Submitted URL: http://internet.blogmura.com/
Effective URL: https://internet.blogmura.com/
Submission: On August 24 via manual from JP

Summary

This website contacted 57 IPs in 6 countries across 24 domains to perform 621 HTTP transactions. The main IP is 3.113.241.215, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is internet.blogmura.com.
TLS certificate: Issued by Amazon on February 1st 2021. Valid for: a year.
This is the only time internet.blogmura.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 3.113.241.215 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
19 13.224.196.96 16509 (AMAZON-02)
7 142.250.184.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
85 13.224.102.73 16509 (AMAZON-02)
3 133.237.16.123 23820 (RAKUTEN R...)
1 54.199.143.71 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
65 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
72 2a00:1450:400... 15169 (GOOGLE)
40 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
23 33 142.250.186.162 15169 (GOOGLE)
12 24 2.18.234.21 16625 (AKAMAI-AS)
12 18 37.252.172.250 29990 (ASN-APPNEX)
15 104.75.89.215 16625 (AKAMAI-AS)
3 4 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
4 4 18.156.0.31 16509 (AMAZON-02)
4 185.86.138.144 201081 (SMARTADSE...)
6 138.201.84.245 24940 (HETZNER-AS)
5 213.254.244.22 36062 (DOUBLE-VE...)
1 4 159.69.70.9 24940 (HETZNER-AS)
1 4 94.130.102.164 24940 (HETZNER-AS)
3 138.201.63.117 24940 (HETZNER-AS)
6 213.254.244.19 3257 (GTT-BACKB...)
3 213.254.244.16 3257 (GTT-BACKB...)
3 213.254.244.20 3257 (GTT-BACKB...)
3 213.254.244.15 3257 (GTT-BACKB...)
5 142.250.186.38 15169 (GOOGLE)
3 138.201.84.252 24940 (HETZNER-AS)
6 85.114.131.235 24961 (MYLOC-AS ...)
31 2a00:1450:400... 15169 (GOOGLE)
2 133.237.61.100 23820 (RAKUTEN R...)
3 116.202.48.214 24940 (HETZNER-AS)
10 142.250.185.194 15169 (GOOGLE)
37 213.254.244.13 36062 (DOUBLE-VE...)
3 138.201.63.157 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 213.254.244.14 3257 (GTT-BACKB...)
1 133.237.48.232 23820 (RAKUTEN R...)
10 142.250.185.226 15169 (GOOGLE)
2 133.237.60.7 23820 (RAKUTEN R...)
20 2a02:3d0:623:... 22822 (LLNW)
621 57
Apex Domain
Subdomains
Transfer
159 googlesyndication.com
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
957 KB
117 blogmura.com
internet.blogmura.com
static.blogmura.com
img.blogmura.com
link.blogmura.com
3 MB
100 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20517.doubleverify.com
tps20511.doubleverify.com
tps20513.doubleverify.com
tps20520.doubleverify.com
tps20516.doubleverify.com
tps.doubleverify.com
tps20227.doubleverify.com
tps20243.doubleverify.com
tps20235.doubleverify.com
tps20222.doubleverify.com
tps20248.doubleverify.com
tps20241.doubleverify.com
tps20238.doubleverify.com
tps20221.doubleverify.com
tps20240.doubleverify.com
tps20236.doubleverify.com
1 MB
80 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
471 KB
43 rakuten.co.jp
xml.affiliate.rakuten.co.jp
static.affiliate.rakuten.co.jp
mtwidget04.affiliate.rakuten.co.jp
mtwidget05.affiliate.ashiato.rakuten.co.jp
grp01.ashiato.rakuten.co.jp
log.affiliate.rakuten.co.jp
thumbnail.image.rakuten.co.jp
511 KB
31 2mdn.net
s0.2mdn.net
2 MB
26 redintelligence.net
hal9000.redintelligence.net
hal900017.redintelligence.net
hal900012.redintelligence.net
hal90003.redintelligence.net
hal900024.redintelligence.net
hal900013.redintelligence.net
hal90007.redintelligence.net
46 KB
24 casalemedia.com
dsum-sec.casalemedia.com
22 KB
22 googletagservices.com
www.googletagservices.com
534 KB
18 adnxs.com
ib.adnxs.com
17 KB
15 ampproject.org
cdn.ampproject.org
304 KB
11 google.com
adservice.google.com
www.google.com
1 KB
6 contentspread.net
cdn.contentspread.net
298 KB
5 yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
3 KB
4 smartadserver.com
rtb-csync.smartadserver.com
652 B
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 openx.net
us-u.openx.net
1 KB
4 typekit.net
use.typekit.net
p.typekit.net
94 KB
2 teads.tv
sync.teads.tv
344 B
2 gstatic.com
fonts.gstatic.com
42 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
32 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 google.be
adservice.google.be
853 B
1 googletagmanager.com
www.googletagmanager.com
41 KB
621 24
Domain Requested by
85 img.blogmura.com internet.blogmura.com
72 pagead2.googlesyndication.com 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
internet.blogmura.com
ad.doubleclick.net
www.googletagservices.com
securepubads.g.doubleclick.net
65 tpc.googlesyndication.com internet.blogmura.com
securepubads.g.doubleclick.net
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
35 cdn.doubleverify.com 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
cdn.doubleverify.com
internet.blogmura.com
s0.2mdn.net
33 cm.g.doubleclick.net 23 redirects googleads.g.doubleclick.net
31 s0.2mdn.net internet.blogmura.com
s0.2mdn.net
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
24 dsum-sec.casalemedia.com 12 redirects googleads.g.doubleclick.net
24 googleads.g.doubleclick.net 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
internet.blogmura.com
22 www.googletagservices.com securepubads.g.doubleclick.net
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
20 thumbnail.image.rakuten.co.jp static.affiliate.rakuten.co.jp
19 static.blogmura.com internet.blogmura.com
static.blogmura.com
18 ib.adnxs.com 12 redirects googleads.g.doubleclick.net
15 static.affiliate.rakuten.co.jp xml.affiliate.rakuten.co.jp
static.affiliate.rakuten.co.jp
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
12 internet.blogmura.com 1 redirects internet.blogmura.com
10 ade.googlesyndication.com internet.blogmura.com
10 tps.doubleverify.com cdn.doubleverify.com
10 googleads4.g.doubleclick.net internet.blogmura.com
10 www.google.com 2 redirects internet.blogmura.com
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net internet.blogmura.com
securepubads.g.doubleclick.net
6 cdn.contentspread.net hal900012.redintelligence.net
hal90003.redintelligence.net
hal900017.redintelligence.net
hal900024.redintelligence.net
hal900013.redintelligence.net
hal90007.redintelligence.net
6 hal9000.redintelligence.net 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
5 ad.doubleclick.net www.googletagservices.com
5 rtb0.doubleverify.com cdn.doubleverify.com
5 cdn3.doubleverify.com cdn.doubleverify.com
4 hal900012.redintelligence.net 1 redirects 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
hal900012.redintelligence.net
4 hal900017.redintelligence.net 1 redirects 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
hal900017.redintelligence.net
4 rtb-csync.smartadserver.com googleads.g.doubleclick.net
4 ups.analytics.yahoo.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
3 tps20236.doubleverify.com cdn.doubleverify.com
3 tps20240.doubleverify.com cdn.doubleverify.com
3 tps20221.doubleverify.com cdn.doubleverify.com
3 tps20238.doubleverify.com cdn.doubleverify.com
3 tps20241.doubleverify.com cdn.doubleverify.com
3 tps20248.doubleverify.com cdn.doubleverify.com
3 tps20222.doubleverify.com cdn.doubleverify.com
3 tps20235.doubleverify.com cdn.doubleverify.com
3 tps20243.doubleverify.com cdn.doubleverify.com
3 tps20227.doubleverify.com cdn.doubleverify.com
3 hal90007.redintelligence.net hal9000.redintelligence.net
hal90007.redintelligence.net
3 hal900013.redintelligence.net hal9000.redintelligence.net
hal900013.redintelligence.net
3 hal900024.redintelligence.net hal9000.redintelligence.net
hal900024.redintelligence.net
3 tps20516.doubleverify.com cdn.doubleverify.com
3 tps20520.doubleverify.com cdn.doubleverify.com
3 tps20513.doubleverify.com cdn.doubleverify.com
3 tps20511.doubleverify.com cdn.doubleverify.com
3 tps20517.doubleverify.com cdn.doubleverify.com
3 hal90003.redintelligence.net hal9000.redintelligence.net
hal90003.redintelligence.net
3 xml.affiliate.rakuten.co.jp internet.blogmura.com
static.affiliate.rakuten.co.jp
3 use.typekit.net internet.blogmura.com
use.typekit.net
2 log.affiliate.rakuten.co.jp static.affiliate.rakuten.co.jp
2 sync.teads.tv googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 grp01.ashiato.rakuten.co.jp static.affiliate.rakuten.co.jp
1 mtwidget05.affiliate.ashiato.rakuten.co.jp static.affiliate.rakuten.co.jp
1 ajax.googleapis.com hal900013.redintelligence.net
1 mtwidget04.affiliate.rakuten.co.jp static.affiliate.rakuten.co.jp
1 ads.yahoo.com googleads.g.doubleclick.net
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.be securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 link.blogmura.com internet.blogmura.com
1 p.typekit.net use.typekit.net
1 www.googletagmanager.com internet.blogmura.com
621 69
Subject Issuer Validity Valid
*.blogmura.com
Amazon
2021-02-01 -
2022-03-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-08-16 -
2022-08-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-07-16 -
2022-07-21
a year crt.sh
*.affiliate.rakuten.co.jp
DigiCert SHA2 Secure Server CA
2020-06-08 -
2022-07-17
2 years crt.sh
*.google.be
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-26 -
2021-10-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
www.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA
2021-01-10 -
2022-01-17
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
intl.rakuten-static.com
DigiCert SHA2 Secure Server CA
2021-08-02 -
2022-08-02
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
teads.tv
R3
2021-08-23 -
2021-11-21
3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2021-04-08 -
2022-05-09
a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-16 -
2021-10-06
2 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
redintelligence.net
R3
2021-08-20 -
2021-11-18
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
contentspread.net
R3
2021-08-03 -
2021-11-01
3 months crt.sh
*.affiliate.ashiato.rakuten.co.jp
DigiCert SHA2 Secure Server CA
2020-03-11 -
2022-03-20
2 years crt.sh
*.ashiato.rakuten.co.jp
DigiCert SHA2 Secure Server CA
2020-03-04 -
2022-03-16
2 years crt.sh
thumbnail.image.rakuten.co.jp
DigiCert SHA2 Secure Server CA
2020-06-01 -
2022-06-17
2 years crt.sh

This page contains 79 frames:

Primary Page: https://internet.blogmura.com/
Frame ID: E1E1D5B6353AF9F4A0DF8187F0DA43F6
Requests: 134 HTTP requests in this frame

Frame: https://link.blogmura.com/link/c/000000?ref=&agent=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/92.0.4515.159%20Safari/537.36&newinp=1&d=1629785581805&uri=https%3A//internet.blogmura.com/
Frame ID: F4453E624A8B4FD495710810AAB27AF5
Requests: 1 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 028AD1F9D0AA0CCC1A5A9A6B0FB2C70F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: BDD770DB51F95D9CB6EC572E9008C435
Requests: 16 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A69542DC3D9A7A50C7C2CE22FF1EDB48
Requests: 30 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FCCDF0744A102E451E48CB109F01BC03
Requests: 30 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 527BAEACA5BE88A0C88CEC8B6CBFE454
Requests: 27 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F7C48098F960F18DD24AF703389B1193
Requests: 28 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42EEC60D24A8420B15C1DED716E2AD30
Requests: 12 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E30B5D013D9FC2A9624FD40427CD3ACE
Requests: 13 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DEFB3C78BD7EE70780A59AD493C37B14
Requests: 12 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3AB25039537FDDF65A2CA671F5C0D96C
Requests: 11 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27827780AE46A1ED5941C4CC5C70AA3A
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 9CFC54AE46912BB5F4A7CD17FB81D7BF
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 6BB21CA2FC78C93E55B836742C04DD0A
Requests: 12 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E5DF0F799083173FF5548B21244C056A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
Frame ID: 8F09054C8D3569029D1F069DF9891A77
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
Frame ID: 1DB53DD5B7567E6D0BFD34EFFA5C982C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
Frame ID: DDD61444AB6143FF6732FA7CBD22D8D4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
Frame ID: 7A553FF6889944BB3B71667CBD353C54
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
Frame ID: ED3AB69981A39D65B8A7E0D229DBD053
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
Frame ID: FF7CC9B27B948209FF473DD1C49425A5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
Frame ID: FCEEE78DFF405FC95C7E7E1958B67533
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNU1YlJDYtYZHaVL-p03Z_kM6xdZ9tUsQ6GjTdUrodB-46HborP-cjx3_WMPzDzrzXC-OgCwu4IcekMw75MB_PGlloNsJYnuAhRfdNZeg1Zsy2JLFSACjwAOUugR3PmELynjd7eDOeDyX0FRYfpzCw2cWh17cuw4kT60RpowG5P1MXWWij8
Frame ID: C73D8C308296E8CDDC125A62229A4EAE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWcXCSNn8PI9p89DLbFsMbDuT7r9BS09rrgTybYJaz3-K5QPG0cKDuhSS5a1Fc71KCEue7ILwC2EqrKfEhIne9-1vo2XGoq9WKK-VNQJA7e9QjvYyKDu2I6aw9WfigV6uPWXSbqV9T9qoBC5DTTh_aVJ0z-4ASTehGLylbagQQFPL_hHus
Frame ID: EC9180AFD67DE8D4CDB196788520F0A9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNW4BfQtOr_Pnp3GjwoNdISlMuHsKs2zOb39LR3HPXIKJ9gSaHVbyvLkocpRVi86wI0z1w3JV7m-qRKlRqxDT7QUbj5tUWoSGwevq5m7ZUWrrRt3pNB2xp-lnHwKTQxTMNDmZTBahJ531rinSc05IpDTjYdhbxmOY-p5IBDVguAEwVaTcf4
Frame ID: FEB03BDBF5499820F2074D1A17B38A13
Requests: 4 HTTP requests in this frame

Frame: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Frame ID: 71F99DDEA298864146E4AF16E57793A4
Requests: 12 HTTP requests in this frame

