rantangame.com Open in urlscan Pro
2606:4700:3034::6815:2792 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rantangame.com/4259.html
Submission: On October 07 via manual (October 7th 2022, 11:23:34 am UTC) from ID — Scanned from DE

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 14 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3034::6815:2792, located in United States and belongs to CLOUDFLARENET, US. The main domain is rantangame.com. The Cisco Umbrella rank of the primary domain is 317917.
TLS certificate: Issued by E1 on August 26th 2022. Valid for: 3 months.

This is the only time rantangame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3034::6815:2792	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:d620	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
73	24

11 2606:4700:3034::6815:2792 (United States)

ASN13335 (CLOUDFLARENET, US)

rantangame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d620 (United States)

ASN13335 (CLOUDFLARENET, US)

nutraoneday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	102 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 789 pix.eu.criteo.net — Cisco Umbrella Rank: 5790 csm.eu.criteo.net — Cisco Umbrella Rank: 5493	196 KB
11	rantangame.com rantangame.com — Cisco Umbrella Rank: 317917	136 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	197 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 11918 ads.eu.criteo.com — Cisco Umbrella Rank: 5457 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7707	48 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	1 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2144 www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	42 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	117 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	5 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5221	792 B
1	nutraoneday.com nutraoneday.com — Cisco Umbrella Rank: 187072	8 KB
73	14

	Domain	Requested by
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com tpc.googlesyndication.com
11	rantangame.com	rantangame.com
9	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com rantangame.com www.googletagservices.com
7	securepubads.g.doubleclick.net	rantangame.com securepubads.g.doubleclick.net
4	pix.eu.criteo.net	ads.eu.criteo.com
3	1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.googletagservices.com	1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
2	www.google.com	1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	rantangame.com www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
1	fonts.googleapis.com	1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	rantangame.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	nutraoneday.com	rantangame.com
73	23

This site contains no links.

Subject Issuer	Validity	Valid
*.rantangame.com E1	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.nutraoneday.com E1	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://rantangame.com/4259.html
Frame ID: 8AA3A694EE6D1C0BFAAC9EAED834CED7
Requests: 27 HTTP requests in this frame

Frame: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 194C5DA35E5FFA6C8C92BD693DEE7B90
Requests: 1 HTTP requests in this frame

Frame: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A3A5FABD27240B569F1C9BDAB02430A
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0AMLwAOBp8Iu8mBAAqow_eYZI24f_T3vufTnA&u=%7C%2BILS69oHzofTIY8LYYpJycxNQSZBaXznhO38B%2Bl%2F6Gk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEgLdvtfj9EXEpQYgfDysoogy3vUWzg6a4-VOAE04QEPfoVu1Rff3I1pEaJQOCxDJe_BE-HQkuTJPL4ZzpIcecbL75xq3Tpd9MJe5AT-AaQUcJigVC9H-qfgIQFHNgTxEWykN_aYSXLCKKB5z3bU1DksaQdJf1QXEMB3rwpRtngLhOFiHmbDEXfZZB1vegJlZAVDpv4Y2w39mSRnYywFYUXhk5n--giLjE93u33hLpatIa7_eMkWaXGIpnyo6fryPoHbLelQDpKwgaeq9SNoUzrQGNenw5AZg0kPe03TQ9l4XyCB1vPZQQPRa2ebY2O2j82ZABXYQSpnoCJAdo9HiAYoWe6yOPQDqV4BB6ehkbdO6SyvEt_0DDDDWVtg2He5jR3TxIPRSXy8F46WtCrJWpbkzUtyxnw4iAIwHhvL2wPm96z-f3S-w3SOemm4bSjHXyiBgGfjpyCl2lCu0x5Qe8fz62PROLKe07AY4mAVpQWlMKL5h9RbcWDLmUGSzAxesUCtuNoZH6I4nJwrgpqt0fqeqmkNLcGuwWqA61BDnVv6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-y5pLwxAY5-NOIGT7_UPw9GqoAnJntKxXNWdkfdwwI23ARABIABglbKVgqQHggEXY2EtcHViLTEzMTg2NjEyNzI3NzY1NTjIAQmpAiPQxwc_b7A-4AIAqAMBqgSaAk_QVKseFUg8NonPUyLN-3jDcJqH0jT6Mh6Fy6r1L58hWNUT1ZLF0SIKoqolMvlBetDWGwUNrB2X6ZMp0BMAVoBTKt0bahUIbq4R-CUrfbbuFuhrLQzzYm0vuoth0cwSxov_xPOiZJRpUcFtDb6knT_IFo51sm83QTd5xPqixBtTWGuS7UluKm0uLTnGv-8XSX5kS2HH09_Q5J1Q_QWiN2h9e-BbagVX-7rjHimpr0g9jX4_njpd7_TRNyHXfcHH5tWZvTdS8jlW6rb7LW65MX1-QFdUdd1Fnpy_xXgWuDn8aLKzsTfyAGXgKbl4qbQEVhTtR1-6V4MQBYoocrpGClU02-ZxcAjTdlnURsbQkCXXa0mIf_uVeJRkL-AEAYAGl6b_ka3XtJHaAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VpJDnZhIjp3xzWRPrQakIPfqP0w%26client%3Dca-pub-1318661272776558%26adurl%3D
Frame ID: F81DD2D704C02BB0420582FC5D2E9553
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 705D1955439B647C91676A66A30EDCE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C28CF33A27C51FF9E77A39D4F56D4CE2
Requests: 2 HTTP requests in this frame

Frame: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12095BBCE4663DE0257251CE81160FDB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 5DB9EB527F7B3F23B529554315D09604
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

rantangame.com

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

100 %
HTTPS

83 %
IPv6

14
Domains

23
Subdomains

24
IPs

3
Countries

963 kB
Transfer

2082 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4259.html Show response
rantangame.com/ 9 KB
4 KB 98ms
17ms Document
text/html 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rantangame.com/4259.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ca20cf9bb83be25b0089418d5607862e3e442d059bc46ad0bf891c85101825

