r.mtdv.me Open in urlscan Pro
172.67.179.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://r.mtdv.me/FULL-NPC
Submission Tags: falconsandbox
Submission: On June 18 via api (June 18th 2024, 10:34:18 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 57 HTTP transactions. The main IP is 172.67.179.32, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.mtdv.me.
TLS certificate: Issued by GTS CA 1P5 on May 30th 2024. Valid for: 3 months.

This is the only time r.mtdv.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	172.67.179.32 172.67.179.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::5e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
57	15

13 172.67.179.32 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.mtdv.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mtdv.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mtdv.me 1 redirects r.mtdv.me cdn.mtdv.me	95 KB
9	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347	409 B
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	911 KB
7	gstatic.com csi.gstatic.com fonts.gstatic.com	204 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 726	128 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136	220 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	6 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	23 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 814	30 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1267	28 KB
57	10

	Domain	Requested by
12	r.mtdv.me	1 redirects r.mtdv.me
9	region1.google-analytics.com	www.googletagmanager.com
9	www.googletagmanager.com	r.mtdv.me www.googletagmanager.com
4	fonts.gstatic.com	r.mtdv.me fonts.googleapis.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	csi.gstatic.com	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	r.mtdv.me pagead2.googlesyndication.com
1	fonts.googleapis.com
1	cdn.mtdv.me	r.mtdv.me
1	cdn.jsdelivr.net	r.mtdv.me
1	code.jquery.com	r.mtdv.me
1	maxcdn.bootstrapcdn.com	r.mtdv.me
57	12

This site contains no links.

Subject Issuer	Validity	Valid
mtdv.me GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://r.mtdv.me/FULL-NPC
Frame ID: 404751ED6D6E27A2DA8FAF518E98960D
Requests: 55 HTTP requests in this frame

Frame: https://r.mtdv.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: FCB8FE3851702DCC316D88E3FE879380
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Videos - Entra wuant

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

82 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

15
IPs

3
Countries

1645 kB
Transfer

5295 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://r.mtdv.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://r.mtdv.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request FULL-NPC Show response
r.mtdv.me/ 10 KB
4 KB 537ms
505ms Document
text/html 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9345d01343f55811cfc516646400b820181eb408d80a8f1986a3fa190b0d07a7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 895ebecd9d8990ec-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 22:34:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1KDrmDA8uppK8rO10TfKEj8RYEAJV%2FZZoPGL3FfGsuNAVMD7WBON%2BYGHSJiS9GYVotsfLL0xpkOpZLMDxwkU5WgN1xD7zNXh4zwjeOGfnbbm%2BhRbho%2BJjvPwlU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-response-time: 42.63ms

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
102 KB 53ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21f3b9485bab5e0bfb7cb4e2d08c50664c94e7623845715ce527f0ef08757cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 85ms
61ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c3a06889c42cabd592c7ba87bdeaff9052d32275c776b9a8a550d79c04887ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Origin: https://r.mtdv.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52601
x-xss-protection: 0
server: cafe
etag: 17622868299454204511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
28 KB 47ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 865
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 627785
cdn-cachedat: 05/29/2024 18:09:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f5808b250b701fc3d154a96e76c2261d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 895ebed0fad42bbb-FRA
cdn-requestpullsuccess: True

GET
H3 200 thumb1.webp
r.mtdv.me/assets/v5b/ 6 KB
6 KB 171ms
171ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumb1.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c9eb6550cd1f650e72e01062f771afb836162733b50a9fc1992736fe839e6d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumb1.webp
alt-svc: h3=":443"; ma=86400
content-length: 6068
x-response-time: 0.86ms
last-modified: Sat, 08 Jun 2024 17:29:11 GMT
server: cloudflare
etag: "1717867751.0-6068-2051674219"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2enykBuXXdOqUWeJm5zJTlyScpXSl0l2rZVrc5imyQKUuO76Vvxp2PxjaoGEpmx3jRRp6Z1wN8KJf4yLeSTMsTBTIkApPDHwP4J%2F0OB3PkUh6KWQK%2BxN5wEPM6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0cf9190ec-FRA