Frame: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5130ED735114BD55AFD7880B5C77B6AF
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B27DABBF7F562E1F78B74B6125B4405
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED20530006BF057FB1211955BC610012
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D534EE35A15A5658E239E0F49F73B160
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3BAF1A2C77D0977D198A7E52A15A11BF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D11E0C280B79D180107C68771E0AA52E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EEB695058C57FE5F6C99B5FFAEBD209
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 84D549FFD0E4B52D3360CCA0F86AC143
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 594D8D5F1CDA220929A1C9BFE3CDC9C9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6CD7ECD4389BECBB3B9DF07382B3EE9B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7BC161B34E1770B30A087A18170D1C4
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 8340D5BF0B44F6DC61DD771909B98CDA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 96D2C8E9902D1F908A98E821614F67C5
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: AD2C67CE1532C5364C58B92194D8A24D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 71BFEEA06D079A307D007D037CAF31D4
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: CEDB305A1D4CA602686E65772B5D9294
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 4212A3CDE94D3B4A922AE15FB00E0651
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 9B31E77BA00CCC67F60B9994CD7738AB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 3C6946D905C9A0E041A4732964CA6C45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNURoZNa_Fwf5JgkyvanfdDe6glfgxpWuLUV7aVJsHOSWD-C2ToQq22kHRGY6Co0su8SR-Lseel2p21icyKBRX9zsL_IcST_UamboQIEeh1r3n4-FS6SG1GpxnTFb6Y__-uoYEOf34HfbmMkomR-LQVdlwLlKJK1OaylAfmfIFockPqlZb8
Frame ID: 0ED5A80563390EADE33E7C1319477B9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DD8FEA5ACA97DB6EDCDA9C1E60ECBED4
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 266186B378D10F41D417AEBBFC12E78D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 1F219CB5965A177068398E3812B802C2
Requests: 1 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=93039000027525100628852011696012&a=eef75cb6
Frame ID: 8720E7BF7C012A9730D1DD3F07139570
Requests: 4 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=61263800027476600628852011696003&a=acf3f8b0
Frame ID: 0210A14239600069CE0329CDC8533330
Requests: 4 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=85077600032144800628852011696017&a=16c634f7
Frame ID: 7C34769C39481A93D75BC5E3CBF24B0D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: BCCF8CC451F1269630915818781135FB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 861BC27167548CD49618AB9B4046B5F9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1602614866015/index.html
Frame ID: 0BFF66F1ADACF9451D66CDDF0580B241
Requests: 3 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=61082200025833800628852011696024&a=19c63003
Frame ID: E739FAAFC150F5F3FC694A26DE888E75
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 8BAC0858748D066458113D1A1AE34069
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: FE97C2265828A19EC64665CA6AABADAC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC01886EA7A868019DE428EA31FADC4A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1602614866015/index.html
Frame ID: 0EB16A4572760F401E39EF630BF1DFAD
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 468A3207902BA034CD6E507759CE54AD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 924D0D71D0D560BDE5FD8A14883EC82C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1602614866015/index.html
Frame ID: 9A7627B8481F573AE252B2A2F9275939
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 51DB1DC1FE5CC122DFC051C0D045EB8B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 379514612BC80616510FFB4B80442496
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 22DCF3B74177A6D53F1C3205ACBCBCE8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C170EDCE492079F7A77C174D56CEA3D7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1602614881717/index.html
Frame ID: 84317005AE8033E2814CB10004A5A243
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50ED239BEF7CB67238E2B41A5BA3C24D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
Frame ID: 54C179E14BCE7461E6B84BB82E446873
Requests: 14 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 04235064AF99B230528820DD7905A04F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 7F947657EC861C5957F44E56B27B317D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1710.js
Frame ID: 4654E1357C4D3E2B9518B95E140DD1F1
Requests: 5 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=74129100029320600628846011696013&a=a3be6cec
Frame ID: 1A8B8F55E4A8AC9D747C4168D125E83D
Requests: 5 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=65408600030542100628852011696007&a=2655406b
Frame ID: 7620B4D62B7BEBF8833A9A94184179CD
Requests: 4 HTTP requests in this frame

Frame: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Frame ID: 0040D5F97687D2DD552CC83BE40FE45C
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F5BF73AB69BD198DE6245E39F2470284
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 083E144EAC033CDA59C19732C607E0A4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ネットブログ 人気ブログランキングとブログ検索 - にほんブログ村

Page URL History Show full URLs

  1. http://internet.blogmura.com/ HTTP 301
    https://internet.blogmura.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

621
Requests

100 %
HTTPS

37 %
IPv6

24
Domains

69
Subdomains

57
IPs

6
Countries

9615 kB
Transfer

20734 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://internet.blogmura.com/ HTTP 301
    https://internet.blogmura.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 245
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 252
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Request Chain 274
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.GwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Request Chain 276
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Request Chain 278
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Request Chain 280
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Request Chain 282
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.IQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Request Chain 284
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0MDkxODMzMjk2MTkzMDUyMQ%3D%3D
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Request Chain 286
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.LgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Request Chain 288
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Request Chain 290
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.KAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Request Chain 292
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Request Chain 294
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.GwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Request Chain 296
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0OTEyMzE3Mzk1MDk0NDIxNg%3D%3D
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO6-px6BHGw9VUzlmM2zSKk&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO6-px6BHGw9VUzlmM2zSKk&google_cver=1
Request Chain 299
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDM4ZjZlYmQtODY5Zi0yNGUyLWZjYTEtMDcwNGNhMzkzZGY5
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA878TMINZZSly-U6jHol7I&google_cver=1
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpz_HErAyhrgjuyzmz4QYk&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpz_HErAyhrgjuyzmz4QYk&google_cver=1&__user_check__=1&sync_id=58beefe5-04a2-11ec-a597-190e06a80206
Request Chain 303
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=58a970a8-04a2-11ec-b8b1-1ee5b9e10406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NThhOTcwNjktMDRhMi0xMWVjLWI4YjEtMWVlNWI5ZTEwNDA2
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CTm5jektCRTJ1Rl9LU3lncUFJcDhyZ1BfNEdVMjFfYn5B
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
Request Chain 308
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1hTFJZQ1NkRTJ1RUliTVRVVDBPUkdNakMwYnJkekRyeX5B
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
Request Chain 354
  • https://hal900017.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC--PW740kYey6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9A-FECgN1qm2PXz449NLp1lLjGB4-tbVY0zxTvN1k_PeDWyiI_QiNRFPwXDuhRsQFPDaiDT4xo9VZGpLRoFBEetloFkh5pfKh9eIhlJfkimJlKjM6A3e46wWg2esbixOMpLU8y38lAsH6Zgn9SVd-imCfEOtQRqBC_13cea7XpQaWuwVcaSbtGuJpoWTYuq8Fzx6aPS7pmeLa9mLm7wROeVDykpgoKHvOelofK7_4W-CvqRkaE6E8xr67X5fe-ORAd9And3QOLsNOFerJ3AtXUIipjABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ%26sig%3DAOD64_2Zk1rLXqHQ3nD8jlN8fxpiVpLfRA%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-BiwW5RG85bTSTNGZtPyHbAEhwlG0Fv41MJnCFLL9_oi4MEGtSrf_PDAMbCpT7OLk45sFyQZo0yT9IAl02pNVUCGC9IMyWoFqDVQMkCt_V3zIuwF2VKn8wenw10bTjsXV5ambc2a5R_k7goOQ7geTRpN0vNKg%26cry%3D1%26dbm_d%3DAKAmf-AE17x2K6osUouOOSIqK7zQN4AsZpQLX4SKyTAomS1DIqq6jx2HTiaFDuMNt9XvZ4nQGGJQ89E69oasL5FUl9uDmvK06E1HVbz7tkyGmV1UfvKyoCeYqHz7ff9XayVXtB79qAGiQTjMnjTihiPzzMzMFMKiFG8j5linYlGd_z02mgPjwMJbLfSpxQ4J58ZMF2QzUGOn4Om9gzx971DvPR4i_Xjnl_BP4LNyQf1OnWn5mGsyNwaSeFfuVgEbsso_Yc2fB2LTf8qsio3nZMZZpIQo46raYFB2uK-ojpxTSsIRj4B7bgxGFxyTi_2-uYLhZlOA1PaMxQf3TPXymiptoCnTHy0Vi-u1-SCrhXc5fYkIr5H4V3naXKQWWp5T2-FC3fcK8RETrLuVdy8h99IbijcnfRkP0q04xxUPeW9mWugFPFqgcqwKB5ahJPHMDF-Ob22IzyKl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6151495759469&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900017.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC--PW740kYey6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9A-FECgN1qm2PXz449NLp1lLjGB4-tbVY0zxTvN1k_PeDWyiI_QiNRFPwXDuhRsQFPDaiDT4xo9VZGpLRoFBEetloFkh5pfKh9eIhlJfkimJlKjM6A3e46wWg2esbixOMpLU8y38lAsH6Zgn9SVd-imCfEOtQRqBC_13cea7XpQaWuwVcaSbtGuJpoWTYuq8Fzx6aPS7pmeLa9mLm7wROeVDykpgoKHvOelofK7_4W-CvqRkaE6E8xr67X5fe-ORAd9And3QOLsNOFerJ3AtXUIipjABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ%26sig%3DAOD64_2Zk1rLXqHQ3nD8jlN8fxpiVpLfRA%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-BiwW5RG85bTSTNGZtPyHbAEhwlG0Fv41MJnCFLL9_oi4MEGtSrf_PDAMbCpT7OLk45sFyQZo0yT9IAl02pNVUCGC9IMyWoFqDVQMkCt_V3zIuwF2VKn8wenw10bTjsXV5ambc2a5R_k7goOQ7geTRpN0vNKg%26cry%3D1%26dbm_d%3DAKAmf-AE17x2K6osUouOOSIqK7zQN4AsZpQLX4SKyTAomS1DIqq6jx2HTiaFDuMNt9XvZ4nQGGJQ89E69oasL5FUl9uDmvK06E1HVbz7tkyGmV1UfvKyoCeYqHz7ff9XayVXtB79qAGiQTjMnjTihiPzzMzMFMKiFG8j5linYlGd_z02mgPjwMJbLfSpxQ4J58ZMF2QzUGOn4Om9gzx971DvPR4i_Xjnl_BP4LNyQf1OnWn5mGsyNwaSeFfuVgEbsso_Yc2fB2LTf8qsio3nZMZZpIQo46raYFB2uK-ojpxTSsIRj4B7bgxGFxyTi_2-uYLhZlOA1PaMxQf3TPXymiptoCnTHy0Vi-u1-SCrhXc5fYkIr5H4V3naXKQWWp5T2-FC3fcK8RETrLuVdy8h99IbijcnfRkP0q04xxUPeW9mWugFPFqgcqwKB5ahJPHMDF-Ob22IzyKl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6151495759469&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 355
  • https://hal900012.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXC_a740kYeq6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9D9fUEGwSB-TOcJI9x83Sk2JIrr0QgNcgR7osS4LsSVZHPWwCg8sdu91aPRQunHq-2SoQsZuF_BEov1tAlyS95VPscnnyXG6XDLW1cZd8zsOON2TxsqKcNF3VCCtbwooj8l7_WWTSofxJreVJe9xDBKfOozRA3V70x-NJo8Yz1J-8J2ILYiGaR1fUk2kSN5-XF6kST5jAsBJotX-G15318-FIBm0wny-2YScVgSnHWITl4SAUrSNYe039oAnyhjIeP84prwn9x9Y47LCn0qpA0NYfnABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg%26sig%3DAOD64_1DOw9zCiT9GVQtruF5Bn4chLIZBw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CAkLioKU4wpwfSVVd9t-H7Z2mLncddHmVKNz4pcEIdy3so1mUnkmz3ozAWhXuFdAD6XcKbEinFd-qrPevV1_VUNz86EGeeY0lYABq6CZZ-bq7sD0BgyvEf7oApm7z5S8aZM8NgLECaKoRN96TrRdYkEucH2A%26cry%3D1%26dbm_d%3DAKAmf-DUetNRzXtB5wM55xfOWZXlTfS6FadtTZ_U1JZGx09mtAemZIdHwss1Rh9DM1w0XLsn1KlUezOeqcIb7EDFoEZ0UlsMl1j1RnOrv7eaf1MMSZusbMZmVEX3cse-KcDf435MRf-bW6LxeQlziGJbOR7hyeHacwZFHaSL39G_DWMQfIB4q-GT3loBrW-DSrusMK0YuhBkQMwWCHhd4WB3RQ-uaxnE4FBaWlxOj0KpdjGUuy1Rw4RHYK7bGesrweSW4J1yAM7AObnYtourBlKafUi0v1SBEAch2biytwszFpsNgRaQC3bKLfo3Q_41ppNrnSntD_93R-UZSSQpc4xLR5bz9HCCe3acMqpp_tr_oCp5xZn89oL9cD9BHOrb6TRHZdUNUwh1fKubQir96VHMeR-IEtpCpoiXe77s4DcAwDAnpvIz50HUR6i_tSy0svfdwoSP5P_z%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7927225924977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXC_a740kYeq6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9D9fUEGwSB-TOcJI9x83Sk2JIrr0QgNcgR7osS4LsSVZHPWwCg8sdu91aPRQunHq-2SoQsZuF_BEov1tAlyS95VPscnnyXG6XDLW1cZd8zsOON2TxsqKcNF3VCCtbwooj8l7_WWTSofxJreVJe9xDBKfOozRA3V70x-NJo8Yz1J-8J2ILYiGaR1fUk2kSN5-XF6kST5jAsBJotX-G15318-FIBm0wny-2YScVgSnHWITl4SAUrSNYe039oAnyhjIeP84prwn9x9Y47LCn0qpA0NYfnABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg%26sig%3DAOD64_1DOw9zCiT9GVQtruF5Bn4chLIZBw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CAkLioKU4wpwfSVVd9t-H7Z2mLncddHmVKNz4pcEIdy3so1mUnkmz3ozAWhXuFdAD6XcKbEinFd-qrPevV1_VUNz86EGeeY0lYABq6CZZ-bq7sD0BgyvEf7oApm7z5S8aZM8NgLECaKoRN96TrRdYkEucH2A%26cry%3D1%26dbm_d%3DAKAmf-DUetNRzXtB5wM55xfOWZXlTfS6FadtTZ_U1JZGx09mtAemZIdHwss1Rh9DM1w0XLsn1KlUezOeqcIb7EDFoEZ0UlsMl1j1RnOrv7eaf1MMSZusbMZmVEX3cse-KcDf435MRf-bW6LxeQlziGJbOR7hyeHacwZFHaSL39G_DWMQfIB4q-GT3loBrW-DSrusMK0YuhBkQMwWCHhd4WB3RQ-uaxnE4FBaWlxOj0KpdjGUuy1Rw4RHYK7bGesrweSW4J1yAM7AObnYtourBlKafUi0v1SBEAch2biytwszFpsNgRaQC3bKLfo3Q_41ppNrnSntD_93R-UZSSQpc4xLR5bz9HCCe3acMqpp_tr_oCp5xZn89oL9cD9BHOrb6TRHZdUNUwh1fKubQir96VHMeR-IEtpCpoiXe77s4DcAwDAnpvIz50HUR6i_tSy0svfdwoSP5P_z%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7927225924977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

