f268bbef43c4ae9fdbdb2efcd79b44b4cb55140b7f
.casalemedia.com/	1970-01-20 00:19:16	Name: CMPRO Value: 1190
.casalemedia.com/	1970-01-19 22:11:06	Name: CMST Value: YXPR2mFz0doA
.redintelligence.net/	1970-01-20 00:19:16	Name: 8lcfmzhxc8d6_uid Value: 78534bde23c2d4ab
.casalemedia.com/	1970-01-20 06:55:16	Name: CMRUM3 Value: 2d6173d1da2760CAESEDen570_sTc8zMThWdaH5G8
.criteo.com/	1970-01-20 07:31:16	Name: uid Value: a2f936bb-4b96-4ad1-aa19-92ea44afb3d8
.n1info.com/	1970-01-20 07:31:16	Name: cto_bundle Value: CsiPkV9UcExpZFhTUjVIQ2xFbjUwU0xPeHNzRjllU25YbHclMkZYNjFOaHFZTE1pQ1RnUzRXWVNPN2ZRd2Z5SUtIQVpCUUtOQXVRRjhFWGFlcWx6Z1lqYXVhR0poVFNFd0VJdUlaSGVqYWtKMWJxaHlxM0IxMTJ1TmdybUpnZGpHTVRnTGRicDNlWndrbjVidG5Zbkx0cWwlMkZ3WHNBJTNEJTNE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9435.A2L56PU1x9Xzk5O5q_VXyDeJfwAvG2tueR1g4VjuuhyXFB9Tvk-4TMGy4tmJCsKtYW5GmL96ebm_DhUgfAMGCA%2C%2C.DU65J42KaT9YSwN2-6Uytf2EXZ0%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync2.adnetwork.agency/image?pbjs=1&coppa=0 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.twiago.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
api.smartocto.com
ba.contentexchange.me
ba.n1info.com
bidder.criteo.com
c.bing.com
c.clarity.ms
cdn.contentspread.net
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.monadplug.com
cdn3.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
collector_alt.contentexchange.me
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
dmp.adform.net
dsum-sec.casalemedia.com
eu2.adnetwork.agency
extreme-ip-lookup.com
f.clarity.ms
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gars.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90007.redintelligence.net
hb.contentexchange.me
ib.adnxs.com
images4.contentexchange.me
linker.ba
ls.hit.gemius.pl
match.contentexchange.me
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
ping.chartbeat.net
pr.ybp.yahoo.com
rtb0.doubleverify.com
s0.2mdn.net
s1.adform.net
script.dotmetrics.net
securepubads.g.doubleclick.net
shftr.adnxs.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync2.adnetwork.agency
tentacles.smartocto.com
tpc.googlesyndication.com
tps.doubleverify.com
tps10203.doubleverify.com
tps10232.doubleverify.com
tps724.doubleverify.com
tracker_ba.contentexchange.me
ug.contentexchange.me
www.clarity.ms
www.contentexchange.me
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
f16c82f3cdcf2d9552af485ed0f4a6fe.safeframe.googlesyndication.com
109.206.182.78
109.236.91.3
136.243.149.243
138.201.63.157
142.250.184.198
142.250.184.226
142.250.186.66
142.250.186.98
146.59.30.100
178.250.0.157
178.250.2.131
18.66.97.71
185.97.52.29
2.18.234.21
20.84.22.197
204.154.111.109
217.182.200.20
2600:9000:223c:4800:18:1fcd:34f:cdc1
2606:4700:3030::ac43:a7d9
2606:4700:3035::ac43:ce39
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6812:abc
2620:1ec:27::cafe:2093
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c1b::9d
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:281::f09
2a02:26f0:6c00:286::4469
2a02:26f0:6c00::210:ba79
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.199.28.94
37.157.2.247
37.157.3.29
37.157.4.41
37.252.161.191