GET
H3 200 thumb2.webp
r.mtdv.me/assets/v5b/ 9 KB
10 KB 408ms
408ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumb2.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8783515f645c0a85fe5598514b28e60c9e85003a4675d73e49746585cb97c7b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumb2.webp
alt-svc: h3=":443"; ma=86400
content-length: 9724
x-response-time: 0.86ms
last-modified: Sat, 08 Jun 2024 17:29:11 GMT
server: cloudflare
etag: "1717867751.0-9724-2052067436"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw6LdrnDsXqHX4ndqTgrZT5r%2BTBT%2FPF%2FavxoSRt0jr3guoWEVNftauTEbAnJKalpWMKDUtv1BSf1Vf7PiSKUU%2BgqBktLvocncR5l9LNn%2Bxzh%2FjfFuXs4gl%2FhYq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0cf9690ec-FRA

GET
H3 200 thumb3.webp
r.mtdv.me/assets/v5b/ 9 KB
10 KB 413ms
411ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumb3.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46bcd43ac66700f4913cfff99782429bbe33acd55fb2d579156963c53659b31c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumb3.webp
alt-svc: h3=":443"; ma=86400
content-length: 9460
x-response-time: 0.81ms
last-modified: Sat, 08 Jun 2024 17:29:11 GMT
server: cloudflare
etag: "1717867751.0-9460-2052460653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BYp7NdbugCNQt78IHOm7MdIwmCp5dQvQCTvzYR0ogO7hZC7%2FyCFI1HvY3OC8B6CLZ8XU7fTJfdEPyvDCJLSNuwdC41Eiqg0tWplWUj5znUN0FsVdTmdu%2BFM6i0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0efab90ec-FRA

GET
H3 200 thumblg.webp
r.mtdv.me/assets/v5b/ 36 KB
36 KB 444ms
442ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumblg.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a248865f6ec28f8afd0965497baaefca4264dce479e4cb85efd58ec385242b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumblg.webp
alt-svc: h3=":443"; ma=86400
content-length: 36562
x-response-time: 0.81ms
last-modified: Sat, 08 Jun 2024 17:31:37 GMT
server: cloudflare
etag: "1717867897.0-36562-2363494669"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWrNOJ4TVN9HkH0lTbgpQOd3njgkKswsaz9UMJ6YzNGKRO9yl0yUbV5A47os%2B2xQ%2FAnvINgeJHxTLH9FokJGgPKG%2BHVmTQwAQSm%2FApiuIk41Ca5Au%2B3mS23duKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0efad90ec-FRA

GET
H3 200 thumb4.webp
r.mtdv.me/assets/v5b/ 6 KB
6 KB 384ms
382ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumb4.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04492fdeffeffcc132b862dd7f5afbf74075e391c0e7734f88dccde6b133434b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumb4.webp
alt-svc: h3=":443"; ma=86400
content-length: 5948
x-response-time: 0.87ms
last-modified: Sat, 08 Jun 2024 17:29:11 GMT
server: cloudflare
etag: "1717867751.0-5948-2052853870"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxZTBesoECgKjCs3w3RxfHxzEsjNd8YPONb0ewMywiUC6bT2NIKbv7BHoT7g8OB4zPEyRH2fYWPvM8W7ShbDZycwxX97oBNpzKmaO3PX%2FlOBhRwOQfrcZYmzAoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0efae90ec-FRA

GET
H3 200 thumb5.webp
r.mtdv.me/assets/v5b/ 4 KB
5 KB 376ms
375ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumb5.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e30debbf39a0b917b448d16ba4e1117a9bd28c9bf4de9a1d92e43adc0862938

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumb5.webp
alt-svc: h3=":443"; ma=86400
content-length: 4538
x-response-time: 0.86ms
last-modified: Sat, 08 Jun 2024 17:29:11 GMT
server: cloudflare
etag: "1717867751.0-4538-2053247087"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwhaZiPahCknWi6BsG8hHAubPxGxYm1gxwuj8OoQkIDLrRKtSwoHYUrUx2%2F%2BuoTjfs2e1YDXAY4uVY9RYf0VOHiRvmLYjbI%2BfUcua%2BM9PQZRgldGh5Lkmradx4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0efaf90ec-FRA