621 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
internet.blogmura.com/
Redirect Chain
  • http://internet.blogmura.com/
  • https://internet.blogmura.com/
253 KB
40 KB
Document
General
Full URL
https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
1c26e557051bd119dc1a6aa0afe56340562d7982948913dcee964e00b5f8b6dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
internet.blogmura.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:00 GMT
content-type
text/html;charset=UTF-8
set-cookie
category_history=WzM0XQ==; Max-Age=31536000; Expires=Wed, 24-Aug-2022 06:13:00 GMT; Domain=blogmura.com; Path=/; Secure; HttpOnly buid=14072596-c3ad-4eb2-9040-4bd41783b763; Max-Age=86400; Expires=Wed, 25-Aug-2021 06:13:00 GMT; Domain=blogmura.com; Path=/; Secure; HttpOnly
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000 ; includeSubDomains
x-frame-options
DENY
vary
accept-encoding
content-encoding
gzip
content-language
en-US

Redirect headers

Server
awselb/2.0
Date
Tue, 24 Aug 2021 06:12:58 GMT
Content-Type
text/html
Content-Length
134
Connection
keep-alive
Location
https://internet.blogmura.com:443/
js
www.googletagmanager.com/gtag/
101 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1238852-1
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82265b46d15e1dd5597979163e28e7126766f9acdfe34b696b986392e0b26f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41130
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:01 GMT
uvq4qfx.css
use.typekit.net/
5 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/uvq4qfx.css
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
63a506c6fa2f359f424f87944aee07d98deaaa7ac7ab998e439c6642c8e20961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 24 Aug 2021 06:13:01 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
833
top-2a126199b0ad3ff9c31cb67940163a5f.css
static.blogmura.com/css/normal/
71 KB
10 KB
Stylesheet
General
Full URL
https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
66c8d6d68b2e99f2cb24da6f29970f934fc4aa5a909685238a21cb45b9740e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 02:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 01:56:39 GMT
age
1828084
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
text/css
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
x-amz-cf-id
Px7OgUPbbYVlJxDh28tDbZMlAKBplG3RN5eQmOtoS5tcSVgqzJaCIA==
x-xss-protection
1; mode=block
material-icons-c5941eed2e20a509114128aab1e96edf.css
internet.blogmura.com/vendor/material-icons/
1 KB
1 KB
Stylesheet
General
Full URL
https://internet.blogmura.com/vendor/material-icons/material-icons-c5941eed2e20a509114128aab1e96edf.css
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d45b741ce46bcc20f8ee6d537171a19aa734831357091accbcf4368c29f113a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/material-icons/material-icons-c5941eed2e20a509114128aab1e96edf.css
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
x-frame-options
DENY
content-type
text/css
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
1194
x-xss-protection
1; mode=block
jquery.min-eb73f7ac1329262bef84ee1fa6f894be.js
static.blogmura.com/vendor/jquery/
85 KB
30 KB
Script
General
Full URL
https://static.blogmura.com/vendor/jquery/jquery.min-eb73f7ac1329262bef84ee1fa6f894be.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
4657daff6c58fd50f163892062f537e40715a7acd0394b7fb877c74d8a7362d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2613578
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 23 Jul 2021 00:51:48 GMT
x-frame-options
DENY
etag
W/"eb73f7ac1329262bef84ee1fa6f894be"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZhabCIAeakM_xddIy2QABnOxnqJva0I4GHKbFnRHaXAf-QcUtOMtNA==
jquery-ui.min-d8ce160c88057b1b201f0a3f29fac841.js
static.blogmura.com/vendor/jquery/
31 KB
10 KB
Script
General
Full URL
https://static.blogmura.com/vendor/jquery/jquery-ui.min-d8ce160c88057b1b201f0a3f29fac841.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
217ea10692f609f4b8f420fa43d8a25b467644adbd2ad57b89daeca5fd6cde0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 19:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6777061
x-cache
Hit from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 04 Jun 2021 00:51:35 GMT
x-frame-options
DENY
etag
W/"d8ce160c88057b1b201f0a3f29fac841"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
jd2xveIQ6qAUGynkCO5XG03bXub2tM2FkC-sbcBrxTpRvZiuPNuakg==
stickyfill.min-6d5324ca2d034d18a25ff090df5ed1ec.js
internet.blogmura.com/vendor/stickyfill/
6 KB
7 KB
Script
General
Full URL
https://internet.blogmura.com/vendor/stickyfill/stickyfill.min-6d5324ca2d034d18a25ff090df5ed1ec.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0eecf491241f39dda128866d96677cc58baa42500a10426748f61849f2daad54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/stickyfill/stickyfill.min-6d5324ca2d034d18a25ff090df5ed1ec.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"6d5324ca2d034d18a25ff090df5ed1ec"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
6500
x-xss-protection
1; mode=block
object-fit-9a3297a6a2203e7eb84ce33058e1d387.js
internet.blogmura.com/vendor/object-fit/
3 KB
4 KB
Script
General
Full URL
https://internet.blogmura.com/vendor/object-fit/object-fit-9a3297a6a2203e7eb84ce33058e1d387.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
126efbcdc48a9eef57a0de949224a0ba971cd391e759ef1bd79520571b731de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/vendor/object-fit/object-fit-9a3297a6a2203e7eb84ce33058e1d387.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"9a3297a6a2203e7eb84ce33058e1d387"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
3285
x-xss-protection
1; mode=block
common-1a9f7c8f8970b6cfb8f8dfb6f3615623.js
internet.blogmura.com/js/normal/
4 KB
5 KB
Script
General
Full URL
https://internet.blogmura.com/js/normal/common-1a9f7c8f8970b6cfb8f8dfb6f3615623.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a4c76d2c4b503bcd47e956f3fb4835140a0e2094c1277af812bdbfb24ea6e4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/js/normal/common-1a9f7c8f8970b6cfb8f8dfb6f3615623.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"1a9f7c8f8970b6cfb8f8dfb6f3615623"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
4381
x-xss-protection
1; mode=block
suggestion-11553013c7091e15d81d25d0465ef781.js
internet.blogmura.com/js/normal/
19 KB
19 KB
Script
General
Full URL
https://internet.blogmura.com/js/normal/suggestion-11553013c7091e15d81d25d0465ef781.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
75d2b14fa9b435eae2866a1ae70d6f208a27b93c91fd843f2798d0ec7a897b2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/js/normal/suggestion-11553013c7091e15d81d25d0465ef781.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"11553013c7091e15d81d25d0465ef781"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
19309
x-xss-protection
1; mode=block
topic-c52acb282ccec4a59c73cf3fba403323.js
internet.blogmura.com/js/normal/
2 KB
2 KB
Script
General
Full URL
https://internet.blogmura.com/js/normal/topic-c52acb282ccec4a59c73cf3fba403323.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
029d7c2f3eaa98901f8697ae3d16869f6b7ec06175b0837a1f822b270c11cca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/js/normal/topic-c52acb282ccec4a59c73cf3fba403323.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"c52acb282ccec4a59c73cf3fba403323"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
1976
x-xss-protection
1; mode=block
follow-4bc04956bf927dbecd1033481ff5da9b.js
internet.blogmura.com/js/normal/
4 KB
4 KB
Script
General
Full URL
https://internet.blogmura.com/js/normal/follow-4bc04956bf927dbecd1033481ff5da9b.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c0d4016131d2c3a2687d331da824d0b214f0d8549bcee7f13d0fbcca0be001a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/js/normal/follow-4bc04956bf927dbecd1033481ff5da9b.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"4bc04956bf927dbecd1033481ff5da9b"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
4235
x-xss-protection
1; mode=block
point-b2151d6804dffdae9b272522a3f32167.js
internet.blogmura.com/js/common/
1 KB
2 KB
Script
General
Full URL
https://internet.blogmura.com/js/common/point-b2151d6804dffdae9b272522a3f32167.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d80e5a27d9ac575966b4f76b9a7f25a6a42525a3aa22d6ef615ea6757f06d8d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/js/common/point-b2151d6804dffdae9b272522a3f32167.js
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"b2151d6804dffdae9b272522a3f32167"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
1396
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/
71 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b554e7b24be987955efb11b538ab6de55ed73f47ba2aa25bc2a9d4b91078216a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"968 / 174 of 1000 / last-modified: 1629762807"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25283
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:03 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1238852-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3560
date
Tue, 24 Aug 2021 05:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Tue, 24 Aug 2021 07:13:41 GMT
logo-blogmura-4737f9f7c5bcc50beaa0e095bb60d960.svg
static.blogmura.com/image/
8 KB
8 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-blogmura-4737f9f7c5bcc50beaa0e095bb60d960.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
c3500bba21c3c28cb4f7c369a722162be0a0a6d0de9670e8556cc04ca4e1fee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 19:13:54 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4186747
x-cache
Hit from cloudfront
content-length
7701
x-xss-protection
1; mode=block
last-modified
Mon, 05 Jul 2021 00:51:38 GMT
x-frame-options
DENY
etag
"4737f9f7c5bcc50beaa0e095bb60d960"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
CwZ_KGWS-KyVsq3oo6czqmGQoqkwilrLIhSduGADCeRtxaoM1GSbfA==
p.css
p.typekit.net/
5 B
162 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=uvq4qfx&ht=tk&f=10881.10882.10884.10885.10875.32265&a=26101760&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uvq4qfx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/uvq4qfx.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
icon-topics-8c1be720ee3a43225272788358d255d6.svg
static.blogmura.com/image/normal/icon/
498 B
941 B
Image
General
Full URL
https://static.blogmura.com/image/normal/icon/icon-topics-8c1be720ee3a43225272788358d255d6.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
36f586f3ac6ab16017617fc2e97326d91af613892dc35427fbca9f3ea745e5af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:54:14 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2107127
x-cache
Hit from cloudfront
content-length
498
x-xss-protection
1; mode=block
last-modified
Fri, 30 Jul 2021 00:51:42 GMT
x-frame-options
DENY
etag
"8c1be720ee3a43225272788358d255d6"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
E2Wca5-6uIyAQkm3OVhyWCGX6hiUBaFzlhBakSBRG8R8s4pPBbWj1g==
no-image-user-9684e228a9723aed84f40c967c79fb3c.png
static.blogmura.com/image/
3 KB
3 KB
Image
General
Full URL
https://static.blogmura.com/image/no-image-user-9684e228a9723aed84f40c967c79fb3c.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
83a94030961677a0a2b2250fdcc0aa3335a9b32d3a153eb7b96381ddba8a5c97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 00:07:23 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2527538
x-cache
Hit from cloudfront
content-length
3124
x-xss-protection
1; mode=block
last-modified
Sun, 25 Jul 2021 19:57:01 GMT
x-frame-options
DENY
etag
"9684e228a9723aed84f40c967c79fb3c"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
FpeO_7btOAa4BS28lP-66GpLBGj0loYPg5pZ3DVg1ecuRduXopYPdg==
100x100
img.blogmura.com/profiles/11020592/898459/crop/
17 KB
17 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11020592/898459/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
29fa1cdf8f74298180439ddac40a06193225e46cee6a42f63307bb66424f478b

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 19:43:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sun, 18 Jul 2021 18:17:36 GMT
server
nginx/1.18.0
age
728968
etag
W/"9f391bafc161d624dbf00229fcf36c69"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
17473
x-amz-cf-id
CPw0BNCuWeG6zlCawQmcgPYCc5g-gj7gkp1jSPhlWLS2gLIjarCLmA==
100x100
img.blogmura.com/profiles/11018804/810670/crop/
8 KB
8 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11018804/810670/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
ce00bfe7b77907208b7d6acd132864a72cd06ee25cb2e09c2b489237b5271655

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 19:43:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 02:38:45 GMT
server
nginx/1.18.0
age
728968
etag
W/"eef9a7cc5f2da9da0faf2b284980c268"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
7882
x-amz-cf-id
xFZc9-Y7eCrSFKyn-7rrZNSjq0nE1gC8XpYyKtydMYNfGPxShmq_RA==
100x100
img.blogmura.com/profiles/11048065/900375/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11048065/900375/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
3d3dc880548afa8b5cc88132a3beab0f27176e0a70536cc001d35395eb5a2ac7

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 19:43:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 12:20:23 GMT
server
nginx/1.18.0
age
728968
etag
W/"4c566815b2bff0d3419cdc76ff973e89"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
2753
x-amz-cf-id
8yuz3BmSfRF92YZU4DDRgHN5wDB9B_aiKI6NlMZTI6L4C7R8S4BxWw==
100x100
img.blogmura.com/profiles/11017590/819361/crop/
11 KB
11 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11017590/819361/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
dfde703fa1f9fa4b4ea1ea9bee6572465299ea8e37582de4fcd6a5b757d1a420

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 19:43:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 25 Nov 2019 06:13:18 GMT
server
nginx/1.18.0
age
728968
etag
W/"0693fc041f563d9a8bb77449e498affa"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
11275
x-amz-cf-id
_49KL1hRuMH2PAeVOzaAlvggXjExzJNEVdi1VqmSGWywjJgPj4guWg==
100x100
img.blogmura.com/profiles/11074304/863691/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11074304/863691/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
caccfbc2c7a1f215fbb7ffb29356e81877587b719153a79fe1b5421546768d37

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 08:18:38 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 08:05:26 GMT
server
nginx/1.18.0
age
165263
etag
W/"7f09d7ad1dccab008ee7e85c78f1a57c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3018
x-amz-cf-id
H8MLiuBswgq4xfDHv3tMnZBOVwtBQa5jz2bvDtsrUaBq64O5XIclkQ==
100x100
img.blogmura.com/profiles/10801527/895606/crop/
20 KB
20 KB
Image
General
Full URL
https://img.blogmura.com/profiles/10801527/895606/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
5173624ff4a5a5de98c9ea0e5abadbd9a8f88c2f59da5fac902f1f76f9ec0d2c

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 10:47:59 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sat, 19 Jun 2021 11:57:33 GMT
server
nginx/1.18.0
age
5599502
etag
W/"41ba96c3e0134d10e2180cf233b8600c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
20269
x-amz-cf-id
y3R8qxbIeIFVbubXtLop_UJJSiRPeUjvIRmTtb35oAMFRDr3fpUxCA==
100x100
img.blogmura.com/profiles/10648115/547914/crop/
5 KB
5 KB
Image
General
Full URL
https://img.blogmura.com/profiles/10648115/547914/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
46d7a5ac4e099b15e3517a54c0422d2582c262fe3280fb828f4275c254768e7c

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 08:18:38 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 08:05:51 GMT
server
nginx/1.18.0
age
165264
etag
W/"082f80656c1c311d556578c1f91806bb"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
4991
x-amz-cf-id
_DmfliG3G6-We6nWtc1V1OCrFabXpwhc7uMH2b0dvCkGjaAFQ0bx9g==
100x100
img.blogmura.com/profiles/11005170/881562/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11005170/881562/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
35df8414818d0e01ceab6a282582d41ea7afd0954e16b24cf588d3b4bd53a5ee

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:08:30 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 17:50:50 GMT
server
nginx/1.18.0
age
554672
etag
W/"68139e783c34ecdaf365cf531f27698f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
2996
x-amz-cf-id
Es4jK7GK8uo_LkwslQiyc_5uF7NJiaWAG1WkqdEocOmynNgL3B9PzQ==
100x100
img.blogmura.com/profiles/11054567/873984/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11054567/873984/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
e6aaf805d942251ccbd07a048e6a22501527c0b4393cc033f4598c89b2ae6b8c