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10030
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: HIT
cf-ray: 756643c4ba5d90a9-FRA
content-encoding: br
content-md5: RtP5ipoFEXjjShjkbklukg==
content-type: text/html
date: Fri, 07 Oct 2022 11:23:26 GMT
last-modified: Thu, 18 Aug 2022 11:45:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4BRz00cD3JMKv8CQ7tZ8BGgYXxBWblWXOrkq2YTYjzBruKdYXB9UWXdxUv3crmiQ2iHOPSrIskvN9x2d6vQbRtggiJBdQeXZ58RLSEnIvjC669UeAK6vebyuKtxoSqav%2FOAKBVbOI9k0LJOVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-oss-hash-crc64ecma: 10995419945951074713
x-oss-object-type: Normal
x-oss-request-id: 62FE26E05DE0AD20C0989702
x-oss-server-time: 2
x-oss-storage-class: Standard

GET
H2 200 details.css
rantangame.com/css/ 1 KB
893 B 46ms
39ms Stylesheet
text/css 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rantangame.com/css/details.css
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d53b805d883a249c7456eaf582b3ee9491839c250d3110f0292274f2511f6274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:26 GMT
content-encoding: br
x-oss-request-id: 62FE268E0AD3867241921CA3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: /EqZTeeJk3X4u7WW1/V5rg==
age: 3539
cf-polished: origSize=1758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 11:45:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgqoy2ViocwvOjyxCsga4eBwgtj%2FHPPeKp%2F9AWhhD3XKwbKzBZT9odAHoS2%2FFx83bPmfszjne0mzjzUtLGEuwXxHPsV9oXs0SM%2B0nvzkX%2BcqZfsNm4DmKEYnvOlTYZRIcaL%2FBVN%2B%2FL3gdhmieg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
x-oss-storage-class: Standard
cf-ray: 756643c51acf90a9-FRA
x-oss-hash-crc64ecma: 2757107462631160104
x-oss-server-time: 1

GET
H2 200 jquery-3.4.1.min.js Show response
rantangame.com/js/ 86 KB
31 KB 49ms
43ms Script
application/javascript 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rantangame.com/js/jquery-3.4.1.min.js
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:26 GMT
content-encoding: br
x-oss-request-id: 62FE268D76BD22CA2296B593
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: prY1DulKPqdFlcBly/WK8A==
age: 3767
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 11:45:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvqMoVYy%2BwvP%2BNR7nRbIS0PDOxcY%2B4BtcHtdU9UQjTrA09FTzYKPylyhS2y9deNRTilgTyMqcu7LwTleBeOgqcr%2FuDOI6VvarVfBCuiTUc1grmIyvAy28JZ7wIE54SsuIIeXo%2FBtwVSzS%2Bg8Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
x-oss-storage-class: Standard
cf-ray: 756643c51ad090a9-FRA
x-oss-hash-crc64ecma: 13986161013320619420
x-oss-server-time: 11

GET
H2 200 commone.js Show response
rantangame.com/js/ 660 B
804 B 42ms
36ms Script
application/javascript 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rantangame.com/js/commone.js
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd7cad762b06a87b5d0d1b38e9d603ad7d6bc2aecdb3ebf11dd75d9805c5468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:26 GMT
content-encoding: br
x-oss-request-id: 62FE268EB0D7E4EB21936798
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: QOit1yt6huYoIskUd8zINA==
age: 3768
cf-polished: origSize=951
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 11:45:54 GMT
server: cloudflare
etag: W/"40E8ADD72B7A86E62822C91477CCC834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfTh54aMMARAn3uzR3GJu9v%2BYlBUOn42%2BrZSYbyUw3IVs6pGypCjD9HlOpd%2FKC%2Bv1mAQCKecx53Hzfefq%2BbXWMQCmlC77XVMfa2ojunHoxufC%2FcOd3dDta7qPFGPx2T%2FlG85Z9EYWxDeNjaOjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
x-oss-storage-class: Standard
cf-ray: 756643c51ad190a9-FRA
x-oss-hash-crc64ecma: 16545303458394182557
x-oss-server-time: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 349ms
0ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rantangame.com
URL: https://rantangame.com/4259.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

858208d63d7d765ad745d13a457e78d892ecdf86316d071c759852351b20d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27707
x-xss-protection: 0
server: sffe
etag: "1356 / 519 of 1000 / last-modified: 1665140982"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Oct 2022 11:23:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 346ms
0ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QDPC64DQL5

Requested by

Host: rantangame.com
URL: https://rantangame.com/4259.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ed40f72f6cc6b14c4fe71de4291eb9ab796938b7bd696f528d47327067dce6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Oct 2022 11:23:27 GMT

GET
H2 200 seachico.png
nutraoneday.com/style/ 8 KB
8 KB 327ms
0ms Image
image/png 2606:4700:3037::ac43:d620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nutraoneday.com/style/seachico.png
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6b8afcbf3269216d894c35533bbbf52c65bbee38d2620c955fb7a6d0d217f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2773
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7711
last-modified: Fri, 08 Apr 2022 12:39:06 GMT
server: cloudflare
etag: "cee611a3454bd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGQoelwbb1ZJ5Q%2BCZuYZljfP3IB2XEiRUsfbOLlfuETo96AGo0L%2BhP%2FjsEiJP5H1d%2Fl3GDBw922Px1K9mWiScRI6bToDVwFa7pJf4lTJcn3ALWUdrLCT8VWD8THU3OhemHlRu%2F5I%2BLIXyZx4d1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 756643c81b7b910a-FRA

GET
H3 200 email-decode.min.js Show response
rantangame.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 202ms
93ms Script
application/javascript 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rantangame.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: rantangame.com
URL: https://rantangame.com/4259.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Oct 2022 15:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"633c5360-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2bXX01zTIqiiowCKKW7xKg3FRTiFOII6TU4HLnvcwijv9BnKmY4i332%2BzEVefjWqrQdTNNBjGBGnc%2BKikDT6cWis7Fk8rkfKp1a5uBLV8xaaVlQNduKBZZ56TUBbRj8Uhl8fnCQkzx%2FGBlQLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 756643c64ab0916b-FRA
expires: Sun, 09 Oct 2022 11:23:27 GMT

GET
H3 200 details.js Show response
rantangame.com/js/ 338 B
899 B 163ms
70ms Script
application/javascript 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rantangame.com/js/details.js
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a571ca68ae0bc6c0a482fa8f5829fb2576a060b5c9df9c77deea2eaa7de5820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: br
x-oss-request-id: 62FE268F76BD22CA2296B5E0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: PSox2fYp7v+55c8uJpItBQ==
age: 3331
cf-polished: origSize=461
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 11:45:54 GMT
server: cloudflare
etag: W/"3D2A31D9F629EEFFB9E5CF2E26922D05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYCJ8NX2xQI1TF5VfgpW2Xc6%2BRw8Ad9%2BLiBEB0%2F4Zu%2FEkLH55P5N8K5rmQfuDhZDUx6ypG0H%2F%2FbL9AuSf2YYUs%2F7D%2BQiQ8D7C2JKDuaAtKK6ViYgd0qX7b37ncQq6uCggFxFFIODZ1Z%2F%2BlaJYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
x-oss-storage-class: Standard
cf-ray: 756643c6ab5d916b-FRA
x-oss-hash-crc64ecma: 1589306571313610964
x-oss-server-time: 2