GET
H3 200 thumb6.webp
r.mtdv.me/assets/v5b/ 9 KB
10 KB 409ms
409ms Image
application/octet-stream 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mtdv.me/assets/v5b/thumb6.webp
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce57946c1d71f50a1ff2921340210a91940eda4b209c07b65f8c09b65fdd8094

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=thumb6.webp
alt-svc: h3=":443"; ma=86400
content-length: 9560
x-response-time: 0.85ms
last-modified: Sat, 08 Jun 2024 17:29:11 GMT
server: cloudflare
etag: "1717867751.0-9560-2053640304"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5qB7FYvRbUynjkUR397IDpb8cBeVadvfL6VzWnkfWz0XRF3ID1UK6xl219QU%2B1%2FOHcexo7dv10IpU%2Fp8Ep1lg9vi7mhFh5cnhkJTFb%2FyIOmFHJcZuqpKenDeHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 895ebed0efb090ec-FRA

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 32ms
6ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3430840
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-fra-etou8220023-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1718750052.010735,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9, 194056

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.2/dist/js/ 79 KB
23 KB 56ms
28ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3748451
x-jsd-version: 4.5.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23026
x-served-by: cache-fra-eddf8230130-FRA, cache-lga21979-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13c1f-OG6ovRfyEUnE46IwNmX+Y5jk59A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzwuQkosjvJAwFT08TvW2K6pfLUEqBGZ4IvIR0Ec94TafK3SPWrkq4B0pCgz3bUvAo39ROQ9KKXwag4Wy0EIMuUXH4pll%2BnPXErym1PTE3FKSM4GMvlyDqJUPThay7sfc89IqATsjAMa%2FpmZ7ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 895ebed1198a2c5a-FRA

GET
H3 206 rick.mp4
cdn.mtdv.me/video/ 623 KB
0 38ms
18ms Media
video/mp4 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mtdv.me/video/rick.mp4
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://r.mtdv.me/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
cf-cache-status: HIT
last-modified: Fri, 31 Mar 2023 21:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6326
etag: "606d1ff258ea6956030689bba79d2a31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2TvSv0lu%2FsJO8rgwi%2F%2FAbC6YwcjhllMZjqVMpucSVDFFsYuAdCCEadJZF5v2gPPHGSS3q9DMjiD%2Fq%2FJ5TsHiy3PgMRAyB%2BH1etM7hIjeZHN%2BRCcXeLq41AvgMktlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-16724502/16724503
cache-control: max-age=14400
cf-ray: 895ebed10fc790ec-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 16724503

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 39ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WCKGFQR8X8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c94037523c06eb72cdd50e003ecf482ede47aca18475d9060c9404bc2a0f3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102508
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 29ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z96VBEQQ7C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91cfc1f2c5284d433219ece9020231d7ab2413d5ae7bb1c3105c4b83b1abec43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102508
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 32ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F9NPV4G8YN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd9129b0cf51774985822d17280dd989fe2aad521aacd36d5cb16ab1d6928c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 37ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19713f2c70a9e86fce64b0f8aa375409863f658aaa083e5d72ef3edf94e89628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 41ms
36ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NSWGD717C6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fabf4c84bd4325ec3053384f7065d7c8de0e5b4150117e12ca97af108fbf5f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 53ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0JVRYDXEHV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a855ecbc5f1b2e76131bfbcac5fe8f1dd9990f8107f55685fe8bcfd9cdbe77e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
104 KB 33ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N75WS7XWCZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05765e4086b685c1616cd475ce7313b92757bb7dfa35188b65d6f2c909725ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
104 KB 48ms
45ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZK2C0410MF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9495cf6f1c8a5ed32607eec6eca7e9e36a3221e7e0a083164e23ffc3e248653c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106046
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 22:34:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 159ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X2WNN9J8QN&gtm=45je46h0v882066977za200&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=722&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/ 431 KB
145 KB 89ms
66ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me&aplac=true&bust=31084705

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d62597471796c2f40d09f7a251230a1cb5de554f6957ed7581fd83b957cb149b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148839
x-xss-protection: 0
server: cafe
etag: 9976501069615418593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 22:34:12 GMT

GET
H3

200

main.js Show response
r.mtdv.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame FCB8
Redirect Chain

https://r.mtdv.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://r.mtdv.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