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 13:49:41 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Wed, 16 Dec 2020 03:46:32 GMT
server
nginx/1.18.0
age
6279801
etag
W/"f5387046d2c11865eb95fe2f6b8f5c56"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3272
x-amz-cf-id
IcThntAxHffq9rD_Ki3Vp1hNqpcEfd9zLC7chUZzXirSTFvh6jizFQ==
no-image-33bfeb78dffd04a06b7428ecd1949c35.png
static.blogmura.com/image/
3 KB
3 KB
Image
General
Full URL
https://static.blogmura.com/image/no-image-33bfeb78dffd04a06b7428ecd1949c35.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
c8f731cca0be608a29a7a7c03403a5964e364074c5e78ac3bbc50d335d061d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:54:14 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2107127
x-cache
Hit from cloudfront
content-length
2807
x-xss-protection
1; mode=block
last-modified
Fri, 30 Jul 2021 00:51:42 GMT
x-frame-options
DENY
etag
"33bfeb78dffd04a06b7428ecd1949c35"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
uHFd_L0G5_jxQu7qfXvWHXdWfcEn5kxI7QTNy0pSJDsllWLa-qUlWw==
100x100
img.blogmura.com/sites/1022998/post-images/34614543/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1022998/post-images/34614543/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a5fe1801c68ee2c0d3a19348170f1c13f23c6ca96861532b65b86ff857a8eebe

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 08:46:24 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 23 Aug 2021 08:00:01 GMT
server
nginx/1.18.0
age
77198
etag
W/"6864a30fb83238a5cbecebeb98b89b10"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3093
x-amz-cf-id
IkTMZn_6xVQEVGH4gQe3Ymwwfh6PV_FMaX7ow16Tflt_WeiVaiM16A==
expires
Tue, 23 Aug 2022 08:00:00 GMT
100x100
img.blogmura.com/sites/1022998/post-images/34586304/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1022998/post-images/34586304/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
f7dfbd803f77cc0ec8ec129fe9feb76fb34f9c102b56182db776236b7cbde25f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 10:08:13 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sun, 22 Aug 2021 09:00:00 GMT
server
nginx/1.18.0
age
158689
etag
W/"e421e0b28f8e6e54441ef9b7e3e51e9a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
4185
x-amz-cf-id
8Lo93tJsFXnrQJ_Gw6gpaHgnFsdY2z96Nj6--kM0wglwXvZE6B8mtQ==
expires
Mon, 22 Aug 2022 08:59:59 GMT
100x100
img.blogmura.com/sites/1039441/post-images/18961193/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1039441/post-images/18961193/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
b3843b6ac1b091a7a4c3285ccfc8e03e51b5b5d5026cd584ad6d2925d65e524f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 08:10:42 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"2e7cf991a20006eb84e7753fe5b6d595"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3936
x-amz-cf-id
ruU7djo1XqmsF0mzRcHPmMoYH1fQqWamHS7FrkKIt7KKCuGDsOvGMQ==
expires
Wed, 19 May 2021 08:10:41 GMT
100x100
img.blogmura.com/sites/1165194/post-images/34609849/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1165194/post-images/34609849/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
57b584c77a4e5abde0ac20cab7392246c160db5dc222c366dfa0e27360282549

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 23 Aug 2021 03:55:02 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"eab1d7034dad732b8a1353b0da77998a"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3302
x-amz-cf-id
Lq52k5zyAO7RQMM3lZ4ziVVwWOAsGZTU-WOaZqsPh7KVtTwoV8hnGQ==
expires
Tue, 23 Aug 2022 03:55:01 GMT
100x100
img.blogmura.com/sites/801130/post-images/34618704/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/801130/post-images/34618704/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
812c23adc1fe7a9fb2b39d20fa13455e4503fb2eaab7f6bf5e547c9f09c47657

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 11:45:31 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 23 Aug 2021 11:01:30 GMT
server
nginx/1.18.0
age
66450
etag
W/"4e14fcef5a564bcd48c3f747aa2612f5"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3662
x-amz-cf-id
y1XpK3RodsEK2gypOEb5C0v-bJml7OEQogXdqPjRZnynjMfsWqJgKA==
expires
Tue, 23 Aug 2022 11:01:29 GMT
100x100
img.blogmura.com/sites/1022998/post-images/34557278/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1022998/post-images/34557278/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
b598db90a9bb5f73cbb6d9514e9aff7e8f111c7257191d18aa3136cbe960b3b5

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 08:39:26 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sat, 21 Aug 2021 09:39:52 GMT
server
nginx/1.18.0
age
164016
etag
W/"338fd0184373b4cb23e6cd2ba1169380"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
2712
x-amz-cf-id
9HpG-YEpwBZyXKYj1RjLhzm9Rk0bXGYdsgsKd-bKq1q_N1ekTMoSrQ==
expires
Sun, 21 Aug 2022 09:39:51 GMT
100x100
img.blogmura.com/sites/924944/post-images/34548574/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/924944/post-images/34548574/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
ad0b554e02a61f72151a554c09ec78d2749346927319c398c282f431780c8644

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sat, 21 Aug 2021 03:42:06 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"8b8dcbfbc8c2b6ec3d9053e15ba18374"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3076
x-amz-cf-id
gfCx_piVD__wukTE-X85pLxlaJ84Ra3NjZrNgUmCfbmMDxQ7EJg6OQ==
expires
Sun, 21 Aug 2022 03:42:05 GMT
100x100
img.blogmura.com/sites/1102805/post-images/34599317/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1102805/post-images/34599317/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9769fc9c5ba803f077bc2fb559cfd8be959ebdf16b8ff8e6537ead3991f28c1c

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sun, 22 Aug 2021 20:05:45 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"e7a85812cd654b683f248252c92d5b41"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2796
x-amz-cf-id
PlHqvmFPCAJmpJXUrdofqH0wo-22R68E-rju8qSAAjetNE47fxDA7Q==
expires
Mon, 22 Aug 2022 20:05:44 GMT
100x100
img.blogmura.com/themes/16935/7596/crop/
2 KB
2 KB
Image
General
Full URL
https://img.blogmura.com/themes/16935/7596/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
78982fc025e00915ca1925ba1a3bf852c26156a7b80ad9a22741a09e22749619

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:10 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"0ba25de5a9403c74eff87c230f173a55"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
1871
x-amz-cf-id
EiKpQwkWiywbfsBrpqZiK-hvPmFGlaYDzLfpHDI6GaQ9WRxOhcWK8g==
100x100
img.blogmura.com/themes/17518/7881/crop/
5 KB
6 KB
Image
General
Full URL
https://img.blogmura.com/themes/17518/7881/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
75e37b95aa5d29e70ed0702209511c6b5bfcab4a79b59da784a1933893e91226

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:12 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"b6f7c4792c6f8000552bd7763578f830"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
5536
x-amz-cf-id
eq-HKhWsRB98YYP8dtOcFnq3DNBBNoo93Z3QQYSgt9hyApY07tZ1WA==
100x100
img.blogmura.com/themes/17622/7940/crop/
459 B
828 B
Image
General
Full URL
https://img.blogmura.com/themes/17622/7940/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
138a7d3f7c9fc540ac00e93d5dc7cf1baf120213b831b774ed7afa8939510286

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:12 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"63e7a8c83f349c806eff45137305cffb"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
459
x-amz-cf-id
AgRID-JLknJ1RPAErwVMyRA-KlehGfJrqkfQ-NlZLCiD6SOWm-EEDA==
100x100
img.blogmura.com/themes/17666/7957/crop/
4 KB
5 KB
Image
General
Full URL
https://img.blogmura.com/themes/17666/7957/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
1e2642ff4e9ae93b2e656c28ffb15e29ae60c4f225e1b1f8136789443ba1befd

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:12 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"e1ecfd6abea05952c34c8e3675cef900"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
4539
x-amz-cf-id
pGy5fp-K_DMGk9PHdyEkTCTykTOyZFEVLbScPFu_gaMjIuS5G1A8qA==
100x100
img.blogmura.com/sites/1156310/post-images/34642176/crop/
14 KB
14 KB
Image
General
Full URL
https://img.blogmura.com/sites/1156310/post-images/34642176/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
0166f8adacda7f8883e5aa4a4e95155ae29580de8ce1c986962591c163312c69

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:07:45 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"1ad51b716d4cba5a431bf5ad7790e941"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
14049
x-amz-cf-id
GNtTOMm_RptVPbS54YeJG7CrBW1qZrIicLbyjSgw2KR0vGvk_Hsiww==
expires
Wed, 24 Aug 2022 06:07:44 GMT
100x100
img.blogmura.com/sites/1128278/post-images/34642071/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1128278/post-images/34642071/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
79090ecea960f459486d716ddb482c9514b82a573f7071f9da892a4cfc9452b1

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:03:37 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"096293a93c75f5d8c11cb5e6cd9b9939"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2835
x-amz-cf-id
CBY7y011EfdLHWreLVTVoTQGWZRxGVsEKFUFI3maCALZssuxx2yYQQ==
expires
Wed, 24 Aug 2022 06:03:36 GMT
100x100
img.blogmura.com/sites/1105244/post-images/34641985/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1105244/post-images/34641985/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
7149cccedd7d00679a787c685d0b3ad7b7c853629168b337f2ffb3e89f1173ad

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:00:42 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"2ce4b220841eb3862b55e9d5ae924a6c"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3219
x-amz-cf-id
FZulxim8C6iI0XHTUgqrS81DlZufqFHvqa0yUn-z3-FhnnRVnO4DNg==
expires
Wed, 24 Aug 2022 06:00:41 GMT
100x100
img.blogmura.com/sites/20651/post-images/34641860/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/34641860/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a3f9a77acbc3769fd298e1e0ca768a980215a1d68862bbda70b0bae6ea3bf1db

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 05:53:35 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"134696f02b030cf09960738756f24a5c"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2616
x-amz-cf-id
KuOjhJP6hz3nTqcN5XAGk0-lukc8A0HD9Pf96W2bjghatzj5CSz1zQ==
expires
Wed, 24 Aug 2022 05:53:34 GMT
100x100
img.blogmura.com/themes/29144/13412/crop/
2 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/themes/29144/13412/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
01e7515d2f13cb1833bff4f39aecad134db16f34d6cdba32c3d4fa67dcf86c55

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:36 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"6d923ceb4d6787154f7704fb6067990c"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2342
x-amz-cf-id
LNXAZ9iwYPEsIIpZHSvsA12P53y-VClZFCyTE5LHE5cBctMHULAp4Q==
100x100
img.blogmura.com/themes/29225/13450/crop/
5 KB
5 KB
Image
General
Full URL
https://img.blogmura.com/themes/29225/13450/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d7848cb0d9157e83802caf2aa7b64b4899683d43ddacd8555530b4de10da0ea6

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 11:56:16 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:36 GMT
server
nginx/1.18.0
age
843406
etag
W/"1b0bb36d2bd380e50ddd31eea836c8fb"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
5087
x-amz-cf-id
HCGPGMWnFDtsn0xL7z2UuVTR_I17YKlwRTlPBT8RQrptrPRTphpVPw==
100x100
img.blogmura.com/themes/29562/13629/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/themes/29562/13629/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d4c001a47273b4cb2407b6d5d1cb843bc47d1b901e72415372647b7c43869796

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:37 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"db278146300fce6356eba69a7dbd5863"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
3384
x-amz-cf-id
WzaVjnaADkieFVdrDeu3efiRYbYeo9xQrtqVNIMCEXxhwAcJ3rqheg==
100x100
img.blogmura.com/themes/29794/13726/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/themes/29794/13726/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
45495ed9eace853e0defc98d7434f8c5db52b4f706fda4c3c747be39c9fa0129

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:38 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"55648ff2fc533c40fe87f600adef77b9"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
3706
x-amz-cf-id
5neh53h_NSV4VwYdgCddK8JWy6HCURYxucuAWK_TT7ESxj1-8uvBVQ==
100x100
img.blogmura.com/themes/29837/13746/crop/
49 B
415 B
Image
General
Full URL
https://img.blogmura.com/themes/29837/13746/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:40:38 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"41c9bc7f3f78ed71115cc062c1c67b09"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
49
x-amz-cf-id
-Kd9Zbhxl8LRVpQnRPf1XmU5IvRfogdLnkbzA3EMDamZVnA6H_m8Ow==
100x100
img.blogmura.com/sites/267101/post-images/34640660/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/267101/post-images/34640660/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
90ffe4fbab8e918812cccac35415a3f029a4fd124dacb7269c7a65308cd0a830

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 04:46:33 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"59f66855acbc10eac361255bf1ead757"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
4157
x-amz-cf-id
JIns6q2ROWe9NQRES_xtUGOehg8XbXJYeHOMoPlIXVTo1WaLChjOpw==
expires
Wed, 24 Aug 2022 04:46:32 GMT
100x100
img.blogmura.com/sites/20651/post-images/34640605/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/34640605/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
4ea60a5e1fbcbdf0e28cd72115e11a847deaf557afeb5b5ccae028b3505e345f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 04:43:31 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"94465478c7243e8e1fcc9ae2c4167cc1"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3266
x-amz-cf-id
iiZ11w8IQeaMXWkGBKaWSMzMDVQE9--ESCdwf-5ERzkTN-a5bcnUhQ==
expires
Wed, 24 Aug 2022 04:43:30 GMT
100x100
img.blogmura.com/sites/1167514/post-images/34640235/crop/
15 KB
15 KB
Image
General
Full URL
https://img.blogmura.com/sites/1167514/post-images/34640235/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
7b0beb6bb89c0f76851e7ae3dd393029882578245abb3982968a930007bd2ffc

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 04:22:37 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"b5a41690795ebdb27f5f7b698416eeea"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
15350
x-amz-cf-id
CbATWcI3qKN1UsSzKZ9jBCpnENU-WAsS1-mIHVC-tfcgCaAh2iG6ig==
expires
Wed, 24 Aug 2022 04:22:36 GMT
100x100
img.blogmura.com/sites/267101/post-images/34639687/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/267101/post-images/34639687/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
c4f481b8f2dbbc92710e5187fe0103f87c8cdd0a3b8d9696d28637c3529c5787

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:53:28 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"c5d3d03b1409465a7b13642363c76749"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3941
x-amz-cf-id
fXKkYMWiH5NBumRda7Y7wGSBnE2IMIsm3DHtAW1kDWSFf32_ECBtDA==
expires
Wed, 24 Aug 2022 03:53:27 GMT
100x100
img.blogmura.com/sites/1085573/post-images/34639188/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1085573/post-images/34639188/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
677da06c40373d8da0c6465411591c9ecc9fef4291240e694b3e61136a56a052

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:07:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:27:20 GMT
server
nginx/1.18.0
age
7560
etag
W/"041eedf71af4febe7070a7380a37b7d0"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
2836
x-amz-cf-id
K1tofccimvdDdsgVFzlUbtIGz8Qf2WsGK9wCSmYWdY4u6hBIA8bb2A==
expires
Wed, 24 Aug 2022 03:27:19 GMT
100x100
img.blogmura.com/sites/20651/post-images/34639338/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/34639338/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
dd25934901ff38edea4f64e1e88adbd0e092430cf0e7fe1a03209c1d2520406a