GET
H3 200 pubads_impl_2022100301.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 105ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130906
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 07 Oct 2023 10:29:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 97 B
110 B 100ms
36ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rantangame.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

27c473eef05d41adb8428c57e043d1dbac063b4930afdf3a107e899ff31ec4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Fri, 07 Oct 2022 11:23:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 152ms
88ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-234230474-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDPC64DQL5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d28363aeb7f483ddc37353088e0bca6b414b0580db8b6511ef161e75f3cda01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42376
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Oct 2022 11:23:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 117ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QDPC64DQL5&gtm=2oea50&_p=1361890279&cid=626851825.1665141808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665141807&sct=1&seg=0&dl=https%3A%2F%2Frantangame.com%2F4259.html&dt=rantangame.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDPC64DQL5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 11:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rantangame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 75ms
28ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rantangame.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
25ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rantangame.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 190ms
190ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526233357298290&correlator=3405618136253867&eid=31070086%2C31069353%2C44742767&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=51912183%3A22687921614%2Crantangame.com_at_0628_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2006883896&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665141807861&lmt=1660823158&dlt=1665141806859&idt=863&adxs=650&adys=257&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frantangame.com%2F4259.html&frm=20&vis=1&psz=1600x276&msz=300x250&fws=0&ohw=0&ga_vid=626851825.1665141808&ga_sid=1665141808&ga_hid=1361890279&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

64b82409f6a3add1a309de55ca6765b401f31b3d9eca29c90069d777209983a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10147
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rantangame.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
32 KB 684ms
683ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1526233357298290&correlator=3405618136253867&eid=31070086%2C31069353%2C44742767&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=51912183%3A22687921614%2Crantangame.com_at_0628_320x50_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=2&adks=1593453451&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665141807872&lmt=1660823158&dlt=1665141806859&idt=863&adxs=640&adys=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frantangame.com%2F4259.html&frm=20&vis=1&psz=1600x-1&msz=320x-1&fws=512&ohw=0&ga_vid=626851825.1665141808&ga_sid=1665141808&ga_hid=1361890279&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

08d561ebedc3ea6670f0f1b1c8cd20f892704cd5a36746e0d61906ffa0d1ebd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32430
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rantangame.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 194C 6 KB
4 KB 106ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rantangame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:23:27 GMT
expires: Sat, 07 Oct 2023 11:23:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-234230474-15&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 11:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 450
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 07 Oct 2022 13:15:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 52ms
21ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1361890279&t=pageview&_s=1&dl=https%3A%2F%2Frantangame.com%2F4259.html&ul=en-us&de=UTF-8&dt=rantangame.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=562300524&gjid=2037067247&cid=626851825.1665141808&tid=UA-234230474-15&_gid=618618536.1665141808&_r=1&gtm=2oua50&z=56643497

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rantangame.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 11:23:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rantangame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
rantangame.com/images/ 37 KB
38 KB 43ms
41ms Image
image/png 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rantangame.com/images/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6624150eebda9ee32a2473b061c2b25dd0600b4ea7424a6f8d3e8df9072c0007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
x-oss-request-id: 62FE26900AD3867241921CE3
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: RH/siXXh9dNmx80Wxm3z4g==
age: 3527
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37771
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 11:45:57 GMT
server: cloudflare
etag: "447FEC8975E1F5D366C7CD16C66DF3E2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nA1nreS%2Fl3%2B%2BFoTs%2FSFe2E7ZZ6PiQPov1aGRO153s%2BWK9B2sdDJunr9KN9e7qZWY%2BpOuOO6RO4yXk5XDT4SWdX%2FemQjk6LJfW%2FxzM3rAXQG4sXh%2BQSpbkV9WXoaIfZSNDjg8bYultl2v1yAjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 756643cc5f0e916b-FRA
x-oss-hash-crc64ecma: 1216884585054528034
x-oss-server-time: 1

GET
H3 200 back.png
rantangame.com/icon/ 2 KB
3 KB 19ms
17ms Image
image/png 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rantangame.com/icon/back.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b884bc89b2c615c5cb3da0e715a474dfc86095ddfefe35b2b3412ddf28e391d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
x-oss-request-id: 62FE26955DE0AD20C09889B4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: VZxpOelMTAvK5sh3DKbosg==
age: 10489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2435
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 11:45:53 GMT
server: cloudflare
etag: "559C6939E94C4C0BCAE6C8770CA6E8B2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVjmWiyY11K7WPKBfzvoGa1CGpvOsrYQlzrhmkGaeAav3IBKFHca0UTmEMWLvj2NK9jp4w7aT8XizmQ4z8zmHjJNUOHlYcZ7hjnyKXqKeCwok9WR5KY1gpq3C1sShZpupVSKyrNdZChD7hAYsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 756643cc5f0f916b-FRA
x-oss-hash-crc64ecma: 2083177991787105455
x-oss-server-time: 2

GET
H3 200 home.png
rantangame.com/icon/ 4 KB
4 KB 46ms
45ms Image
image/png 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rantangame.com/icon/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce87b5cb1959c694f13550e51bd4080cd13d58616d65f4e7286d0d9426a9eab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
x-oss-request-id: 62FE26955DE0AD20C09889BB
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: sMfMHVX3Hq4gkTjNHarP+Q==
age: 3166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3761
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 11:45:53 GMT
server: cloudflare
etag: "B0C7CC1D55F71EAE209138CD1DAACFF9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8I1FDNk7jPtYAIl%2BqtLASvJrTgZlLoSUUeXOXfq1V3MwYkP8%2FaqD1tpl19MPovZxNMVshV2Z3WSMq3xJv8M5TrveWaC0QLzjzGglEvKkB0oJs18vnLrlPzsY4fw5aw5%2ByukxuD5LE1HfsVGQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 756643cc5f10916b-FRA
x-oss-hash-crc64ecma: 11343718863388426580
x-oss-server-time: 1