14ms
13ms

Script
application/javascript

172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.mtdv.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Server

172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04d8a087d3334bed015769fd343961d1f23383b2eb64536aca3eff14ca9ec72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2LqJiM5WCsTlaU%2Bgeo5O3XfPZK%2BYaDbcbIUVVr7VXITnh35bDa9iXrVpmaLeg2IhkM1r6K%2BDKOXGHR2EQPRc7V31lDeRoMouuuX8tEXLAE2nr5%2FIIRi4obk8Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 895ebed258b690ec-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 18 Jun 2024 22:34:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0RRgDyZ18EOgLF1L3ns05mMQcjJOl86xhNU0r5SjflHQ0nGMzMpNbHvJIPUgFNjTBxOcJIvcVDdZDkDKwck%2FDLd0ZPBYPPk%2F0RbUG7qj65k05wyx1HeDCwkUF8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control: max-age=300, public
cf-ray: 895ebed2288e90ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WCKGFQR8X8&gtm=45je46h0v882066978z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=844&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCKGFQR8X8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z96VBEQQ7C&gtm=45je46h0v882066979z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=881&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z96VBEQQ7C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 14ms
14ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0JVRYDXEHV&gtm=45je46h0v882066983z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=933&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0JVRYDXEHV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 15ms
14ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NSWGD717C6&gtm=45je46h0v882066982z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=965&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSWGD717C6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 14ms
14ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JRQF757RS&gtm=45je46h0v882066981z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=996&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F9NPV4G8YN&gtm=45je46h0v882066980z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=1030&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F9NPV4G8YN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZK2C0410MF&gtm=45je46h0v9181555533z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=1081&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZK2C0410MF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N75WS7XWCZ&gtm=45je46h0v9181555252z8882066977za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=page_view&_fv=1&_ss=1&tfd=1120&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N75WS7XWCZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 895ebecd9d8990ec Show response
r.mtdv.me/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FCB8 0
663 B 30ms
30ms XHR
text/plain 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mtdv.me/cdn-cgi/challenge-platform/h/g/jsd/r/895ebecd9d8990ec
Requested by: Host: r.mtdv.me
URL: https://r.mtdv.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rjJGo9iBJOhPj32OQc5KZgvyuM4l7PaoAyUopRuMVJ%2FE9NwLAmOmV8AuCZWKF3s9CG5%2FxQy2EMk0s6KBjTu1DpZeaeiwom%2FeAkxRs8V52aXQW9gXwl5JJKjzzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 895ebed50a8590ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ca-pub-4005810911916944 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 76ms
34ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4005810911916944?href=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me&aplac=true&bust=31084705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a597139d1b0c82d254eafda6ed2342f96fb928692b0a78094a46acbbc493c60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y8sCgEcCtAh0xXI_V7jlIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y8sCgEcCtAh0xXI_V7jlIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yHnx8kfUkEAvxcDyZdmIzm8CFD_cnMStpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGJgZmukZmMcXGAAAWpE_Bw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240613/r20110914/ 61 KB
23 KB 7ms
7ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240613/r20110914/rum_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a981fda940c060fc23bab8a5202dee0453a5fc1f885d7c1d2bf7693cd8e3ee65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23918
x-xss-protection: 0
server: cafe
etag: 13879387702389650636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jul 2024 22:10:55 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 72ms
19ms Ping
image/gif 2a00:1450:400c:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lxkzeke1&c=1294740494597887&e=44759842%2C31084128%2C42532524%2C44798934%2C95334509%2C95334526%2C95334566%2C95334573%2C95334581%2C95334819%2C95334828%2C95335897%2C31084705%2C31061691%2C31061693%2C31078663%2C31078668%2C31078670&ctx=1&met.6=6.1_Cg0Y5QggXSoGCAMSAhABCgsYkgogQCoECAESAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240613/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXbdPXIgpNXda0UjqAZmqd_xf-N8Gm62-MUtd04MLE-QRKrz9npCY8CR45_FL5hcH_cT2tKeI7yjvoIW36DxU7bCynV5As6TK6bXP93COgIZZWuYHl7iNiFY4vYvq5hjHDO38e3Ug== Show response
fundingchoicesmessages.google.com/f/ 402 KB
62 KB 101ms
100ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXbdPXIgpNXda0UjqAZmqd_xf-N8Gm62-MUtd04MLE-QRKrz9npCY8CR45_FL5hcH_cT2tKeI7yjvoIW36DxU7bCynV5As6TK6bXP93COgIZZWuYHl7iNiFY4vYvq5hjHDO38e3Ug==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzUwMDUyLDkxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yLm10ZHYubWUvRlVMTC1OUEMiLG51bGwsW1s4LCJyTVcxX1dPaWpUOCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMwXfiOHWM7xtxi2Kda4yg7cqgrgXg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c18460236bf21c547e8e44150e6d3896345cf3e2f034a08b92befc4993ab958