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:41:53 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:33:43 GMT
server
nginx/1.18.0
age
9068
etag
W/"8024c12616d404c407c14a5852290f0a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
2885
x-amz-cf-id
YatL1ZD9ZYeDVHkqvZ9WqKTfE3ip8R--b331BCOPIF88dBLLEy2jPw==
expires
Wed, 24 Aug 2022 03:33:42 GMT
100x100
img.blogmura.com/sites/259057/post-images/34638923/crop/
17 KB
17 KB
Image
General
Full URL
https://img.blogmura.com/sites/259057/post-images/34638923/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
f3cc4a6b6640cd56af68fd39d7bc183457675d6ff1fa90491893518de4d1db94

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:13:48 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"a8f9f2ed47b6cf3bd7a56068ad6814f5"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
17100
x-amz-cf-id
w5PMcTTE1Z2lSsYCMK90eGIacNJpurCmCCjWdOvTEM1NwFIlAvkNWg==
expires
Wed, 24 Aug 2022 03:13:47 GMT
100x100
img.blogmura.com/sites/1124750/post-images/34638539/crop/
9 KB
9 KB
Image
General
Full URL
https://img.blogmura.com/sites/1124750/post-images/34638539/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
75a44749ecd1616be08f007efa93b8ba557b92706203e9b47751c5489063c877

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:30:17 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:01:51 GMT
server
nginx/1.18.0
age
6165
etag
W/"5a78d289d4714a0e59dd96f31919bc5f"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
9217
x-amz-cf-id
MfmSUOs3pDzwyWBGOWN5g1I5qwhScWn_uibumQrMua-4FYGv8NMGuw==
expires
Wed, 24 Aug 2022 03:01:50 GMT
100x100
img.blogmura.com/sites/1058760/post-images/34642028/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1058760/post-images/34642028/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
953fe25490f3558f4bcc945163a4972e12174a961adaafa90943f1d00b72f8b5

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:02:00 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"45c0de633bacb2e99e2d6a86dfbb2230"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3397
x-amz-cf-id
5Eq2QvvB8CUrfO0hZZuhk8VbdeHDue3WfHTNhhh3FcoPiaLwwEJwfw==
expires
Wed, 24 Aug 2022 06:01:59 GMT
100x100
img.blogmura.com/sites/1130855/post-images/34636582/crop/
5 KB
5 KB
Image
General
Full URL
https://img.blogmura.com/sites/1130855/post-images/34636582/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
586b88ece0d08b48aaa64dbf5d6d63664032c52384f90a730692dcb533215b4a

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 02:01:15 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 01:55:01 GMT
server
nginx/1.18.0
age
15107
etag
W/"73bc287dc6298e140c5ff1d7bbf6590a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
5244
x-amz-cf-id
RyIl_GCr9ut8QOUXLvBam5JQtslOscGfoJgxsSsGCrhKaxCtZAgUmw==
expires
Wed, 24 Aug 2022 01:55:00 GMT
100x100
img.blogmura.com/sites/1129082/post-images/32033255/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1129082/post-images/32033255/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
06cfec9fb52dc6d0c17a014b960b8d4003d4f4fb9d836f85fc822a9fecaa678b

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:57:40 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 18:07:02 GMT
server
nginx/1.18.0
age
4522
etag
W/"c6093f9b0fc1731f1c41289ea8409df9"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3751
x-amz-cf-id
afGbZg8czq4k9FUPfRboIVn0cVV_DPIU7aYCxvABKbd5Uu6Tl5Mq_Q==
expires
Tue, 31 May 2022 18:07:01 GMT
100x100
img.blogmura.com/sites/1067766/post-images/34635272/crop/
20 KB
20 KB
Image
General
Full URL
https://img.blogmura.com/sites/1067766/post-images/34635272/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
ed3938f6257cf08a2fd81c670fa1391da03e2f838307e85472c4db0ea39e938e

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 01:00:06 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"7688cd90d5ca3aaf7107d7b0914d73d4"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
20127
x-amz-cf-id
YDUSS-oYFIerYTU_ZdbqtwvGKlSfhoOE9XNlvJAByAz0v6EaTc-2mw==
expires
Wed, 24 Aug 2022 01:00:05 GMT
100x100
img.blogmura.com/sites/1027135/post-images/34635200/crop/
17 KB
17 KB
Image
General
Full URL
https://img.blogmura.com/sites/1027135/post-images/34635200/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
52d4e250eb8c3e8b5808c8b09de2145be83c40ab204ffc83f268d13a81a4d1c6

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 00:56:40 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"10753a02c533c578e0f46b3d521daaea"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
17327
x-amz-cf-id
IeYTaXTqO63ql-m9RCES5jHuOktrqEaZ4imhtJZz_ESWl8uuLnpnpA==
expires
Wed, 24 Aug 2022 00:56:39 GMT
100x100
img.blogmura.com/profiles/10983921/778785/crop/
2 KB
2 KB
Image
General
Full URL
https://img.blogmura.com/profiles/10983921/778785/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
f3eda39a3c1662cfbebdfec25953c84a6181fd237617006a40943babb38f9156

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 14:02:49 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:31:10 GMT
server
nginx/1.18.0
age
576613
etag
W/"a75fdc1d0f51f96152b857ed1c192023"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
1582
x-amz-cf-id
pkDoyqRVI9IBRq-aI_8RmF2Y6QVlBvhJs79j_t9-HRl2NZJ1XEOtzA==
100x100
img.blogmura.com/profiles/10997808/791229/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/profiles/10997808/791229/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
1a6d72f7035f8f346400860ed45ac7b554b7e187ed67f4e948c82c987d25eb7c

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 17 May 2019 05:50:45 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"c8653152c98bbe386f283d6735a7913c"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2872
x-amz-cf-id
wiHRr91AWjrYvMLyHDqPvw9Wi2qoJGmZGTRVZEchXBx45Bf2gjOQVQ==
100x100
img.blogmura.com/profiles/10987363/888557/crop/
18 KB
19 KB
Image
General
Full URL
https://img.blogmura.com/profiles/10987363/888557/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a4d673f51d4d0e5a4063218f19c08053b3f696c73a1ca469ca744d71081246b7

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 04:58:05 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"c251ea9a733b2fea3c13dcd589995a1d"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
18722
x-amz-cf-id
CNBvsrH-_y7lFO20W-IwafaxWtKMmDRblRrkTLU7_dIapl1iZJ1gPQ==
100x100
img.blogmura.com/profiles/11014631/806952/crop/
13 KB
13 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11014631/806952/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
b0bee5a5c0e16ec6378c67056ab6f853dcd28b375d9deb568e5f6a97e0077901

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Thu, 29 Aug 2019 07:42:22 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"006ed0ab7f4079ef56a0869a4b352ba9"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
12876
x-amz-cf-id
CHDIQ31i_yD1YqMPfZrBOtNbYMDH-6SJOQ2DQoCsC7x6Q5HDhPbihQ==
100x100
img.blogmura.com/profiles/11101566/900945/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11101566/900945/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
e5f031d52b4966c76e6adbc2ddbcb692c60dd867b9834819ec5c292aeacce1ca

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 00:26:28 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 16 Aug 2021 15:43:13 GMT
server
nginx/1.18.0
age
279994
etag
W/"55f170f30d07dfe807fb39516041591e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3275
x-amz-cf-id
IJijxuiTSZJYVkDlJ8AEFA2A_IDjkaTlD943-Fjb8e-Fp98XlBlDYw==
100x100
img.blogmura.com/profiles/10964292/757262/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/profiles/10964292/757262/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
13ac11a5c871a2774665134d73d46710eac54d405782e5ff3d2a46849fa98b5d

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 09:30:15 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"819b14e18e2500c3dcc141d29f2e8092"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2780
x-amz-cf-id
hjWbohHZHFCFruZH1B61EtOp_2aDoDw8QuDSF90DbLxQ4rr1wxHiZA==
100x100
img.blogmura.com/profiles/11007052/802256/crop/
4 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11007052/802256/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d82d296e1ee62b0037aeeba7b9fc67fcc2ddf60ba21ed7393297b641859c1827

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 18:51:12 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Sun, 28 Jul 2019 03:21:45 GMT
server
nginx/1.18.0
age
2719310
etag
W/"9022eaaa02e2742d64d9a1fd3fe0af1c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
3911
x-amz-cf-id
J-CMzKkyvnM-G1x3H18KQ9fJtMbNNFuUFkwd4xWm4rbJ2FY9RlL8Jg==
100x100
img.blogmura.com/profiles/11056010/846864/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11056010/846864/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
8c021fb8f90a4183ba8054d24c4eb93a5d2870af953435e15c90c867f9d05434

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Wed, 20 May 2020 02:27:28 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"1b02d8b21cf412310abd798b31fa7c2c"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2755
x-amz-cf-id
-6Pxz3Olers3bWDweuiy4gKC9a7ku8low0KZGQZTxRzV1hdOE-iIzw==
100x100
img.blogmura.com/profiles/11076972/866176/crop/
26 KB
26 KB
Image
General
Full URL
https://img.blogmura.com/profiles/11076972/866176/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
cc9d08db31a39dc3afc488ad2c71fe70205428649ed248d1f1f35c2d7cb4e967

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 05 Oct 2020 01:28:17 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"8c2a03257e44c4c050ec565c5dc3b127"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
26551
x-amz-cf-id
UX7TisvND5gwDAumKjPbxmXGoqJ0CGbGYJNPTYqgcalNc5fte_7ZwQ==
no-image.png
internet.blogmura.com/image/
3 KB
3 KB
Image
General
Full URL
https://internet.blogmura.com/image/no-image.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c8f731cca0be608a29a7a7c03403a5964e364074c5e78ac3bbc50d335d061d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/image/no-image.png
pragma
no-cache
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
x-frame-options
DENY
content-type
image/png
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
2807
x-xss-protection
1; mode=block
100x100
img.blogmura.com/sites/20651/post-images/22665362/crop/
2 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/22665362/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
09e6991b315fab6b428107d3544b47fdb8a6ecfb013f7a64aec9c1cac2635f5b

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 05:53:57 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"05b10623c3edfb6627048fbe32ec67f3"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2468
x-amz-cf-id
07WFQscGaayX2XF9ls1sYD9q0Qzqj6aAKOwxahfqm39xVYgfgOS48Q==
expires
Tue, 24 Aug 2021 05:53:56 GMT
100x100
img.blogmura.com/sites/1092616/post-images/22664806/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1092616/post-images/22664806/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
cd6c8c01db98e9c2e47fdc04a5b4bd88022df1d5dc173b94b62bdd9fa54421d2

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 05:33:34 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"47bf9a603c488334f8b873629fb5deaf"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2679
x-amz-cf-id
fRcAZpnYNT7Fm95ges4ZLpsfnYJIZAMP7uWlUigghzRs1lxbby3D0w==
expires
Tue, 24 Aug 2021 05:33:33 GMT
100x100
img.blogmura.com/sites/1093930/post-images/22664729/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1093930/post-images/22664729/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
327409c444071af46fdbea0c2a11eda561ec50bf77df589eaab00f25f17e21ca

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 05:31:23 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"dfd8072fa8ada2f4e37aa78e67c993d0"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2735
x-amz-cf-id
_3Ga7EfTbBRxwfe0q-yYPRB1GKBdLETOxeKk3lrn1z4zsRB-NGndww==
expires
Tue, 24 Aug 2021 05:31:22 GMT
100x100
img.blogmura.com/sites/706338/post-images/22664250/crop/
4 KB
5 KB
Image
General
Full URL
https://img.blogmura.com/sites/706338/post-images/22664250/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a4600c4adb158403002c1471fe10b78e6ee701ec1a7f7b3afb47b2bbc151ee34

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 05:11:14 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"9db61437124a9399e9270fe1cfb61bc5"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
4261
x-amz-cf-id
YbA1H-UWoiC0zzTv6S5PGqcsrGOF_hUN81DTRGHy7V04WcwK-v4aHg==
expires
Tue, 24 Aug 2021 05:11:13 GMT
100x100
img.blogmura.com/sites/1085573/post-images/22663995/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1085573/post-images/22663995/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
6819d35c0e3896303f00ae6b7e29699f8a4a0267b8b9cf438f8c2165303d242b

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 05:01:30 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"ee0563cb4f1f0289dc485bc903e6489e"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2576
x-amz-cf-id
KiUaI1dziU_s2_jmiofUptmTEjRLws56p3OWSfTvbMKaboO92gDhHg==
expires
Tue, 24 Aug 2021 05:01:29 GMT
100x100
img.blogmura.com/sites/1116629/post-images/22673732/crop/
11 KB
12 KB
Image
General
Full URL
https://img.blogmura.com/sites/1116629/post-images/22673732/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
7d8135fed2b3a17889ddd869ecaf5739a0fa3ff7a7637d5a57c0994bbe674208

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:29:59 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"e0232799023d5e3ba477d39ea7f2b86b"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
11542
x-amz-cf-id
tSROAuG8I6J3U0t5T1YWUYCgG0pZYFgMLSljRP6gTtcFT952sSE1pQ==
expires
Tue, 24 Aug 2021 10:29:58 GMT
100x100
img.blogmura.com/sites/1060313/post-images/15768459/crop/
6 KB
6 KB
Image
General
Full URL
https://img.blogmura.com/sites/1060313/post-images/15768459/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
dbbdae4930a69c75342bd8297118a95f89236bc44da5800cc652589459465a4f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 18 Feb 2020 07:54:52 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"434494eb413f4dcc9c9fdd889a696dc7"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
5803
x-amz-cf-id
9vROKgWFLoO0NhiaupdsbPE-D2uVvKEUxMQGujZDsKycltu34AuioQ==
expires
Thu, 18 Feb 2021 07:54:51 GMT
100x100
img.blogmura.com/sites/1027135/post-images/22663822/crop/
19 KB
19 KB
Image
General
Full URL
https://img.blogmura.com/sites/1027135/post-images/22663822/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
aef67e697770b42d3474e547a2752c34fd147839076613156a348459a5663a1e

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:54:29 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"ca0f5b3c8792dc7022720a61ef3ac7c2"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
19211
x-amz-cf-id
vChzNjxp3kwcxtD_vcCBQkE_Rezhh7sW-C19LjWafx4LYdDvGKPZjg==
expires
Tue, 24 Aug 2021 04:54:28 GMT
100x100
img.blogmura.com/sites/20651/post-images/22663527/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/22663527/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
13e2959a4628b5abc04a12287d6c09056fa5304d60ce6681ccb724ea75817241