GET
H3 200 1653836855007.jpeg
rantangame.com/images/ 30 KB
30 KB 20ms
19ms Image
image/jpeg 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rantangame.com/images/1653836855007.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ed0409e071ba78556d67ce2a4caf3fa839854b89a7dc00a2744c62eda4791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
x-oss-request-id: 62FE2A7776BD22CA22976930
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: uLRbPvQ/F8t9pn4THM/aRw==
age: 8094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30505
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 11:45:57 GMT
server: cloudflare
etag: "B8B45B3EF43F17CB7DA67E131CCFDA47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7FiNvyTeIPBFsNmkQpuBprPa%2BCAaqI0f89Nxhd1DD4%2B%2B6tL38uSA%2F2rmTtaWLDzQDPHoRgQQYyw9FGK6bUNBsU5wRYx9oEjlfWUN7kD9o1kEYAfsgSKAWYJG3JaWBajy7FbkZjVRvH6ZIB1dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 756643cc5f12916b-FRA
x-oss-hash-crc64ecma: 8821156781092570134
x-oss-server-time: 2

GET
H3 200 1653836846296.jpeg
rantangame.com/images/ 21 KB
21 KB 49ms
48ms Image
image/jpeg 2606:4700:3034::6815:2792
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rantangame.com/images/1653836846296.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2792 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4096aecc6ec2e31fff8900b8b51295255269578bb7b81fcf6e9a5f219d04a66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/4259.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
x-oss-request-id: 632D9FD076BD2213D2C8EA6E
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: LtVjxE5Wilv/sAl0yU0iXA==
age: 1807
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21091
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 11:45:54 GMT
server: cloudflare
etag: "2ED563C44E568A5BFFB00974C94D225C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwW5%2BRZQF1Kt%2FNmGM7TRH6vtDU4u6SsARRNwqf2nWkZDOm99bTBZJV1X4n8dzWa%2FZHZyECzSqaT5LoHsJV%2FvsZp1b1Ml0ljts8RXUuv%2FF%2FeC7y2aY9CpewqGKGl42%2FnHoa67q6Cq1j8iynf0lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 756643cc5f16916b-FRA
x-oss-hash-crc64ecma: 7404146645827069032
x-oss-server-time: 1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 78ms
38ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62e4b075c1b51d42a7e4e1fd911947016a0e9580538bfdf92486e5791fbfa228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11197
x-xss-protection: 0

GET
H3 200 container.html Show response
1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A3A 6 KB
3 KB 47ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rantangame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:23:27 GMT
expires: Sat, 07 Oct 2023 11:23:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 113ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 11:23:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2A3A 0
0 57ms
54ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClzpxLwxAY5-NOIGT7_UPw9GqoAnJntKxXNWdkfdwwI23ARABIABglbKVgqQHggEXY2EtcHViLTEzMTg2NjEyNzI3NzY1NTjIAQmpAiPQxwc_b7A-4AIAqAMBqgSXAk_QVKseFUg8NonPUyLN-3jDcJqH0jT6Mh6Fy6r1L58hWNUT1ZLF0SIKoqolMvlBetDWGwUNrB2X6ZMp0BMAVoBTKt0bahUIbq4R-CUrfbbuFuhrLQzzYm0vuoth0cwSxov_xPOiZJRpUcFtDb6knT_IFo51sm83QTd5xPqixBtTWGuS7UluKm0uLTnGv-8XSX5kS2HH09_Q5J1Q_QWiN2h9e-BbagVX-7rjHimpr0g9jX4_njpd7_TRNyHXfcHH5tWZvTdS8jlW6rb7LW65MX1-QFdUdd1Fnpy_xXgWuDn8aLKzsTfyAGXgKbl4qbQEVhSvRX4o0AyMFjW0ZhmWN_PM0vJ7xgL9bttgjvt2YprJR1EN1X-Gx-AEAYAGl6b_ka3XtJHaAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTg2NjEyNzI3NzY1NTgY57od&sigh=dU5TVC_VA6I&uach_m=[UACH]&cid=CAQSPgCsnQUx_S0TMQbi3EINqmhd8NECmwfspQYZd7uozFJCU2RtltHoS7XIUMpsh99A39pHV05UxU32tV-P2J-UGAEgEw
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2A3A 0
0 183ms
35ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7OjE8c1rAL6AZ2DYgICAAAAW1jc9LHHZKin2QvKQPCQcBAvDEBjhB9f4CMhtKFcRnUAEgAA&wp=Y0AMLwAOBp8Iu8mBAAqow_eYZI24f_T3vufTnA

Requested by

Host: rantangame.com
URL: https://rantangame.com/4259.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 207074
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F81D 139 KB
48 KB 247ms
76ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0AMLwAOBp8Iu8mBAAqow_eYZI24f_T3vufTnA&u=%7C%2BILS69oHzofTIY8LYYpJycxNQSZBaXznhO38B%2Bl%2F6Gk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEgLdvtfj9EXEpQYgfDysoogy3vUWzg6a4-VOAE04QEPfoVu1Rff3I1pEaJQOCxDJe_BE-HQkuTJPL4ZzpIcecbL75xq3Tpd9MJe5AT-AaQUcJigVC9H-qfgIQFHNgTxEWykN_aYSXLCKKB5z3bU1DksaQdJf1QXEMB3rwpRtngLhOFiHmbDEXfZZB1vegJlZAVDpv4Y2w39mSRnYywFYUXhk5n--giLjE93u33hLpatIa7_eMkWaXGIpnyo6fryPoHbLelQDpKwgaeq9SNoUzrQGNenw5AZg0kPe03TQ9l4XyCB1vPZQQPRa2ebY2O2j82ZABXYQSpnoCJAdo9HiAYoWe6yOPQDqV4BB6ehkbdO6SyvEt_0DDDDWVtg2He5jR3TxIPRSXy8F46WtCrJWpbkzUtyxnw4iAIwHhvL2wPm96z-f3S-w3SOemm4bSjHXyiBgGfjpyCl2lCu0x5Qe8fz62PROLKe07AY4mAVpQWlMKL5h9RbcWDLmUGSzAxesUCtuNoZH6I4nJwrgpqt0fqeqmkNLcGuwWqA61BDnVv6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-y5pLwxAY5-NOIGT7_UPw9GqoAnJntKxXNWdkfdwwI23ARABIABglbKVgqQHggEXY2EtcHViLTEzMTg2NjEyNzI3NzY1NTjIAQmpAiPQxwc_b7A-4AIAqAMBqgSaAk_QVKseFUg8NonPUyLN-3jDcJqH0jT6Mh6Fy6r1L58hWNUT1ZLF0SIKoqolMvlBetDWGwUNrB2X6ZMp0BMAVoBTKt0bahUIbq4R-CUrfbbuFuhrLQzzYm0vuoth0cwSxov_xPOiZJRpUcFtDb6knT_IFo51sm83QTd5xPqixBtTWGuS7UluKm0uLTnGv-8XSX5kS2HH09_Q5J1Q_QWiN2h9e-BbagVX-7rjHimpr0g9jX4_njpd7_TRNyHXfcHH5tWZvTdS8jlW6rb7LW65MX1-QFdUdd1Fnpy_xXgWuDn8aLKzsTfyAGXgKbl4qbQEVhTtR1-6V4MQBYoocrpGClU02-ZxcAjTdlnURsbQkCXXa0mIf_uVeJRkL-AEAYAGl6b_ka3XtJHaAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VpJDnZhIjp3xzWRPrQakIPfqP0w%26client%3Dca-pub-1318661272776558%26adurl%3D