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NAilU0K3rpbOESNL6zO0wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:34:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-NAilU0K3rpbOESNL6zO0wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yCnFzPJ12YjObwIe2LYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgZmhmZ6BubxBQYAoQ049g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 171ms
24ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rMW1_WOijT8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzMNwJ46tuMDAkOR46YIEEQwpsU5w/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jun 2024 22:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 22:34:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jun 2024 22:34:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
16 KB 109ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Origin: https://r.mtdv.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:59:09 GMT
x-content-type-options: nosniff
age: 27304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:59:09 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 85ms
83ms Ping
image/gif 2a00:1450:400c:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lxkzeke6&c=1294740494597887&e=44759842%2C31084128%2C42532524%2C44798934%2C95334509%2C95334526%2C95334566%2C95334573%2C95334581%2C95334819%2C95334828%2C95335897%2C31084705%2C31061691%2C31061693%2C31078663%2C31078668%2C31078670&ctx=1&met.6=6.1_CgsY0wwgaCoECAESAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240613/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 73ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Origin: https://r.mtdv.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:16:21 GMT
x-content-type-options: nosniff
age: 26272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:16:21 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 79ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: r.mtdv.me
URL: https://r.mtdv.me/FULL-NPC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Origin: https://r.mtdv.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:13:17 GMT
x-content-type-options: nosniff
age: 26456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:13:17 GMT

POST
H3 204 AGSKWxWkTgnLrobkYOYHTuUQpFBCXYL8u3pgDZb1G4mqBxs1eNjkCGEvwoaqN41TeUU9IEZtWXUAHx-06naCp8VHnkaRgmASZ6CP_3fo1rkRTDlFoTRBGh2Mb59XdmKf1h0xfW8Bdhlq3g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 76ms
18ms XHR
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWkTgnLrobkYOYHTuUQpFBCXYL8u3pgDZb1G4mqBxs1eNjkCGEvwoaqN41TeUU9IEZtWXUAHx-06naCp8VHnkaRgmASZ6CP_3fo1rkRTDlFoTRBGh2Mb59XdmKf1h0xfW8Bdhlq3g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yqQxSKC8YtIXDVhwi9Y6iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 22:34:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yqQxSKC8YtIXDVhwi9Y6iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwcT6ed2MwmcGHT1AZGJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGZopmdgHl9gAABKmiuu"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWkTgnLrobkYOYHTuUQpFBCXYL8u3pgDZb1G4mqBxs1eNjkCGEvwoaqN41TeUU9IEZtWXUAHx-06naCp8VHnkaRgmASZ6CP_3fo1rkRTDlFoTRBGh2Mb59XdmKf1h0xfW8Bdhlq3g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v3BkYCCEE8tLxjC09h5J7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 22:34:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v3BkYCCEE8tLxjC09h5J7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_F02onNbAI_ji5rYFRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYAZCksAg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://r.mtdv.me
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://r.mtdv.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:15:10 GMT
x-content-type-options: nosniff
age: 26343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:15:10 GMT

GET
H3 200 video.ico
r.mtdv.me/assets/v4/ 4 KB
3 KB 1886ms
1885ms Other
image/vnd.microsoft.icon 172.67.179.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mtdv.me/assets/v4/video.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f9ca4bc856789be8a73a33f4c7bd93691ef9b37204048d5007d25e0525d3db