37.252.172.45
37.252.173.215
46.19.11.36
46.19.15.13
46.19.8.15
46.19.9.50
52.142.114.2
52.213.132.247
62.122.168.72
63.251.109.137
63.34.36.239
85.215.5.31
88.99.65.215
00345329e923541aa12a1ee7499f0df770368b59488fc818afb7748681dd9db5
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
02ca78ab3f22b249b0c24ec6b79f67db2e0ad80718ee621cf9aee256be5b8985
045342acacc0c5cc361d38a45745307278ea8491d4c72a057a7e808ca30e0523
05c29f4843ff66f0a84b8194dcdd2f55152a4bf760c5ff7c5ece98a143048c15
05eb32ddcaa8b70f44b82f940d519f27d2c0679d8efb8e49a3cd039ecaab89d6
06e155a3f27234aeef39bfa1341f4346909251fb37b48310d77b60d6198910c2
085a96f68a4fa59fc998f2db8ea3e44ceaf21bb0f7838f753c84be8e4f9b1ad6
095d1edb97e400feb09c91d81ad59f207df190e99c30460eb1162234dff3636c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
0bcdf46f3998f7dcffebf209fa6f47e539577e94f3def65b1dc42f320a698c3b
0d5176500e066bde7d47875395fc4fd3760f2e51eee5de5ffe69ac20b1a185a0
0f9f199bedd330f271f2a1f503aa6012fca850fa0cd7f442385a5c703c645481
105cc9d4f14208c3bd83011985ca2afa9b40dd7c3826c984a228d51da787454d
10762e073f9073d062cbd7e2174e093c4e7544d04b16c2de9d97dc3ccf3e57be
10a6ae5ce7d00ef26118ce34a4989dc890f60fed12a9a3a591a3b028bf06de93
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e6d8e6fceb026e47add64d510c9d126fa939b0b047ba00a8d63a16469f4ffd
14d3beabeb36f0548abb03d3fad5fbf4f5ef7d1600afe2550f01c30fbf706f9c
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
18a331e70b9a3f31f04f1f4570acdf64effa31260badca36488527f7fb4ffa18
1919835fdb83f96a0e915a8438b436096115d01e92263577791d181ec0cbb12e
1b914cd72e125a609c70fea5d3da256a225c93fbc79a82558eb5a4a3489cb64f
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e1203f56c8cc58c0c3cba9c8d0026e4665073d50d0dccd3e33924800ec3aaa5
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
1fb216249bb02d3a584ce8cde4c5f3d37d6e3f5b4d246739494726a6187e774a
20dcc0eda63617bc1fd8d06bccfa7ac9cb358f73505a67cfdfe60c074bc55e9d
23338364b941444372adb377460081b6ea24f8d210c989a8a90860922ea10cf1
243248a9e62b74a90d4c729a5e1ab3a174d59d0630a9a91eaa07c8e28de63e40
2469d9f8fc9bcd567207d1cbdcb85d220ae3fe4c46577944c8ed477aa6c878ee
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2a8f17a26f5a455a5bca14543a8401b8c18fafe6b7a4b54b3d58548d43c43c55
2b714d33682f8ffd1ea7cfa97cd524a2bdb82bf4e1465950217283d52d8aa119
2c9e9a2d9d0a5439f68252f7a41946ac9c33865502ae16d111818b455fd8ee9f
2f7d75c4ce1dc28cd119ac010a7ed63d174fea0e348b7cf02412c38731b9432e
300ff9572a6ba149ff9ce63ce27436949396f8d758d701c13ee1b0212c0b9c9b
311b6c1a6eba52adbbf75badda0d60b7bbc73ab361694a3dfa38f7e1e597b3ae
3269900957596b797ed22998c3ecebc6d76fc59144716c4c196f33307627b776
347ef0300665cca93674647de112d393b4305f5c41cbdfe1757c187d8fd53947
3513a5809d681c144ae6ec0e759110fa3d0c6bfb9fc09c6997b02761a916296a
362fd1c9d300aad5df6bc3f275b21a4b7c652f6655b0bbbb5d898d9446282536
3786a2cf4d0b4767e62b705b1431d627ddb5dbbe61f6de134994007a70b9812e
383ecfccdfe714fa5d66c35039b9a24f8913ae9a903d88b99cf1c84697f512b1
3972e1acea2375a5024efd2df897e87fef781b9d78b0ca7dfa14f68ccc8f21fe
3a325b95208a73289a9b744527a4bbd7b9567f0aab0246036e8268138aa2ab27
3a5c27f44e09f88e8e75bd70035bc9ba0d35f1b91e7e486962415fb8f4091cee