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08022c2c0caa47160323bda46fc4fba05d4b492600cb716b92a0cbccfeab7598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:23:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=V_LXp2eX7QtBRHBkXSgNhcf7CzdNLS8tm9GMnNWBJSxTcUjGNl5XZLBrstNSKqmWoztoUAv1g8qn9CRnHLnbHptyDAjl5lKWdEqPNsGoxtYnb118rUnvMui-00_mvB1Xgey39mWxDbC1l1stTGdo5nvNJEKCm_gxjr_JRZvfqnkMpQz0zieOCwempAjVIsdN6e3X50_DnImO5XJOTtMXuPHGvS0MjxnVq3R6YSNJ1ZvL1pHhPa5dB_CouFRP_avrckhwsA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61795063
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 2A3A 3 KB
1 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 11:06:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 2A3A 17 KB
8 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 11:21:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2A3A 0
0 71ms
24ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhTik6aGmpXUucpwfvhxXxWT-PezDUxW2NrqaOxpPpK0aDayth9EELMVUI176oQYPJuF8j-U0ThuiQEpBlVIneL34ruw
Requested by: Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2A3A 22 KB
7 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Oct 2023 09:55:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A3A 142 KB
45 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 11:23:28 GMT

GET
DATA 200
OK truncated
/ Frame 2A3A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634d8168d07353f9f1437f2a8e88cab5e18a0c521ad02fe3600bdaacc53ce2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 705D 13 KB
5 KB 53ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rantangame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:17:06 GMT
expires: Sat, 07 Oct 2023 11:17:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C28C 783 B
536 B 62ms
27ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7dcd0c56f7904a126f542643bcb73492043df079bcded0231bedcdc6334108d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-46ORJ7jSbHTKqfaZET8h8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rantangame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-46ORJ7jSbHTKqfaZET8h8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:23:28 GMT
expires: Fri, 07 Oct 2022 11:23:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C28C 0
0 85ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100301&jk=1526233357298290&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 705D 36 KB
16 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 09:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 09:25:53 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F81D 2 KB
1 KB 61ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0AMLwAOBp8Iu8mBAAqow_eYZI24f_T3vufTnA&u=%7C%2BILS69oHzofTIY8LYYpJycxNQSZBaXznhO38B%2Bl%2F6Gk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZEgLdvtfj9EXEpQYgfDysoogy3vUWzg6a4-VOAE04QEPfoVu1Rff3I1pEaJQOCxDJe_BE-HQkuTJPL4ZzpIcecbL75xq3Tpd9MJe5AT-AaQUcJigVC9H-qfgIQFHNgTxEWykN_aYSXLCKKB5z3bU1DksaQdJf1QXEMB3rwpRtngLhOFiHmbDEXfZZB1vegJlZAVDpv4Y2w39mSRnYywFYUXhk5n--giLjE93u33hLpatIa7_eMkWaXGIpnyo6fryPoHbLelQDpKwgaeq9SNoUzrQGNenw5AZg0kPe03TQ9l4XyCB1vPZQQPRa2ebY2O2j82ZABXYQSpnoCJAdo9HiAYoWe6yOPQDqV4BB6ehkbdO6SyvEt_0DDDDWVtg2He5jR3TxIPRSXy8F46WtCrJWpbkzUtyxnw4iAIwHhvL2wPm96z-f3S-w3SOemm4bSjHXyiBgGfjpyCl2lCu0x5Qe8fz62PROLKe07AY4mAVpQWlMKL5h9RbcWDLmUGSzAxesUCtuNoZH6I4nJwrgpqt0fqeqmkNLcGuwWqA61BDnVv6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-y5pLwxAY5-NOIGT7_UPw9GqoAnJntKxXNWdkfdwwI23ARABIABglbKVgqQHggEXY2EtcHViLTEzMTg2NjEyNzI3NzY1NTjIAQmpAiPQxwc_b7A-4AIAqAMBqgSaAk_QVKseFUg8NonPUyLN-3jDcJqH0jT6Mh6Fy6r1L58hWNUT1ZLF0SIKoqolMvlBetDWGwUNrB2X6ZMp0BMAVoBTKt0bahUIbq4R-CUrfbbuFuhrLQzzYm0vuoth0cwSxov_xPOiZJRpUcFtDb6knT_IFo51sm83QTd5xPqixBtTWGuS7UluKm0uLTnGv-8XSX5kS2HH09_Q5J1Q_QWiN2h9e-BbagVX-7rjHimpr0g9jX4_njpd7_TRNyHXfcHH5tWZvTdS8jlW6rb7LW65MX1-QFdUdd1Fnpy_xXgWuDn8aLKzsTfyAGXgKbl4qbQEVhTtR1-6V4MQBYoocrpGClU02-ZxcAjTdlnURsbQkCXXa0mIf_uVeJRkL-AEAYAGl6b_ka3XtJHaAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VpJDnZhIjp3xzWRPrQakIPfqP0w%26client%3Dca-pub-1318661272776558%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F81D 2 KB
1 KB 75ms
29ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F81D 308 B
636 B 50ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F81D 293 B
621 B 53ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame F81D 43 B
348 B 219ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-FWYOgIWcaTLIj4l-dYftwivEF_m6EMB2g3XjChgZ_BsSv84WS-stAoAdJIhPYgJHm4WiNhihXYmBe8OzqQVplLCZMYcP_EJGlGrkofczI2hfbXMO1SJSM-LO2ofDA6CNFwo1bsiXHBTF5rmjlN_LzlsB5CdSnWuB7r5VN8DPos7B-7pm1kp0qDjT7AjQJOSfuklfRYuF5ziQzuwj-Zlgt7N5ne8KZ_kRzIUZ3o-2JmVzqGsTP9XGLeBoWjvkbi1ffPDafoLPib0IXt594aftoVBkYv524sxAC0Od2-uUrGNKUiCfQ5gNzoJlm1uCQ4GRp8-hAT7X6CWxx1JWSjN4W1hlpkjChMpbFoTwiWD63dHbcBSz-2Tn59T3BCYRTWQi033wYHlYP3VMrSEu83TitkBVgxHLhWIxYXXroRLzUpew4Tz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 11:23:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3073855
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F81D 12 KB
5 KB 38ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1945714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8XE6nBSOts%2BnkhCeK42YU742d5mjzJ%2B%2FBCob%2BqRX7uBYnWGQj0fiXPqG2TI2zmU5RIHFR9c5XL7Mqbxf81D%2BN4HjnxTJeNt8S6XLCVc2Uq6NLRtVusgJAgFdWHTbi9Ev%2F%2FOgxkaJDqc%2FNYo9bYBxfxN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756643cf4b86920e-FRA
expires: Wed, 27 Sep 2023 11:23:28 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F81D 12 KB
6 KB 40ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 58c75efece344ebfa9a2c55cf3f7f0b8_gil___.woff
static.criteo.net/design/dt/ Frame F81D 41 KB
41 KB 43ms
14ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/58c75efece344ebfa9a2c55cf3f7f0b8_gil___.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a049b746d5a16d9e2ffc5c52c9dcdb88ad3ae95a8159ecab60517636129e6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 22 Mar 2018 14:42:43 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5ab3c0e3-a414"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 e16bbeb08cad4eed824b4aba70e9b3a6_gilb__.woff
static.criteo.net/design/dt/ Frame F81D 40 KB
40 KB 69ms
41ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e16bbeb08cad4eed824b4aba70e9b3a6_gilb__.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