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/FULL-NPC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 0.9ms
date: Tue, 18 Jun 2024 22:34:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 08 May 2023 20:36:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1683578218.0-4286-1244729179"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AE6IwNOrNl63tmUOqwoNBoamuDRCDVbin3HCifFKJg1obtXoCwmMknTfZZx0AQnIRQ59tnt%2FWguEDew9rZ6myQ%2F1XyVljRLYfzdMr7Ewk7zQOmOSO8lK8N8fkNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
content-disposition: inline; filename=video.ico
cf-ray: 895ebed96de390ec-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 14ms
14ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~lxkzekoo&c=1294740494597887&e=44759842%2C31084128%2C42532524%2C44798934%2C95334509%2C95334526%2C95334566%2C95334573%2C95334581%2C95334819%2C95334828%2C95335897%2C31084705%2C31061691%2C31061693%2C31078663%2C31078668%2C31078670&ctx=1&met.3=782.kr_1~1001.kq_2__1~164.kt_1~165.ko_6~247.kv~248.kw~164.kx~165.ku_3~166.k6_r~1032.106~326.11r_1~832.11t~868.11t~216.106_1o~215.106_1o~843.104_1p~1032.11x~326.11y~832.11y~868.11y~216.11x_1~215.11x_1~112.125_2~246.127_3~246.1cr~243.1h5_1~113.1h4_2&met.7=CBsQCMABiavKqA8~CBsQChgBIJ4EKJ4EMOUEOEfAAYzV2OsE~CAEQChgBIJ4EKJ4EMP8EOGFAnwRIpQRQpQRYtwRgpQRotwRw9AR4pZ0DgAH5mgOIAbbnCbABAbgBA8AB3o6_mwE~CBsQByCfBDgxwAGa0fLqAw~CBsQBiCfBDitAcABuKvHuAw~CBsQBiCfBDiaA8AB5qqTrAw~CBsQBiCfBDivA8ABwpuF3g0~CBsQBiCfBDiLA8ABycf2hA4~CBsQBiCfBDiSA8ABr8W_twY~CBsQDiCfBDjOA8ABrYK0kA8~CBsQCiCfBDg0wAGH8dz0Ag~CBsQBiCfBDisA8AB48KsigY~CBsQCiCfBDhLwAHT3MmvAQ~CBsQDiC0BDigAcABm4ONuQo~CBsQChgBILwFKLwFMIAGOETAAYzV2OsE~CBsQChgBILwFKLwFMPMFODfAAYzV2OsE~CBsQChgBIL0FKL0FMP0FOEDAAYzV2OsE~CBsQChgBIL0FKL0FMP8FOEPAAYzV2OsE~CBsQChgBIL0FKL0FMIIGOEXAAYzV2OsE~CBsQChgBIL4FKL4FMIQGOEfAAYzV2OsE~CBsQChgBIL4FKL4FMP8FOEHAAYzV2OsE~CBsQChgBIL4FKL4FMIUGOEfAAYzV2OsE~CAMQChgBIOkFKOkFMI0HOKQBQOsFSOsFUOsFWP4FYOsFaIEGcMMGeJONCYAB54oJiAHZ9hqwAQG4AQPAAfycgMQL~CBwQChgBIM8KKM8KMNgKOAlo0Apw1wp4mr0BgAHuugGIAdnqA7ABAbgBA8ABjaa07wo~CBsQARgBIOEKKOEKMKoLOEnAAaSg_KUH~CD8QChgBIM4KKM4KMKsLOF1Q4QpY-Apg5wpo-Apwmgt4l4IEgAHr_wOIAcSmDLABAbgBA8AB5YOyfA~CD8QChgBINMLKNMLMMcMOHNo1AtwuAx4m-4DgAHv6wOIAYKNGbABAbgBA8ABvM-A5gg~CBsQARgBINwNKNwNMLEOOFXAAaSg_KUH~CBMQAhgBIMMNKMMNML0OOHlQ1A1YtA5gpA5otQ5wuw54nHqAAfB3iAHwd6oBDAoGcm9ib3RvEBIYArABAbgBA8ABuL_25wo~CD8QDRgBIPMNKPMNMMAOOE3AAdOdsYkH~CD8QDRgBIPQNKPQNMMAOOE3AAdOdsYkH~CBMQAhgBIOENKOENMMkOOGhotQ5wvQ54mPsCgAHs-AKIAez4AqoBDgoIb3BlbnNhbnMQKBgCsAEBuAEDwAGQr5TSDw~CBIQBxgBIKINKKINMNAOOK4BQKkNSKkNUKkNWLUOYKQOaLUOcM0OeN0ugAGxLIgB2-sGqgGHBAoPQXJjaGl2bzo0MDAsNTAwCg1Bcmltbzo0MDAsNTAwCg5CaXR0ZXI6NDAwLDUwMAoTRUIrR2FyYW1vbmQ6NDAwLDUwMAoETGF0bwoQTGlicmUrQmFza2VydmlsbAoWTGlicmUrRnJhbmtsaW46NDAwLDUwMAoMTG9yYTo0MDAsNTAwCiJHb29nbGUrU2FuczpyZWd1bGFyLG1lZGl1bTo0MDAsNTAwCg5NYXRlcmlhbCtJY29ucwoOR29vZ2xlK1N5bWJvbHMKDE1lcnJpd2VhdGhlcgoSTW9udHNlcnJhdDo0MDAsNTAwCg1NdWt0YTo0MDAsNTAwCgxNdWxpOjQwMCw1MDAKDk51bml0bzo0MDAsNTAwChVPcGVuK1NhbnM6NDAwLDUwMCw2MDAKG09wZW4rU2FucytDb25kZW5zZWQ6NDAwLDYwMAoKT3N3YWxkOjUwMAoYUGxheWZhaXIrRGlzcGxheTo0MDAsNTAwCg9Qb3BwaW5zOjQwMCw1MDAKD1JhbGV3YXk6NDAwLDUwMAoOUm9ib3RvOjQwMCw1MDAKGFJvYm90bytDb25kZW5zZWQ6NDAwLDUwMAoTUm9ib3RvK1NsYWI6NDAwLDUwMAoKU2xhYm8rMjdweAoPU291cmNlK1NhbnMrUHJvCg5VYnVudHU6NDAwLDUwMAoHVm9sa2hvdrABAbgBA8AB1se7yAo~CBMQAhgBIOINKOINMM8OOG1otQ5www54jO0HgAHg6geIAeDqB6oBFAoNbWF0ZXJpYWxpY29ucxCOARgCsAEBuAEDwAGaobzNCg~CBsQCDjiDsABiavKqA8&met.1=1.lxkzejbw~6.1~7.2~8.h~9.h~10.x~11.h~12.x~13.ey~14.ez~15.f1~16.ky~17.ky~18.l4~19.1gh~20.1gh~21.1gi~22.hm~23.hm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240613/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://r.mtdv.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 22:34:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X2WNN9J8QN&gtm=45je46h0v882066977za200&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=44&tfd=5770&_z=sendBeacon