3a632081f251631212e6841c59b28a8528aab5a42726061f82cefcca8bfdc2e9
3be3a5bb428415239ab4b8054ddb355a573ba1ec87cc52f8c9a2239805ed4915
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
3d6222f139b4071e1fc7a0a79c0da03b2b1c5ba857ea46d547528112ec8614e7
3dddcc8b471e8467eb53c2746e66366d3dd1bc28e1765d55c932ceff288ee383
3eea486681a351edbeadf812b5ecdee4f3c856db3fafd2a46a9d03bc34433f79
419467cab02f49399a331e1d91975bf48bdf9ef2169cdc722dca47f815397e75
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
4845d25fce1a34bca25fe5cd88b904202b2b66bfbd974baddd0089f2664ab69d
488d623c712b6289868ace4cb586b25cbe868c9fdd96e491520e8b5f1c05a46b
49b9761fbbf9445df3050a132243ea6c7be5e9a048cac52136aba95d68819d0e
4ad947be529a76270d40ec4fbd39bbd2a37f05ee240cbac0048d689ead32962b
4ae23b733c66469abced359fef58fa78b6d9fbbe62f832e1296162da5c299cb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4cff6255163553846e6123a53e2936762ba8497597985406aa144128e8414cb7
4d2f52b8b28d000c371c25aa12b5a3a271441445cbfc5d43f062a455e5e6f2ad
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506af3dd21782ae082bd4b4364e8289762251e0e91555a61eb417f5146c75ea4
53716e7c1a5967cf42986f5b299331d8ee1838c5fb467a877d4e45ec9b4addde
5392e2e183fb58c10d73f991558dfd289770618bf61e9297dab94f6e66e78c24
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f623f7cb27a379103f76bd08dcfc74992c886378fd68bc35a471e74391a77f
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57826b01c7e5f468e1939a6bdbd586c071e0732fcd22a7f93746cf14a40a45ba
5a6c85f1bcaa24581dd452b04a36521c43dfcd61e2ecee270c52cd6188d2cb2b
5ae4fb28be6c5f648510fd05214221c872907f8dacd1dae029f44c0383a9fe37
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6256ff909ac645c09866bab6875459e7ab2fb055ff6422c78ee1870713a5c206
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
65aa872abe45427dbfd0951d1b3f5676ce8b5ea4031c0e77ac4e3eed6ddd25cd
669e70008efa777408288b7b60157e571c688bc688ce25014b0b37a887b86d5c
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
69b6f33ba1903f782cb03c3e5d3809dd9fb6e2535b219fad4eca58568100560d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbb5e354138bdacaf7fe81409ec991637f79792f4a140480764628a993e7251
6d420c16369b0e983f3ebccfb03218658ccc36fc494b9f5e0a3735c441a89932
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f6c07f3b9f9d5d741c3197d738464de4006569829327e54397955876f5db812
6fa2b45dd74f3a7966a621f5a23b176ea665d8b0ae5a50b1b1cd6ce959fe066f
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
749b53442e109557196c6dfd92754eb8e6e61cd51cb0d3986b7f6bd886a9aba8
77417d0a4cfac17490fafc88cea412982dfdececd2c4641bd98248d327588a06
77b45c126200684d875b3b5cb2570e43045e1b8bf2b426773d7c58642f791241
78c515478ab9ddc828d94184f4c605a68dc7de15b7ab40c9cc2cfe1bbcf6c2e6
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7a2271ae6b6581fc32679345bee349f1fd7c7810efc08d96d89bb508b4588b2a
7cdffbee099ce1843276d981a860c5a4b8a61f8dcdc1e4c45c33808c019aaf83
7e6717167b034a59f8deb7f34b811fb8cadeff96b1b27c85acc404e4cdeebf09
7e7721866c4b8de3164d293ceca8b1deedc274975b6fd59a5aea89cb27e44fbd
7f74f47ea1d8cc16b68cff7b59a26d443d34b93509611fcfcd4c0fe87d285e97
8148de050d7d23d1e55bb1132abba028b6629afea6dff7acb1b7111d2f2eecad