07a19f4ab2cc2f9c0f975221e3ec83b1d1f00de764e366a1b2706a32222b1401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 22 Mar 2018 14:42:43 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5ab3c0e3-9e14"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F81D 81 KB
81 KB 108ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=12626&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12626%2F220929%2Fbe7a553f813145198e58488a4dde33cc_img_vertical_1.jpg&v=3&w=1200&s=180R4Q1Wd2f0uM2ua8pX9uJ-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4f141d62caf54be459c91f623967a6a193934a353c2f9210ae924d0d0d5c9f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30451333
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 82944
expires: Sun, 24 Sep 2023 22:05:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F81D 6 KB
6 KB 148ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FSBU08A019-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=lcrS3qzBbsrJMxBYTUK3-iJF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ba22ea54f21587cd79bcef90b92454e686bf7ce4c170beac197fa3ed89e20e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6040
expires: Fri, 07 Oct 2022 11:23:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F81D 9 KB
9 KB 142ms
51ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FRIS2458914I-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=GGVmpWbkEezuxSx4evVC0sfm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5da834c7db5f7b599d231bf091c8a164083c7997f94783c38e4a236c54b1ddf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8740
expires: Fri, 07 Oct 2022 11:23:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F81D 6 KB
6 KB 150ms
59ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=12626&q=80&r=0&u=https%3A%2F%2Fwww.intimissimi.com%2Fdw%2Fimage%2Fv2%2FBHHR_PRD%2Fon%2Fdemandware.static%2F-%2FSites-INT_EC_COM%2Fdefault%2Fimages%2FCGD66C019-M.jpg%3Fsfrm%3Djpeg%26sw%3D400%26sh%3D600&v=3&w=400&s=D-FQeitZ8Xx8dl7yWkrCLuOh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

26ec2c9c50740d15c0f2d08eac1a4e5e05b0ef6389e2df4f13e0a96ab9fdd09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6102
expires: Fri, 07 Oct 2022 11:23:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F81D 0
128 B 85ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=V_LXp2eX7QtBRHBkXSgNhcf7CzdNLS8tm9GMnNWBJSxTcUjGNl5XZLBrstNSKqmWoztoUAv1g8qn9CRnHLnbHptyDAjl5lKWdEqPNsGoxtYnb118rUnvMui-00_mvB1Xgey39mWxDbC1l1stTGdo5nvNJEKCm_gxjr_JRZvfqnkMpQz0zieOCwempAjVIsdN6e3X50_DnImO5XJOTtMXuPHGvS0MjxnVq3R6YSNJ1ZvL1pHhPa5dB_CouFRP_avrckhwsA&sds=2&rev=83041&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 11:23:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F81D 2 KB
1 KB 42ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F81D 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Oct 2023 11:23:28 GMT

GET
H3 200 container.html Show response
1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1209 6 KB
3 KB 20ms
16ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rantangame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:23:27 GMT
expires: Sat, 07 Oct 2023 11:23:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1209 8 KB
1 KB 310ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 11:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:57:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 11:23:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1209 2 KB
902 B 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 11:19:40 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1209 0
0 69ms
68ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu9K-MAxAY92YA-2y9u8Pg6CvoA6usbbabI-CnNTQEGQQASD_vMgsYJWylYKkB6AB54_O2QPIAQmpAiPQxwc_b7A-4AIAqAMByAPLBKoEiAJP0Gi11FDRRAUJNp_F7AgHZ56GwBk_SyasIx60TEy_0tIrwuqQEFHJeIz_It5osAxcGEcZ4MZqVsc3iUutt6iQtWmwuHejLkfhKC3749QmWChXw-zJl0jVNdWIDPR1H0ZQxxTGrp3Y7miMT7IK2qv17s0_2IiZflyqddtK0hF1pN6ieZDP5Qe6UAWM32T54dNoaHAedrofd4iIaGDS7ddqAY44q985Umi9eNhhC3nU53sGJ0wd7bsllecl-GZE6ZItSZouzHRuxpVFBQrJg4yDYmaV8Al2inXRTnjXNHbFvDd6af3LFK6lnUUcUGHDlLUKrhXvPF14Ma6c2cFMAqiT7rNkMQBhhMjABMmOxMGTBOAEAZIFBAgEGAGSBQQIBRgEoAYugAeB8LEmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2P8S0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsBmAz6k6yzmQS4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTEzMTg2NjEyNzI3NzY1NTgY57od&sigh=D6A5FJgvNEY&uach_m=[UACH]&template_id=515
Requested by: Host: rantangame.com
URL: https://rantangame.com/4259.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 1209 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 11:20:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1209 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 11:06:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1209 17 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 11:00:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1209 142 KB
44 KB 94ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 11:23:28 GMT