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WCKGFQR8X8&gtm=45je46h0v882066978za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=50&tfd=5896&_z=sendBeacon

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z96VBEQQ7C&gtm=45je46h0v882066979za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=17&tfd=5900&_z=sendBeacon

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0JVRYDXEHV&gtm=45je46h0v882066983za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=311&tfd=6246&_z=fetch

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NSWGD717C6&gtm=45je46h0v882066982za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=285&tfd=6251&_z=fetch

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JRQF757RS&gtm=45je46h0v882066981za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=257&tfd=6254&_z=fetch

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F9NPV4G8YN&gtm=45je46h0v882066980za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=227&tfd=6259&_z=sendBeacon

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZK2C0410MF&gtm=45je46h0v9181555533za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=182&tfd=6268&_z=sendBeacon

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N75WS7XWCZ&gtm=45je46h0v9181555252za200zb882066977&_p=1718750051980&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=524594680.1718750052&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1718750052&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FFULL-NPC&dt=Videos%20-%20Entra%20wuant&en=scroll&epn.percent_scrolled=90&_et=153&tfd=6279&_z=sendBeacon

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mtdv.me/	1970-01-21 07:01:50	Name: _ga Value: GA1.1.524594680.1718750052
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_X2WNN9J8QN Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_WCKGFQR8X8 Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_Z96VBEQQ7C Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_0JVRYDXEHV Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 06:11:26	Name: cf_clearance Value: TGAGAC09fkE5_KwhH9dMS.A5K3x84_.En.K.07tEqLc-1718750052-1.0.1.1-tiT6rrTmhqnCGy87kJ9VhtYINQnniRePBOiHu1uQfYfeoBj.DwXZoELykJE_.UOieMqMv_n0nW7JZw.FVzoOng
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_NSWGD717C6 Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_7JRQF757RS Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_F9NPV4G8YN Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_ZK2C0410MF Value: GS1.1.1718750052.1.0.1718750052.0.0.0
.mtdv.me/	1970-01-21 07:01:50	Name: _ga_N75WS7XWCZ Value: GS1.1.1718750052.1.0.1718750052.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.mtdv.me
code.jquery.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
r.mtdv.me
region1.google-analytics.com
www.googletagmanager.com
region1.google-analytics.com
142.250.185.194
172.217.18.14
172.67.179.32
2001:4860:4802:34::36
216.239.32.3
216.239.32.36
2606:4700::6812:acf
2606:4700::6812:bb1f
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:829::2008
2a00:1450:400c:c1d::5e
2a04:4e42:400::649
04492fdeffeffcc132b862dd7f5afbf74075e391c0e7734f88dccde6b133434b
05765e4086b685c1616cd475ce7313b92757bb7dfa35188b65d6f2c909725ded
19713f2c70a9e86fce64b0f8aa375409863f658aaa083e5d72ef3edf94e89628
21f3b9485bab5e0bfb7cb4e2d08c50664c94e7623845715ce527f0ef08757cac
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c94037523c06eb72cdd50e003ecf482ede47aca18475d9060c9404bc2a0f3d8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46bcd43ac66700f4913cfff99782429bbe33acd55fb2d579156963c53659b31c
4a597139d1b0c82d254eafda6ed2342f96fb928692b0a78094a46acbbc493c60
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6c18460236bf21c547e8e44150e6d3896345cf3e2f034a08b92befc4993ab958
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8783515f645c0a85fe5598514b28e60c9e85003a4675d73e49746585cb97c7b3
89a248865f6ec28f8afd0965497baaefca4264dce479e4cb85efd58ec385242b
8e30debbf39a0b917b448d16ba4e1117a9bd28c9bf4de9a1d92e43adc0862938
91cfc1f2c5284d433219ece9020231d7ab2413d5ae7bb1c3105c4b83b1abec43
9345d01343f55811cfc516646400b820181eb408d80a8f1986a3fa190b0d07a7
9495cf6f1c8a5ed32607eec6eca7e9e36a3221e7e0a083164e23ffc3e248653c
a855ecbc5f1b2e76131bfbcac5fe8f1dd9990f8107f55685fe8bcfd9cdbe77e1
a981fda940c060fc23bab8a5202dee0453a5fc1f885d7c1d2bf7693cd8e3ee65
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0f9ca4bc856789be8a73a33f4c7bd93691ef9b37204048d5007d25e0525d3db
c04d8a087d3334bed015769fd343961d1f23383b2eb64536aca3eff14ca9ec72
c3a06889c42cabd592c7ba87bdeaff9052d32275c776b9a8a550d79c04887ca6
ce57946c1d71f50a1ff2921340210a91940eda4b209c07b65f8c09b65fdd8094
d2c9eb6550cd1f650e72e01062f771afb836162733b50a9fc1992736fe839e6d
d62597471796c2f40d09f7a251230a1cb5de554f6957ed7581fd83b957cb149b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fabf4c84bd4325ec3053384f7065d7c8de0e5b4150117e12ca97af108fbf5f73
fd9129b0cf51774985822d17280dd989fe2aad521aacd36d5cb16ab1d6928c45

r.mtdv.me Open in urlscan Pro 172.67.179.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

82 %HTTPS

64 %IPv6

10 Domains

12 Subdomains

15 IPs

3 Countries

1645 kBTransfer

5295 kBSize

11 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

r.mtdv.me Open in urlscan Pro
172.67.179.32 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

82 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

15
IPs

3
Countries

1645 kB
Transfer

5295 kB
Size

11
Cookies

57 HTTP transactions
0 data transactions