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:43:59 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"986920de1bf26b9325b280b38f2196d0"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3440
x-amz-cf-id
bfR2rjiYjdcrQulZ1r9EUBDFJ41_6KTsEE0YdzuW4mF8KzUsYp6nQw==
expires
Tue, 24 Aug 2021 04:43:58 GMT
100x100
img.blogmura.com/sites/1093930/post-images/22663249/crop/
2 KB
2 KB
Image
General
Full URL
https://img.blogmura.com/sites/1093930/post-images/22663249/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
77f7b5de1b44edd27e1fa862c35fb372fb2f71fd9b210339dddb242e72e870ca

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:31:17 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"686f3cede67787a1ff93a8304fa4cca3"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
2163
x-amz-cf-id
3TaHjOeYRh2yPjyFN9AoMYjCOXOcoAG2NIZlAQKLE1rtrQtY_YjdZQ==
expires
Tue, 24 Aug 2021 04:31:16 GMT
100x100
img.blogmura.com/sites/1095320/post-images/22683557/crop/
12 KB
12 KB
Image
General
Full URL
https://img.blogmura.com/sites/1095320/post-images/22683557/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
75d78fb7beed4053de558352d6528bbb14538861230778d79577ce32f2f56ebd

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:55:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 15:20:21 GMT
server
nginx/1.18.0
age
4649
etag
W/"f760df5a7d8568662739a17820bb5803"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
12130
x-amz-cf-id
iszihxDxLaXsbI9uwllSzx2zCAP8Lv8yEw4cBpV0ZBg5LE3VMG124A==
expires
Tue, 24 Aug 2021 15:20:20 GMT
100x100
img.blogmura.com/sites/1012694/post-images/22665938/crop/
3 KB
4 KB
Image
General
Full URL
https://img.blogmura.com/sites/1012694/post-images/22665938/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d5ca44cb0112b8f88e5141ed5927e186a0ccdaefe2482df4e944e7bedca3c152

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 06:14:37 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"9c8775d55a778496a7a9792785ef8dfb"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3503
x-amz-cf-id
PpDJGWvNqU6h6l68Qrt7cWLqJbHMr2UBt3aNQC7hFzOd9WIUk7ZXGA==
expires
Tue, 24 Aug 2021 06:14:36 GMT
100x100
img.blogmura.com/sites/1116629/post-images/22673731/crop/
15 KB
15 KB
Image
General
Full URL
https://img.blogmura.com/sites/1116629/post-images/22673731/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
e273a1375eff87e837cc9ddd3f6cd718c25d54532c2195dfada551dc1b653bfa

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:29:58 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"64e74fe08962d3328664156055029bf6"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
15122
x-amz-cf-id
yZ1Qmyzoz_EIyMYkE5F55BAPFAvll5gr3s-ceKFVZmHpw2xM5YMaOA==
expires
Tue, 24 Aug 2021 10:29:57 GMT
100x100
img.blogmura.com/sites/1121883/post-images/22662056/crop/
9 KB
9 KB
Image
General
Full URL
https://img.blogmura.com/sites/1121883/post-images/22662056/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
5178c04c440fb357e04e1c6e632bd3f44a56ee8076b4cb8d53f1e26eac8c3e4f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 03:44:31 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"ca4027f0b74b111690818186c2a4e894"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
9133
x-amz-cf-id
Jx749CWDsv7JpFDGz5LZ9NKQYjCMi2l2pAKfN7GY9MAelUBxPuOrRg==
expires
Tue, 24 Aug 2021 03:44:30 GMT
100x100
img.blogmura.com/sites/1085573/post-images/22661891/crop/
3 KB
3 KB
Image
General
Full URL
https://img.blogmura.com/sites/1085573/post-images/22661891/crop/100x100
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
2831a00d605c6d6e29c67f2b454bf3e3b3564eca0842adf0030d59cb19f8c75b

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 03:37:24 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"56ac11111cf6b13a358f118b91808b40"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
3102
x-amz-cf-id
YxD8RjEprcMNCHoeDwXn5I3t1moaa4pFWlcGYUh6DlqXiBC2piGPOw==
expires
Tue, 24 Aug 2021 03:37:23 GMT
banner-reader-cf2e43b37f839a4f0f32f9e3484459f9.png
static.blogmura.com/image/normal/
20 KB
21 KB
Image
General
Full URL
https://static.blogmura.com/image/normal/banner-reader-cf2e43b37f839a4f0f32f9e3484459f9.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
54aa72ad7c03b8d65fa94ec48ef9bf8e7550ece2764cdf195a35db427310c3e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 21:09:42 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2624599
x-cache
Hit from cloudfront
content-length
20552
x-xss-protection
1; mode=block
last-modified
Fri, 23 Jul 2021 00:51:48 GMT
x-frame-options
DENY
etag
"cf2e43b37f839a4f0f32f9e3484459f9"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
T2K3gEnErmBekEanyP-cKX-M2_swjTHpLuPDGrUsuYd9qxYEP4OxOA==
rakuten_widget.js
xml.affiliate.rakuten.co.jp/widget/js/
21 KB
5 KB
Script
General
Full URL
https://xml.affiliate.rakuten.co.jp/widget/js/rakuten_widget.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.16.123 , Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
xml.affiliate.rakuten.co.jp
Software
Apache /
Resource Hash
ee6e89b7e5d992960f9c23b66d139da87d0f308f2582cdf38e54dcf602ad9d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 29 Jun 2021 03:34:02 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
4291
X-XSS-Protection
1; mode=block
logo-blogmura-mono-071447af048315a5affef131b37a4cde.svg
static.blogmura.com/image/
7 KB
8 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-blogmura-mono-071447af048315a5affef131b37a4cde.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
7ea6ad29a5ab3933731717da8ee76c6ede9b0a7d8616f9e3cbb2c8ac9683a1e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 11 Jul 2021 04:52:07 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3806454
x-cache
Hit from cloudfront
content-length
7347
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jul 2021 00:51:35 GMT
x-frame-options
DENY
etag
"071447af048315a5affef131b37a4cde"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
VkJD8LyOkb7ngOgJsVekKEDuTUzpoaUIYjbmm6IRsJODMSsJcBZcaQ==
logo-twitter-2d8eb5e342327bf974b8d519780eb0b2.svg
static.blogmura.com/image/
1 KB
2 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-twitter-2d8eb5e342327bf974b8d519780eb0b2.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
6a0ba7e38b8cce4ac154aedef12a88945ca9dd6eb93b3c50413f9b403d7bbe30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 19:42:02 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
6777058
x-cache
Hit from cloudfront
content-length
1127
x-xss-protection
1; mode=block
last-modified
Fri, 04 Jun 2021 00:51:35 GMT
x-frame-options
DENY
etag
"2d8eb5e342327bf974b8d519780eb0b2"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
AmPrqhUAXYlj4O77kJ3ivFYJsJtzZEsWfplctcC9KtKu_AdQjvjnKg==
logo-facebook-27fe1afc25fac9e584b8cbbbd021e9e0.svg
static.blogmura.com/image/
685 B
1 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-facebook-27fe1afc25fac9e584b8cbbbd021e9e0.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
fd561ad9cccbb94cb9fa557fbafc08a99314ecb5642a9d0fbceafc270e7ff868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 19:42:02 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
6777059
x-cache
Hit from cloudfront
content-length
685
x-xss-protection
1; mode=block
last-modified
Fri, 04 Jun 2021 00:51:35 GMT
x-frame-options
DENY
etag
"27fe1afc25fac9e584b8cbbbd021e9e0"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
CQO-zUkrQ088TFMEdL32UsJkjN-NTEyPMlAgrCnM9J3ZhtfKMuoQvg==
logo-line-ed6c55e4ac7a34f90d1b63fbd493ac8e.png
static.blogmura.com/image/
4 KB
4 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-line-ed6c55e4ac7a34f90d1b63fbd493ac8e.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
69708962d5aa7331fa85da344e8567212f37bf18fc7828743365ccad1490c287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:39:27 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2612014
x-cache
Hit from cloudfront
content-length
3746
x-xss-protection
1; mode=block
last-modified
Fri, 23 Jul 2021 00:51:48 GMT
x-frame-options
DENY
etag
"ed6c55e4ac7a34f90d1b63fbd493ac8e"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
GFyAvC9dSg97qU8jBUfxaieXohyAxQpVep0Y3VsnpesFVqNAK9iAYg==
logo-murauchi-mono-3f468abadd422b7f00b4c092f4932ca8.svg
static.blogmura.com/image/
4 KB
4 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-murauchi-mono-3f468abadd422b7f00b4c092f4932ca8.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
301e700a1f674c884f96d255a44ff98b18ceaa8e467fe64054448d1858072119
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 08:26:09 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
17531212
x-cache
Hit from cloudfront
content-length
4001
x-xss-protection
1; mode=block
last-modified
Tue, 02 Feb 2021 04:05:00 GMT
x-frame-options
DENY
etag
"3f468abadd422b7f00b4c092f4932ca8"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
kptN5U7cy98Y4XtMVANoYJeLc9sjvL9Ut_31OeUjIWYs6eOBi8twiQ==
logo-inkrich-mono-f7e03ff5e35082df2d7e33bfb572fbad.svg
static.blogmura.com/image/
815 B
1 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-inkrich-mono-f7e03ff5e35082df2d7e33bfb572fbad.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
2d70789fd33cced1cab8fb52f0c118c346b4723ec1dbc117512c438ab707db52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 11 Jul 2021 03:36:30 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3810991
x-cache
Hit from cloudfront
content-length
815
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jul 2021 00:51:35 GMT
x-frame-options
DENY
etag
"f7e03ff5e35082df2d7e33bfb572fbad"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
1XQVtAsePGVRLfl1n-mvddAKVwsQaZxZp7Pu2_gAuhJc59c6zVx4ow==
logo-muragon-mono-99b1af77b3f3a3f43f1e6ec836cf0b50.svg
static.blogmura.com/image/
3 KB
3 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-muragon-mono-99b1af77b3f3a3f43f1e6ec836cf0b50.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
e4e907b43bfdac563caccc3f2cc312a5d10be8d53e9059d3670974275ec7b61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 00:20:45 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5464336
x-cache
Hit from cloudfront
content-length
2776
x-xss-protection
1; mode=block
last-modified
Mon, 21 Jun 2021 04:18:50 GMT
x-frame-options
DENY
etag
"99b1af77b3f3a3f43f1e6ec836cf0b50"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
UCXRMdkWmeQhf-9YfqGGx2ACmHQpbd8VdHMmuEwtuDkjCZxvpiUmgQ==
logo-spolete-mono-ab843e5996db98a347b087f8c3fad984.svg
static.blogmura.com/image/
6 KB
6 KB
Image
General
Full URL
https://static.blogmura.com/image/logo-spolete-mono-ab843e5996db98a347b087f8c3fad984.svg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
e94a45589a938438fbc55b2958c6c974bbffa81c8c4517d79808b575f6e953f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 00:39:23 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2525618
x-cache
Hit from cloudfront
content-length
5734
x-xss-protection
1; mode=block
last-modified
Sun, 25 Jul 2021 19:57:01 GMT
x-frame-options
DENY
etag
"ab843e5996db98a347b087f8c3fad984"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
lS_zcQjDg-giY4Ok8wl33uHhfz16tn93JCaOQA0H9oOnaTLP5dFEHw==
000000
link.blogmura.com/link/c/ Frame F445
2 B
95 B
Document
General
Full URL
https://link.blogmura.com/link/c/000000?ref=&agent=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/92.0.4515.159%20Safari/537.36&newinp=1&d=1629785581805&uri=https%3A//internet.blogmura.com/
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/js/common/point-b2151d6804dffdae9b272522a3f32167.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.143.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-143-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

:method
GET
:authority
link.blogmura.com
:scheme
https
:path
/link/c/000000?ref=&agent=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/92.0.4515.159%20Safari/537.36&newinp=1&d=1629785581805&uri=https%3A//internet.blogmura.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
content-type
text/html;charset=UTF-8
content-length
2
cache-control
no-store
MaterialIcons-Regular-570eb83859dc23dd0eec423a49e147fe.woff2
internet.blogmura.com/vendor/material-icons/
43 KB
44 KB
Font
General
Full URL
https://internet.blogmura.com/vendor/material-icons/MaterialIcons-Regular-570eb83859dc23dd0eec423a49e147fe.woff2
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/vendor/material-icons/material-icons-c5941eed2e20a509114128aab1e96edf.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.241.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://internet.blogmura.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
category_history=WzM0XQ==; buid=14072596-c3ad-4eb2-9040-4bd41783b763
:path
/vendor/material-icons/MaterialIcons-Regular-570eb83859dc23dd0eec423a49e147fe.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
internet.blogmura.com
referer
https://internet.blogmura.com/vendor/material-icons/material-icons-c5941eed2e20a509114128aab1e96edf.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://internet.blogmura.com
Referer
https://internet.blogmura.com/vendor/material-icons/material-icons-c5941eed2e20a509114128aab1e96edf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:50:35 GMT
etag
"570eb83859dc23dd0eec423a49e147fe"
x-frame-options
DENY
content-type
application/font-woff2
cache-control
max-age=31536000
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length
44300
x-xss-protection
1; mode=block
rank01-911e8994595f78b8f0c388e3fd554984.svg
static.blogmura.com/image/normal/icon/
1 KB
2 KB
Image
General
Full URL
https://static.blogmura.com/image/normal/icon/rank01-911e8994595f78b8f0c388e3fd554984.svg
Requested by
Host: static.blogmura.com
URL: https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
13304ccc5dda202cde28892fc6845790f04a7a3d04ddf7a730a529f147d60b83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 22:55:04 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
6333477
x-cache
Hit from cloudfront
content-length
1219
x-xss-protection
1; mode=block
last-modified
Fri, 11 Jun 2021 00:44:08 GMT
x-frame-options
DENY
etag
"911e8994595f78b8f0c388e3fd554984"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
mZMv2vLvTpKGqycTZ0GJCienccjY_fenHaZJ50G7AJbKfjz5xgtzag==
l
use.typekit.net/af/309dfe/000000000000000000010091/27/
42 KB
42 KB
Font
General
Full URL
https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uvq4qfx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d

Request headers

Origin
https://internet.blogmura.com
Referer
https://use.typekit.net/uvq4qfx.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
server
nginx
etag
"e7811049bfa1845589c42f0b31c9740a16cee93a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43068
l
use.typekit.net/af/9b05f3/000000000000000000013365/27/
50 KB
51 KB
Font
General
Full URL
https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/uvq4qfx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868