GET
H2 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame 1209 32 KB
14 KB 273ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H3 200 10351970129719401963
tpc.googlesyndication.com/simgad/ Frame 1209 3 KB
3 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10351970129719401963?w=100&h=100

Requested by

Host: 1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91de9f55720c4fb5ff7010f2389f4f4951d677f43eaf50ce2c4aa2c2d2c5b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:31:34 GMT
x-content-type-options: nosniff
age: 125514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2865
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 13:09:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Oct 2023 00:31:34 GMT

GET
DATA 200
OK truncated
/ Frame 1209 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1209 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 705D 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0vd3vQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:23:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1209 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fb8782bc2d460db59ec72dff8f543c5c002d375e3aa0aa6b4b2aa8b256c754c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1209 28 KB
28 KB 77ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 182325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:44:44 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DB9 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: rantangame.com
URL: https://rantangame.com/4259.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 06:42:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A3A 42 B
64 B 116ms
67ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJhY32dU8Qhw4MzjHbZTNX76GKOJTG11cV1nItXRxisOXDg5LoYcBsyiXn1iW_n1G9EZJTyF8OidHbKmEaLC3Cwuc&sig=Cg0ArKJSzNhX6eWFDlIREAE&id=lidar2&mcvt=1071&p=257,650,507,950&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2006883896&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665141808110&rpt=261&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 11:23:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100301&jk=1526233357298290&bg=!qKulq-_NAAYQgTJdMIE7ACkAdvg8Wrr6fzn-dbtILv29EEXIY27DPoN87_ukw-mlLfbcSvKBUbVCpAIAAAHlUgAAAANoAQeZAwYKSrtQSqWDoU_TJJkVOChGMevW_iRNxrQl29RNVbyNlgfAjCQO5ytSwvo46Rw5ls3KIm9zY1QpNfWaEkes1FxDXTBiBVI0WaMXevitO2QM6ToGqY5V1UYWUmyrfhfnCbZ-yxeBe3M-7S7MMJk02tMa_11HJgvexi5PmGcm3M8A01yrrI54c5O7vgSdFDPwR94odZVDUzezKlRNLZygvbVuAwrCmg3FAQOmugd3mSoYSjt9fCPRBPtYor-E2DEUTMtS3QyM4tjCgOLysrGaNXecNgjOZXgAM0mCRxYXVZ5A1SAzzz6dn42h1zWkrBLyhr8OhvWzTtn_sM7T9zQHP1G8FBnSa6ODd8lnxvIGsjrNXms3glQg8kyEqlNnMDwji2XAhMGIi0zLQa6vv61doamEGJWRPTwxBhZqLp5f7DIxoE9vlrY8DNm28BUesIK6PKNjzKm9Sn24FPWCgg7iejy9q7YAgjuNOMVQsjILYBDff2K591zNx7SQHZCPps3MqScR7OfBk0zTuMFlXEZWht08lNa5UhID1GP_UH8DH-XiHx2H5yzzRglmtbdkouy_cah5L7Odq8jRwVRR1in2N5Cd0Rdmd__EOkAvR2TaPNF7dM2LtwFqh0d-qucPkNPkCl80C2DzbAIXzxEck-gvki-Yji9pV8wAKp5O8Q9bzZ9NMXL3MlRPu0g_f5RhE8c0YQ1gIswaiLZ0K3y4Y3ZcS8uUCTSl7eHxegRqukqmlpWLmQAll6PRqCe9rulFFe-_1T4IcxAjjteJ46atmn7ENcr-LPGDc6tse0sdrTJq4gubCYYCqZB_LrvpEF-ZTP7iBrxtAWTpgHsIYQePK_39Lhd-5ADX3lyOsbDqNq8NwDw-zgJX5GQj0mtiVhrGmJgKrvzXRJU49I1L0DFCBIgfycFLwN9N2mrAM6SWHZDkUG7YdSKuJA4sCfy5LcrVaH6a9-jWRmUU1kTUR4iYUCUW_zkTEOhzE4rBlutJyutCdFUNDBfPifDOMz2ahyB8mVLkfVbLotzdGSM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rantangame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame F81D 0
127 B 18ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 11:23:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1209 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRxcEpBjLJsy9w9SGtZ0CyTTAYF_qPBU2Yn9s12RO1hPFhiJCdpYI7h5kSz34l0Dy9KKqyePRaiBn00KeX637GuMyMyVM1o9dI_3Zq82FDj5Iodq23oGmulKKcrzRacK2dbqkRH_Kp2fwSVRYOYQik7hpy6FfMnKG89khnyQSpJvfd3yBrZ0W72wOSA2nzZgMKigZ_XsX7c4mRu9lFWP-1EVDHULBVsPkWr-CJ74ScEpH66dR-EboLGas5RjdYhQ4nMcZUTGCPbsyYwvwMEgnRMt04bcRmMbSMx_2K1mbzfWfq00Nq4TFILn0dVz8KOOAqjpucx9ijORya2Qx1F0xuRg8UO2YJGa59B-U-p9VEzmnx4Bvxf4IQArWNiemEbi7sufGwt4kQnykGRNgkrH26nQPCrA8manZlrSBEzrxP3QuHp8zjmgbxqBSdeHz7oqBYwhXblCaV58lme9nFZLxeuNwWB2ZCyDREpCmfIv0cOubSMrkfau3MqSvOvDcwYEQ2wV5VSsfO4yHGSFMTXqZJ7Jnvux_Y85dxYjajv2K-bK09LRlXG9TZsjwegAm-iKyDeYFWM6A_Pkmm4Eqct5NSfqWtLNskHrffhSmYIgGAqwzEFGOWdAHlm7dfFsAFFl2bPfnJG9XB4PWZCJ4OWENyOvfFUATUjYrdK3JSz6V8_CcqfesvVpACl1RsjgXH0lTXpmDIP-G7WAZ6cJ4sGySqNh4TsSB6wetqXgR5gAKPUeDn7TCeP-IC4lfcCBEehJAiPciiQvfVvZo9YLHSD75G9M3wYyW0BSO0jQIxh3VcqMtIeCefGuT8U31FXhSTjBKYkl9S9dzD7SOk3ahlS0qQi74LzHsZmd5teyI7KFFK4izF25WH8SL3P4wCFEVmnlRNdeTZ9dYRiOerf4vR3lPUpN2RJRt87rjr0EZK_gvl5afygfy_Br6ysiSlHO0VdXVU0mgv9cGRY2JcSrrgTAlKg7NfxZMW_AWwvMMdwFKyPEwYMDV8M8jO5VNIwNc_zessZt7_85FwELtiJu6TYF8qv6Tc_ze6s35gMbIvABmyliDQ8HERWvK52A5sJ0tz9LZrWNI_nL7O8Z7Yt7JJWzHocSq44069uaw7FVpLmFj5HRUUZ34S2OwPcUNY9oDMBJ7d&sai=AMfl-YSbdF76scXOreFN8RXhuH2vpA2BS2CeWFlYRvr5AeXCSXiZySTKl3-RLMPYAdv9lMR55cuJrCtJwcdslVyxKY1Ftzd49ZsoC43equFD1Q5q26K4rVDgGTZpjLTY-U7A-EoBZXGpL32DBnYlIv5Z&sig=Cg0ArKJSzJJ8flZJ_uViEAE&id=lidar2&mcvt=1000&p=1148,640,1198,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1593453451&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665141808725&rpt=489&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 11:23:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rantangame.com/	1970-01-20 16:08:21	Name: _ga_QDPC64DQL5 Value: GS1.1.1665141807.1.0.1665141807.0.0.0