823b07c600f3e1b127d07728c1b5f9f0c2d5adca6b57bb14bbbe8af72339e5a4
827baeefc193cd3bdc7a9a139863d20509835eeb4970a35f941ec2aeb724992b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83aa3147ae3e2c330311cd8e197be4eef80153ecfcb2f6c6ac55502bd9efb97a
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a9a2188af92551c9902c54c569cbda1e64f9c81e762fe1d544aa58b826caa1
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87567972bbe1e198a17cbdf9b5b40bd9f50a1657d91ea8872c9b890ec570d042
876d54cf363dc2e95b197c219975544e7285f83a453248197114b39a629b6ba4
87bcb672544665b413f7179d20c194959fb0c5666945ffd2744c80602de09637
8aceaed3689381853ff3c7ab0d98711a29a1ab9970a3b4bacf1d7a99e0373358
8ae101a5f7f8ca00ae78fdc9cc776b6abfd9e1f9ddc852ac6e2394b44df2f8e1
8d883aca765436acdc3def820ef0371fc586912325f0adc945e2ffcf9b8572ed
8f1002e78b0076ceb24824cfc8e6f3cc8bdf53c0e149bbd31ddc28f891039889
8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b
8fc8362411160d2c261c70cbdec80543967bfc3ce7bdba41a4cf166fb425d4d2
90a9da53f43a4fc11a7ffe7b3ed54ba66d4d49e2e26581211a9abff545c314e0
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
951c201eceb26489dc9b4cc8ea4e408ae957410ea32b0fc7d4845d851886739f
963ed96b9cda7f6881a9913a42d7f0a0a507802c9e289880c079362ae78bd94a
97642feeb9f3421b920b0cbc0b9c2e4dae6e31fa014b988bb61399a0fe0b8226
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a896c6dfeb015beb3c9a9b742eecf64ee64f80904389de5b04624443ad9ddcc
9aff156d7fa773b99c2b5d3d3813844212d5de624e95b1779055e69aeb00face
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359
9e6b26d172a586c0b70f8993128a9d379ad6a8245ba12b23367bba4911559ac5
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3af9d28828195fab56321c2dca451e7199c592b87bb6884e931b7380162c4c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50a6893eecd2102a09cd2e28164ae607f36951bc50388e78d9a78739e1c6c33
a52608edb468a1c97561d0c2af604e05757a20b87895b9886e3e9c62280a824d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e9c9e8c54fb9ab9e18072d1505171ea2a7cb79e900d954031898d8724dbbf9
a91824e97a33fb2315087949f417a955dfd42fd4d54b78ef60359cb3a5dca6b5
ab5770308d93a1b620a7d57ab0b2f951ffc405085067423d4fff082db95669bc
ac81abc44564470c6fe85aca120c7c6f1df6220629a155bde7b3ec327b6a9d97
acfdcc9805ef5d4b5241babce6f48ea96cd049613750a74e6db2d5220118fd6d
b0b096a8934aa2427a28ad4b698b9e421a71c169ccdbb1ee9a510ef8ef9f8544
b0d247d4ae74ae4879a66a19d19b8dee5f564da1dc7fd58dacf3b9d4acb7ee65
b113087067c8050cd07805224f84815ed84fbeb57943935fc3537940464c0611
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15f082cf633793821b0be2cbf6bd99d1da9e475d700b9f9093b5c541d59219b
b2de13c895a4b104022ee28e01573b40af1bf7592375a3ec2358ed273cd7a4c2
b33d99ba750dd512fad836f8a4e29aa941e56b164d72ff1c3ff4eea4dda870b4
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bc2dd7f1505044f378a4d3f22ca09af095981527a140e0ec1c6a96d6bf570076
bd071c9121b23faa1b717d949f6aef33462c5b728b156d422f93565d175d5af2
bda7ae7f326918eb5738321268ffca9841f41e05652f9f1646bd74092c5d8b89
bddc33cbb79aa36b4338d69065e751216bb306989801bdb0f443a87c75676644
be4f01d25f4038c67570c28418418a7398e6c082909efb2fe271636a3c6dd0e1
bf878d7fb3981383cf4199215260c1555d0ac664577999e1e261613ae9e4f311