Request headers

Origin
https://internet.blogmura.com
Referer
https://use.typekit.net/uvq4qfx.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:01 GMT
server
nginx
etag
"22520917f01d8d34c0dcc1417c749962b8a47011"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
51500
rank02-0c65c2abc69fe0503ba954fb655ac731.svg
static.blogmura.com/image/normal/icon/
1 KB
2 KB
Image
General
Full URL
https://static.blogmura.com/image/normal/icon/rank02-0c65c2abc69fe0503ba954fb655ac731.svg
Requested by
Host: static.blogmura.com
URL: https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
f7ad5437775bd44e8a16b806c8eacf117ec31d55962192f65f43b0ed4c77ccb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:46:54 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
6413168
x-cache
Hit from cloudfront
content-length
1178
x-xss-protection
1; mode=block
last-modified
Fri, 11 Jun 2021 00:44:08 GMT
x-frame-options
DENY
etag
"0c65c2abc69fe0503ba954fb655ac731"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
-8IEHf5iNkrhs6CJTjYMqZ__IxTHbF1Ta-w7ZcC_FloIOyQ40gdpAg==
rank03-609e2a6a6a8d3dc607ab6a84c85e7e92.svg
static.blogmura.com/image/normal/icon/
1 KB
2 KB
Image
General
Full URL
https://static.blogmura.com/image/normal/icon/rank03-609e2a6a6a8d3dc607ab6a84c85e7e92.svg
Requested by
Host: static.blogmura.com
URL: https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-96.fra2.r.cloudfront.net
Software
/
Resource Hash
5769b7afafa616b0e25ceebab74bb92caec43dc99d6664d17a0fdba78ff0825b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.blogmura.com/css/normal/top-2a126199b0ad3ff9c31cb67940163a5f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 22:01:47 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5213475
x-cache
Hit from cloudfront
content-length
1307
x-xss-protection
1; mode=block
last-modified
Wed, 23 Jun 2021 01:52:53 GMT
x-frame-options
DENY
etag
"609e2a6a6a8d3dc607ab6a84c85e7e92"
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
PQuqlixor7LBzH7Pl6q1xE4GvAus-y-R6KZs3_4SX3aFXZLN9Vdp-w==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2101284437&t=pageview&_s=1&dl=https%3A%2F%2Finternet.blogmura.com%2F&ul=en-us&de=UTF-8&dt=%E3%83%8D%E3%83%83%E3%83%88%E3%83%96%E3%83%AD%E3%82%B0%20%E4%BA%BA%E6%B0%97%E3%83%96%E3%83%AD%E3%82%B0%E3%83%A9%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0%E3%81%A8%E3%83%96%E3%83%AD%E3%82%B0%E6%A4%9C%E7%B4%A2%20-%20%E3%81%AB%E3%81%BB%E3%82%93%E3%83%96%E3%83%AD%E3%82%B0%E6%9D%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=681002835&gjid=1992615494&cid=572319355.1629785582&tid=UA-1238852-1&_gid=1949648249.1629785582&_r=1&gtm=2ou8n0&z=1756371745
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://internet.blogmura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
600x600
img.blogmura.com/sites/1156310/post-images/34642176/crop/
158 KB
159 KB
Image
General
Full URL
https://img.blogmura.com/sites/1156310/post-images/34642176/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
e2dd077f315253ed2f6edd23cd0d3df44453cef09fddaa58979aa98872648955

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:07:45 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"1ad51b716d4cba5a431bf5ad7790e941"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
162282
x-amz-cf-id
9-2GMjHp6UN7nTM-QtgPr6LEej7Fnsyf27QAfl3_oQ3hhikGbTNTcg==
expires
Wed, 24 Aug 2022 06:07:44 GMT
600x600
img.blogmura.com/sites/1128278/post-images/34642071/crop/
48 KB
48 KB
Image
General
Full URL
https://img.blogmura.com/sites/1128278/post-images/34642071/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a07e4e8a1ea16cd985c027504e04a84bf29e6a3059ce6c749f9b179621a758f4

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:03:37 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"096293a93c75f5d8c11cb5e6cd9b9939"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
48773
x-amz-cf-id
66wxaLnBlpiYlMZI2k5y0NUfBPS9q4xO98LIKShfGQBqRWaEe1gYdQ==
expires
Wed, 24 Aug 2022 06:03:36 GMT
600x600
img.blogmura.com/sites/1105244/post-images/34641985/crop/
29 KB
30 KB
Image
General
Full URL
https://img.blogmura.com/sites/1105244/post-images/34641985/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
c50ed145992d5b37bc558b5618666c88543cacb56f7a17ba14cb28889438e7c7

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:00:42 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"2ce4b220841eb3862b55e9d5ae924a6c"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
29981
x-amz-cf-id
ZPSnsqeHWd8SeaQeXig2J4tPE6BLIuo5KM1hLkkrWalfELV30FlnTg==
expires
Wed, 24 Aug 2022 06:00:41 GMT
600x600
img.blogmura.com/sites/20651/post-images/34641860/crop/
13 KB
14 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/34641860/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
573d182d1b681ea058906a8ec43c8de0e67909624b2991f7f2bfcec47ad1eae8

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 05:53:35 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"134696f02b030cf09960738756f24a5c"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
13738
x-amz-cf-id
UDc92qE0NgkBEwe-xNI1XFedYOXP_in8IjnTNuCdC5uLtqW9bFHdFA==
expires
Wed, 24 Aug 2022 05:53:34 GMT
600x600
img.blogmura.com/sites/267101/post-images/34640660/crop/
90 KB
90 KB
Image
General
Full URL
https://img.blogmura.com/sites/267101/post-images/34640660/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
db517adfdf8cf68842056e312532e5c37e031488a700b6e57e1f01ef4d6189f2

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 04:46:33 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"59f66855acbc10eac361255bf1ead757"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
91728
x-amz-cf-id
0GWHJ_z6sjV3hU-pZZ6Ls0wiMsnl_isBedZOKdpFsZ4CIdaZyG8poQ==
expires
Wed, 24 Aug 2022 04:46:32 GMT
600x600
img.blogmura.com/sites/20651/post-images/34640605/crop/
61 KB
61 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/34640605/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
4a325185358ff94b13a6cdd22d10a9814f43d93b65bf2612eecf241e8f871b5f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 04:43:31 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"94465478c7243e8e1fcc9ae2c4167cc1"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
62357
x-amz-cf-id
zExx_HDHWzEE7Q027TevcxrGJWMsC7zWBUy5dNpGOVb8pErFOvXG3A==
expires
Wed, 24 Aug 2022 04:43:30 GMT
600x600
img.blogmura.com/sites/1167514/post-images/34640235/crop/
364 KB
365 KB
Image
General
Full URL
https://img.blogmura.com/sites/1167514/post-images/34640235/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
25b42484fef192537d462d4a0e34cce6cc6550821a95f5ae49a6d4eed843a65f

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 04:22:37 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"b5a41690795ebdb27f5f7b698416eeea"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
373207
x-amz-cf-id
pez7A5YCh0x7QBTqGC4n0u9Do7o-kkkaeEVakEXvdgtHC-6tnMYlGQ==
expires
Wed, 24 Aug 2022 04:22:36 GMT
600x600
img.blogmura.com/sites/267101/post-images/34639687/crop/
89 KB
89 KB
Image
General
Full URL
https://img.blogmura.com/sites/267101/post-images/34639687/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
62d5eec383467f5c3786bf7b2da042b7fb2be6d07f9d70799db2f01d6fd15056

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:53:28 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"c5d3d03b1409465a7b13642363c76749"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
91116
x-amz-cf-id
CjJosvNwjjGCe5EV7EF5EDS4rUtJWv4lOLGM5szrdXNw5SRIljSiYQ==
expires
Wed, 24 Aug 2022 03:53:27 GMT
600x600
img.blogmura.com/sites/1085573/post-images/34639188/crop/
65 KB
65 KB
Image
General
Full URL
https://img.blogmura.com/sites/1085573/post-images/34639188/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
93c317987994b4b9eabf28011208e433e9028614277e5676fcb0d4cf9aa6da96

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:27:20 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"041eedf71af4febe7070a7380a37b7d0"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
66240
x-amz-cf-id
tVVvdLk3AHuRrD3YucU0u8S-52t-rsUADcTUVsTg39tqmNffL4F65A==
expires
Wed, 24 Aug 2022 03:27:19 GMT
600x600
img.blogmura.com/sites/20651/post-images/34639338/crop/
56 KB
57 KB
Image
General
Full URL
https://img.blogmura.com/sites/20651/post-images/34639338/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
8a612f215e81f7b201a72f7472f57ed190574ca1051606f14ac42581b12d0575

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:33:43 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"8024c12616d404c407c14a5852290f0a"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
57662
x-amz-cf-id
165zkBcfuJOmSOEjAQG9Afx27wpB0y3r6JB1VHZkYL7JXQv_UpVCDw==
expires
Wed, 24 Aug 2022 03:33:42 GMT
600x600
img.blogmura.com/sites/259057/post-images/34638923/crop/
237 KB
238 KB
Image
General
Full URL
https://img.blogmura.com/sites/259057/post-images/34638923/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
2b61a6fd1de147199dc5ffb1b08735b65244b4c3f225b48c684fb2c52fbd1807

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:13:48 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"a8f9f2ed47b6cf3bd7a56068ad6814f5"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
243013
x-amz-cf-id
nFaKiEBKuSQS2jvg8ylBuO18j_ECl9v0nyXtrsXT4H8cBTlu3hFNjQ==
expires
Wed, 24 Aug 2022 03:13:47 GMT
600x600
img.blogmura.com/sites/1124750/post-images/34638539/crop/
225 KB
226 KB
Image
General
Full URL
https://img.blogmura.com/sites/1124750/post-images/34638539/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
0b45103e5604c3182d4726f3ed4d625c0a405c77f3c62ddfc51395ab012282f3

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 03:01:51 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"5a78d289d4714a0e59dd96f31919bc5f"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
230898
x-amz-cf-id
oQhQW_MRwT_p3pN_AjtNQcIJ_Tj-IJpeT6Bc8T84kAszzLlkG7IWlw==
expires
Wed, 24 Aug 2022 03:01:50 GMT
600x600
img.blogmura.com/sites/1058760/post-images/34642028/crop/
105 KB
106 KB
Image
General
Full URL
https://img.blogmura.com/sites/1058760/post-images/34642028/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d78fa151ca38e962cb8ead4ac12a17707611e132a9418f3cb1b6069a7f67a4dc

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 06:02:00 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"45c0de633bacb2e99e2d6a86dfbb2230"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
107745
x-amz-cf-id
77Na26lD52deprA-jPTFuMrt-oaJNtkgIVIF-M9vd09baI0l-RPCwQ==
expires
Wed, 24 Aug 2022 06:01:59 GMT
600x600
img.blogmura.com/sites/1130855/post-images/34636582/crop/
78 KB
78 KB
Image
General
Full URL
https://img.blogmura.com/sites/1130855/post-images/34636582/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
8f13ca0e55060d59f17408406f49631749419d86ae6f536eff5503f87e7a327e

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 01:55:01 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"73bc287dc6298e140c5ff1d7bbf6590a"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
79532
x-amz-cf-id
KR-aa3wd5CqHm4_CAQtUuDxA1nsvBH_fh7soKxe_HGxb3LgrAuO1xA==
expires
Wed, 24 Aug 2022 01:55:00 GMT
600x600
img.blogmura.com/sites/1129082/post-images/32033255/crop/
24 KB
24 KB
Image
General
Full URL
https://img.blogmura.com/sites/1129082/post-images/32033255/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a9f0e730aec50729de9bb3684595c4e9af1480a475f16e2d7221b1c14363b4e4

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:57:40 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 18:07:02 GMT
server
nginx/1.18.0
age
4521
etag
"c6093f9b0fc1731f1c41289ea8409df9"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
24651
x-amz-cf-id
O3Mw4tyzhs7ttzK_b8nEGD1pYOc_-EPb03WLYRR5yX55J5usrHvkfA==
expires
Tue, 31 May 2022 18:07:01 GMT
600x600
img.blogmura.com/sites/1067766/post-images/34635272/crop/
274 KB
274 KB
Image
General
Full URL
https://img.blogmura.com/sites/1067766/post-images/34635272/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
97b59da89abd15c6f67c104bb6b2213079ada729243df6e631c379293c049bcc

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:02 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 01:00:06 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
"7688cd90d5ca3aaf7107d7b0914d73d4"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
280400
x-amz-cf-id
V-inSUwSrni3VRspzxxRXIvTEfAdqC3PmTMQboA3WEikSVPjApKAjw==
expires
Wed, 24 Aug 2022 01:00:05 GMT
600x600
img.blogmura.com/sites/1027135/post-images/34635200/crop/
420 KB
421 KB
Image
General
Full URL
https://img.blogmura.com/sites/1027135/post-images/34635200/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
56d89fb04d6aaa9cd6289167b1f364cc74acc2d1900c0a9b56093a79dc491eb8

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 00:56:40 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"10753a02c533c578e0f46b3d521daaea"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex
content-length
429932
x-amz-cf-id
sg4WeJKcYeRhvjDAfHKAN6pE-ebNQPNK6skmQ6R9ts2LHL7ML9xBpQ==
expires
Wed, 24 Aug 2022 00:56:39 GMT
600x600
img.blogmura.com/sites/1170836/post-images/34636665/crop/
103 KB
104 KB
Image
General
Full URL
https://img.blogmura.com/sites/1170836/post-images/34636665/crop/600x600
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-73.zrh50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
89ccebfa4c6bc4440808e03a4fd41fb9d3be6a892582d1a09c62dd3b310272a6