.rantangame.com/	1970-01-20 16:08:21	Name: _ga Value: GA1.2.626851825.1665141808
.rantangame.com/	1970-01-20 06:33:48	Name: _gid Value: GA1.2.618618536.1665141808
.rantangame.com/	1970-01-20 06:32:21	Name: _gat_gtag_UA_234230474_15 Value: 1
.doubleclick.net/	1970-01-20 15:53:57	Name: IDE Value: AHWqTUmUBJU4uL8RUrXMsZ3xfV4rlAU3Y0lQdHAW3bAb92hkjpgUybXuk3inTvNYEfQ
.doubleclick.net/	1970-01-20 06:32:22	Name: test_cookie Value: CheckForPermission
.rantangame.com/	1970-01-20 15:53:57	Name: __gads Value: ID=a8ee41b688b1131b-222d05673dce00d6:T=1665141807:S=ALNI_MZa7Qz8u7_m1UeqE_rQAl2zzXfBbA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fadd1c31e328cca5cdaf93d8ea39054.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
nutraoneday.com
pagead2.googlesyndication.com
pix.eu.criteo.net
rantangame.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.98
178.250.0.139
178.250.2.148
178.250.2.150
2001:4860:4802:32::36
2606:4700:3034::6815:2792
2606:4700:3037::ac43:d620
2606:4700::6811:180e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
07a19f4ab2cc2f9c0f975221e3ec83b1d1f00de764e366a1b2706a32222b1401
08022c2c0caa47160323bda46fc4fba05d4b492600cb716b92a0cbccfeab7598
08d561ebedc3ea6670f0f1b1c8cd20f892704cd5a36746e0d61906ffa0d1ebd4
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26ec2c9c50740d15c0f2d08eac1a4e5e05b0ef6389e2df4f13e0a96ab9fdd09f
27c473eef05d41adb8428c57e043d1dbac063b4930afdf3a107e899ff31ec4a6
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f141d62caf54be459c91f623967a6a193934a353c2f9210ae924d0d0d5c9f6b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b884bc89b2c615c5cb3da0e715a474dfc86095ddfefe35b2b3412ddf28e391d
5d28363aeb7f483ddc37353088e0bca6b414b0580db8b6511ef161e75f3cda01
5da834c7db5f7b599d231bf091c8a164083c7997f94783c38e4a236c54b1ddf0
5ed40f72f6cc6b14c4fe71de4291eb9ab796938b7bd696f528d47327067dce6d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e4b075c1b51d42a7e4e1fd911947016a0e9580538bfdf92486e5791fbfa228
634d8168d07353f9f1437f2a8e88cab5e18a0c521ad02fe3600bdaacc53ce2e7
64b82409f6a3add1a309de55ca6765b401f31b3d9eca29c90069d777209983a2
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
6624150eebda9ee32a2473b061c2b25dd0600b4ea7424a6f8d3e8df9072c0007
6a571ca68ae0bc6c0a482fa8f5829fb2576a060b5c9df9c77deea2eaa7de5820
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
839ed0409e071ba78556d67ce2a4caf3fa839854b89a7dc00a2744c62eda4791
858208d63d7d765ad745d13a457e78d892ecdf86316d071c759852351b20d19b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fb8782bc2d460db59ec72dff8f543c5c002d375e3aa0aa6b4b2aa8b256c754c
96ca20cf9bb83be25b0089418d5607862e3e442d059bc46ad0bf891c85101825
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a049b746d5a16d9e2ffc5c52c9dcdb88ad3ae95a8159ecab60517636129e6d3b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dcd0c56f7904a126f542643bcb73492043df079bcded0231bedcdc6334108d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acd7cad762b06a87b5d0d1b38e9d603ad7d6bc2aecdb3ebf11dd75d9805c5468
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba22ea54f21587cd79bcef90b92454e686bf7ce4c170beac197fa3ed89e20e02
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
ce87b5cb1959c694f13550e51bd4080cd13d58616d65f4e7286d0d9426a9eab9
d53b805d883a249c7456eaf582b3ee9491839c250d3110f0292274f2511f6274
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4096aecc6ec2e31fff8900b8b51295255269578bb7b81fcf6e9a5f219d04a66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6b8afcbf3269216d894c35533bbbf52c65bbee38d2620c955fb7a6d0d217f1a
f91de9f55720c4fb5ff7010f2389f4f4951d677f43eaf50ce2c4aa2c2d2c5b6c

rantangame.com Open in urlscan Pro 2606:4700:3034::6815:2792 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

83 %IPv6

14 Domains

23 Subdomains

24 IPs

3 Countries

963 kBTransfer

2082 kBSize

7 Cookies

0 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rantangame.com Open in urlscan Pro
2606:4700:3034::6815:2792 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

83 %
IPv6

14
Domains

23
Subdomains

24
IPs

3
Countries

963 kB
Transfer

2082 kB
Size

7
Cookies

73 HTTP transactions
4 data transactions