c024c716d39ceac96ebfba72c2dc0576ea5a60f5ee23332c50c462c3c723c7b8
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
c710eba769ce3f75c8f2e549df24b89586144c00529b04325287cf0038ebc979
c72c166625bd6243d9b8239db906e8d88a46ff06d4108f79449c45e2f0f0287b
c7d30405f475ab4cedef48acb729862fff953970816983a92e8688de0d922b2b
c995417e49d98eabb066b0d6e34684fb99a490105dd83f55c9546102d3d264d8
ca7cb3272ac8b8e3d5a248977ca95b73874b20f7c4b109689f736d4c9cb2eed4
cc6a54f1178b9fb48d021669c8d807ff36413c1f48160e5f8a37ea4b90583e92
ccdd76a578bd45c3950d0a0ff383ff448137ea6856c654bca8b7c35236d9f484
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfeaf982f02024b34d468b5a986d2bda19b472706bd5c4ee397a8e1f83662555
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d29efbdb1613dd373678cc6e8e6e6f4cf003ce3d076c2be27e456e93dfa601c0
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
db06b50a3f6b4222be0ee20b40ff4bb92cc7e304b6563407c10875aa0d5982ca
dba6e8d20ec50022dde171e5bbf5fd4e0e783cc92a18fa45018da7d8ce28c256
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df684c1836074c2757b39f6075341d00839ee81934ed358230493823d5245f91
e0b0d082b947bcb3409d1246d38c28733b1e9c320c832e21e96a306f4c2daea5
e0b7e0680a588ae3dba8658a482aaae69dbe9981136719abaf301ecb25223637
e25b00a3bae232fd6ef8b441dad75dc31a596e36a4eaac225930644f263f351c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70ad4750c8e0d12236baba3fd03546eda8dd7a6a851596087c89561ae4089d6
ea058413a6122efaf3fb58216d79bd6886a87e206304a50c4a3b0e477bc3941c
eaf4e7a61a70d1d7e7d9b6b881972dd531579bdeea4ae410e01d51992ac430b0
ebb5753493440d813afcf1028aeeefa7f75d460fb9b5bbca6c37f9f268b149ef
ebd0070ca4819270200c94b6ea5ec82c771a71719a1d3c9e41ccd8d95544070e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecc3bac9691afbf4099c4a8fc9eca3846beecb95341437f8148f3bc086603691
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0eb95f1df71ec706abca0a053ccb9e77821589982d9f3579df8f68bc86ab093
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f682f0c51ca805d8fc070c2c5b0592413544a0ca1bb0da6d121c0e66cbdf5418
f6c148acf82398c43bfcd58b97b041a921d2bdfb0566f68e1c686889f880c789
f719c75c13cab0545892abf639eba086c8e1c4d35c9ab8ffecc709de87d3bb7d
f8ca0542a29f726c2ed5e04e131c6b2bd8e173480f68b413c13fa2b1ab71cb65
f8cdf05e444618081e27b3ba9637fdea11c76ba6f47b9fb3ec15044ed655cca1
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe51695a4ec686cc0bff2f425ec3f773c5be272d63d079eca59f40e8ce23e02f
fecf37b461f7d247f6874fa15bd5d092b29f75f897086ec7ec261a58b3651d01
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

ba.n1info.com Open in urlscan Pro 2606:4700::6812:abc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

274 Requests

99 %HTTPS

49 %IPv6

41 Domains

77 Subdomains

67 IPs

14 Countries

4120 kBTransfer

9078 kBSize

65 Cookies

90 Outgoing links

Page URL History

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ba.n1info.com Open in urlscan Pro
2606:4700::6812:abc Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

99 %
HTTPS

49 %
IPv6

41
Domains

77
Subdomains

67
IPs

14
Countries

4120 kB
Transfer

9078 kB
Size

65
Cookies

274 HTTP transactions
6 data transactions