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified
Tue, 24 Aug 2021 01:58:03 GMT
server
nginx/1.18.0
x-amz-cf-pop
ZRH50-C1
etag
W/"9eff3c1ee0f6c1b9f8d77ee543dabd2e"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex
content-length
105912
x-amz-cf-id
kqv68UNGSFtwnX7ak69xoO8KInlLrDffishiWC14cKmGqlYmp4tSnw==
expires
Wed, 24 Aug 2022 01:58:02 GMT
collect
stats.g.doubleclick.net/j/
1 B
464 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-1238852-1&cid=572319355.1629785582&jid=681002835&gjid=1992615494&_gid=1949648249.1629785582&_u=YEBAAUAAAAAAAC~&z=594780922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 24 Aug 2021 06:13:02 GMT
content-type
text/plain
access-control-allow-origin
https://internet.blogmura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021081901.js
securepubads.g.doubleclick.net/gpt/
331 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Aug 2021 08:39:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118670
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
121 B
129 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=internet.blogmura.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
24f659b8c67b7360e6082553fbfd9b173caf11264a0302c59484cacbc1ed7093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:03 GMT
integrator.js
adservice.google.be/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.be/adsid/integrator.js?domain=internet.blogmura.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=internet.blogmura.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
332 KB
67 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2141549704890938&correlator=2620164496229822&output=ldjh&impl=fifs&eid=21068111%2C31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=4330865%2Cblogmura%2Cbm_PC_Header_Billboard_ATF%2Cbm_PC_Footer_Billboard_BTF%2Cbm_PC_1st_Rectangle_L_BTF%2Cbm_PC_1st_Rectangle_R_BTF%2Cbm_PC_2nd_Rectangle_L_BTF%2Cbm_PC_2nd_Rectangle_R_BTF%2Cbm_PC_3rd_Rectangle_L_BTF%2Cbm_PC_3rd_Rectangle_R_BTF%2Cbm_PC_4th_Rectangle_L_BTF%2Cbm_PC_4th_Rectangle_R_BTF%2Cbm_PC_5th_Rectangle_L_BTF%2Cbm_PC_5th_Rectangle_R_BTF%2Cbm_PC_Side_Top_Skyscraper_ATF%2Cbm_PC_Side_Bottom_Skyscraper_BTF%2Cbm_PC_overlay_banner_ATF&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14%2C%2F0%2F1%2F15%2C%2F0%2F1%2F16&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C250x250%7C336x280%7C300x250%2C250x250%7C300x250%7C336x280%2C300x250%7C250x250%7C336x280%2C336x280%7C250x250%7C300x250%2C300x250%7C250x250%7C336x280%2C300x250%7C336x280%7C250x250%2C250x250%7C336x280%7C300x250%2C250x250%7C336x280%7C300x250%2C300x250%7C250x250%7C336x280%2C300x250%7C250x250%7C336x280%2C300x600%7C300x250%2C300x1050%7C300x600%7C300x250%2C970x90%7C728x90&cust_params=abtest_hb%3Dgam%26category%3Dinternet%26device%3Dpc&cookie_enabled=1&bc=31&abxe=1&lmt=1629785583&dt=1629785583753&dlt=1629785581184&idt=2513&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C-9%2C105%2C365%2C105%2C415%2C105%2C415%2C105%2C365%2C105%2C415%2C1280%2C1280%2C-9&adys=196%2C-9%2C863%2C863%2C2313%2C2313%2C3773%2C3773%2C5911%2C5911%2C7461%2C7461%2C567%2C6219%2C-9&adks=3140484414%2C3219216500%2C2319159430%2C2797201280%2C2664935606%2C3517598743%2C3535481503%2C1107358289%2C914517906%2C1109615438%2C3003953882%2C916485146%2C1598733420%2C234340304%2C1070556060&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Finternet.blogmura.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C0x-1%7C250x250%7C250x250%7C300x250%7C336x250%7C300x250%7C300x250%7C250x250%7C250x250%7C300x250%7C300x250%7C300x250%7C300x250%7C0x-1&msz=1600x0%7C0x-1%7C250x0%7C250x0%7C300x0%7C336x0%7C300x0%7C300x0%7C250x0%7C250x0%7C300x0%7C300x0%7C300x0%7C300x250%7C0x-1&ga_vid=572319355.1629785582&ga_sid=1629785584&ga_hid=2101284437&ga_fc=false&fws=4%2C2%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C516%2C2&ohw=1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&btvi=0%7C-1%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C0%7C9%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5245e161791bbed4447ac49838a2ae80d0268519a431c9407e3bf9d4f27f16b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68669
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://internet.blogmura.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 028A
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108100143000/ Frame BDD7
188 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2f5786613d323c5a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame BDD7
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4877
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0140540fbe581c13"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame BDD7
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"07ab47082d8b4bd2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame BDD7
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"758b6350805b356b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame BDD7
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9aa942d03505fee"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
css
fonts.googleapis.com/ Frame BDD7
3 KB
674 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 06:03:23 GMT
server
ESF
date
Tue, 24 Aug 2021 06:13:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Aug 2021 06:13:04 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8013115250948315826/ Frame BDD7
33 KB
33 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8013115250948315826/downsize_200k_v1?w=600&h=314
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c405526043468920855f26fb732d7113a3c85da248f9c0f2a239fc07da44d010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33670
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 13:15:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:13:04 GMT
truncated
/ Frame BDD7
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BDD7
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6c3da8b6ac0573fe328520049ad00d8da060295e7b4dbb846ec95a7c3a26253

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BDD7
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 18:02:54 GMT
x-content-type-options
nosniff
server
cafe
age
43810
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Tue, 24 Aug 2021 18:02:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BDD7
344 B
828 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
27159
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 24 Aug 2021 22:40:25 GMT
l
www.google.com/ads/measurement/ Frame BDD7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX9x_uz0kgBlo3Advg-GnKt94QVQJjDW6kINXrc5nS1VvwCjgkQJsKgbMghuG-EwpxNDHxflHozZgfsD0ULz8uCpSAPQ
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame BDD7
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CO181740kYeS6Nqm3gAepqJbwB7yOhJ9k3vyGmJAO3dkeEAEggdWcJGC5-MeA3AGgAczA8M4DyAEJqQIpawFYVrGzPuACAKgDAcgDCqoE1wFP0BplUJYr8vOgxhHDk0M-0y9uAndL-ggEf82DdjeVR2_n8ibRdwLzaSXuRcKt2R18xiU3zbJJ-0NomYc1rP34iqqni8ML5tTpXFrGxh0_a27HFs0puBxCcuhHTkprH0-W62YrvYbOmSCVbesg8s3G_OGUpXJMvSzqy15wS6AY2wmeVfGwb7jRUmJxbKgH6NtDW232Otd1LAGfY7t6g23q9OMUQYRFMPTRT5JRQdFjSk5IQoLc1sIoxjETfWlcQ47xMndzkSs6498ueI_C0WytWKhHioaFyMAEv_Hu3qwD4AQBkgUECAQYAZIFBAgFGASgBi6AB5eF9DeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ6vgL0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTDdAVAYAXAbIXHgocCAASFHB1Yi05MjUyNDE2MTkyMzQ4OTc5GInACw&sigh=sVxUO5332qs&template_id=5000
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame BDD7
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://internet.blogmura.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:11 GMT
x-content-type-options
nosniff
age
540713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:11 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame BDD7
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://internet.blogmura.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:03 GMT
x-content-type-options
nosniff
age
540721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:03 GMT
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A695
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FCCD
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 527B
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F7C4
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42EE
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E30B
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DEFB
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3AB2
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2782
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108100143000/ Frame 9CFC
188 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2f5786613d323c5a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9CFC
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4877
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0140540fbe581c13"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9CFC
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"07ab47082d8b4bd2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9CFC
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"758b6350805b356b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9CFC
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9aa942d03505fee"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9CFC
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 18:02:54 GMT
x-content-type-options
nosniff
server
cafe
age
43810
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Tue, 24 Aug 2021 18:02:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9CFC
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
27159
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 24 Aug 2021 22:40:25 GMT
truncated
/ Frame 9CFC
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5edf1dd8b1eccedadf09d13917d8044d4a30ffb34dfc775afcbc17f665908ab7

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108100143000/ Frame 6BB2
188 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2f5786613d323c5a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 6BB2
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4877
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0140540fbe581c13"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 6BB2
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"07ab47082d8b4bd2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 6BB2
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"758b6350805b356b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 6BB2
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
581245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9aa942d03505fee"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6BB2
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 18:02:54 GMT
x-content-type-options
nosniff
server
cafe
age
43810
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Tue, 24 Aug 2021 18:02:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6BB2
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
27159
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 24 Aug 2021 22:40:25 GMT
truncated
/ Frame 6BB2
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b549aaeaf4fe3f153c6b9f6e986c30664071c8785d08e250bc66ce7ab5ae70

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E5DF
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4166239689167187527
tpc.googlesyndication.com/simgad/ Frame 9CFC
32 KB
32 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4166239689167187527?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql-IwHSsNk8__HHTSQISf8J_XSbNg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80fa7b6c186ff929da5becc166d1332e475ac5e0f002840046e0fe91254c8af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 04:22:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Jul 2021 13:25:40 GMT
server
sffe
age
438635
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32581
x-xss-protection
0
expires
Fri, 19 Aug 2022 04:22:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9CFC
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdTK1740kYe-6Nqm3gAepqJbwB7yOhJ9k9IbMhqUO3dkeEAEggdWcJGC5-MeA3AGgAczA8M4DyAECqQIpawFYVrGzPuACAKgDAcgDCKoE2wFP0O-lfnPAmtvAvZwMdqAi69WI88ZeMDb-Ms0sE3G3aGhRpfgZOt56WBJxkHQdaVYmbP6MnIV714eDkkn3kaxDu78uJQ_z08RWKG0T11iERbSgGvagnjL8IhCXmp7GlHMoutWLC9fHvw_QA4MiFonWni9oRV6Wiy1agYFmSEzRFX2U-ZQBlXHZWAI0O5jDQ02_YpOLOHGyxJL5hKgr4Ilx31O8hwAPJ8MmFdLbuI0iRhAHMWdnyK2kx45xiHK41ypF8K5_6rqW0pJre5Fdsv6qp2NO9DHyQrmnhnHABL_x7t6sA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeXhfQ3qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcDEPAu0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTkyNTI0MTYxOTIzNDg5NzkYicAL&sigh=im8zKy7m1uQ
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

4166239689167187527
tpc.googlesyndication.com/simgad/ Frame 6BB2
32 KB
32 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4166239689167187527?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql-IwHSsNk8__HHTSQISf8J_XSbNg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80fa7b6c186ff929da5becc166d1332e475ac5e0f002840046e0fe91254c8af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 04:22:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Jul 2021 13:25:40 GMT
server
sffe
age
438635
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32581
x-xss-protection
0
expires
Fri, 19 Aug 2022 04:22:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6BB2
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjWav740kYfC6Nqm3gAepqJbwB7yOhJ9k9IbMhqUO3dkeEAEggdWcJGC5-MeA3AGgAczA8M4DyAECqQIpawFYVrGzPuACAKgDAcgDCKoE2gFP0JpwppZ9QcHMx7s1-XMlzB9GEbKJtr-4q_K2VeeV_KcK4rqMeRfrTCqgLx-X7dLeWXQHJ08jUo5DqQaeL1MVTm-aSMBbYs-btsyn633YXyMj-QAIxPBJqsgORxUnmm6yX6TYVB0ZvlX0OGCwQbDo4g94vjDXe-gEyc83_kWLREJmfatFDsMU4zGz2L1gxNZuFdz1pY-kNkn-75-FH5oW4xxMdNIlSqiby9e-d5T4vU5ktFQN2gr8YTA8-AkZJkrOKfweScrg3d8jIeOl-CRex3aaZNszR7CGJMAEv_Hu3qwD4AQBkgUECAQYAZIFBAgFGASgBgKAB5eF9DeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQpYYK0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTkyNTI0MTYxOTIzNDg5NzkYicAL&sigh=fr4ZR23bork
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718286636491"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27620
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8F09
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A695
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3z6AGfzhrEEnqn_78-qok4ea5ogMea2k0KA6JnF6iVUNNNS6qwPt2goIBov76Lh8hetQg_TbX7yBUsWnaLzbpMMF06Xrfx6cvf2f_284APdOhSV7IENDKDaRja94pTuMAWHT9foNLRFUpE5XwOXbbViaOlw&cry=1&dbm_d=AKAmf-CPKPDe81aEfwPEj044xG9VWF2Xi1xLpsQmI0fbxbEkCVl0nDfS16Q1zHBcxCW4nwNY8hlOHc0axCBZfCQ1OODSvc9aGJXaPCabZSe6Y02zBa_7EPOutxmIlMgmDZ-R_bG01HuQCyqxQKXomBU5kGR_tX08-PYlT_j9c76-Ec1B9oFuto_jzxnObzthg0GhArANwHqksM4Dq6c7rDNBtAf0zitD4jJmvBooqSyoyDGrZJQkVLYXjqy1BMUcwznRJt8k5R_uTOOcfKh4v1nR-RXnA0_9ZSttpV_MHscrpy9HVadAcPAbrH8ii2YVfnFIgV6dLTU0Jy_HX7gAVBWlIWiW7aGkRP5BuiaahNpNdJ3KmS5vFtUzr_seKGh-cJgScfEiPqnFB68IO28NuXRnElELtUKigKHUPIzHN2-rzCUDGTFGVE7DdNtnaasqU5O6E3h9shmUPWKUxQZLgfNhFrk-gcwkbRtpMJwPn67tWcbhAegsU4XwS0baIwcf98orpZWQX5yt0YYWjP96c2M-27kLviXJZdxYd16KrMdpAFf_WFfgXu7KZHJEI1G32_uUiUbjV4DYYxqukpiu_cWbLliplv3dj_IijkSEUvLReCvvFT4porpS1OJLKsxWaCweiP0mozTghRimxH5dY7nXfzDolDJp6v32vXuPigtbbsfiVQEwQjlOnLJSAgLHVy74FboJDLFhea6Q-dCSdma4xFsYPmHJRrkbzpcgyWkSyAajO0XGhNPndXfvgRQqFQ_duCyUl-mMMWMjJKE5iBMTD4fbE1qpGbp-lkCBIfVwcNwJuo4BMeFr-9BqLw1s5PG7smJILdp5yVGGfc1nEtXswObV-LpliJOB8nQDcd8K5FoNDBs76H3leTRImmQPEq0tbnH10nVRR0zarA7DURrNWZ9l5Wj1zCyK3pRU-5DIEGBun6jWz0U_Xqmlnwbakqc7a-nGSuA42ShhrJw--INNFyOhr5jRWKR3IH_Ulaf_0oXmHl6vdL3eTbXinKzGpW4PDkfivAWcxLFX9GQU5KQROrFqGtphFria70S2vRxcZ1qZqRu00sncmqsXdWwn-KM6k5PLGeA3oADK9SZ736HrBWtKklr5PtLyNepeJcGAjLM4NKArqVlxjEihnSEV_RBL-aUVXWW1o6PFJO1oske_q8f7bIzwPZfWBa8R6r7tm8fdx4lSLXExE63RKstHtul61vJtl1OFlc56Z838gmky2QyMlp2JliWxS_KgVOZ8nLMTS4CwJZu1oWOWUMkOm3g653kSFJplu98uUgPk9L8PTnqGrTJxjzzPivrNML4ZJrrCPMg5IQALSxj2n_r0nNUI5FUnX2B2ZyT8bhGHuVrKxYRpQvYWB6TTJkYNrdq4J959CrgWJ-eCNhCAAwP4qGdybZoH-pyCH8ZvuRMx4vQWnlXaOGlCBZxeR8pnbk0mC3I5m95n-91HNn5rcR9fryaVmBdvc7aoKavBqPN-ORRiyZ67EsGlwIExYYJlgwOcaGQDvwKhozQPPZtaDBxiI5TsJOoDYrWv2jz3_pFnNuMdVeKQmEWM9laFWwi1WoRfboxEFEWaqNJG2K4T1EX8yMHjivhZUyxxnURntUe6hMQKF-pHF9HUAPUHWCuL9iMmHt_dPApsMbUAeVIBD5y8_AwKPA-u_O59EQNufgosfCae95Mej_AcNkxhiemUYWIyn2yC2quD4Hp3Y7hem8MB9eCqGueKLhO1Zsw8GQHDd6NVAHzAVVsmcXWR0-RFLC7AjRRnZk72WVJCYlrHY4oLbJyu3cxjhezb7jYcxmgyu9dBt1k1j_7zKhNSgRMYyxRSM2onxluZea0jQCvncOoP1zjYxnPoAfu03WrKTP_azqUGTTmlFGhz51405gxa7BM2lLGZMZqXUQBNjjDGQIbEHqTs0uyCEXm5ZLIE5nTZ9M-A4LwqIakrs68WEiCajLYUgfQuCe9yRh8DOcQ3wEJMTE3rd-qT2MQrnNAhRseiZrcUjYTx038X3_3Nl23opwcfvAGOtJkUMtEjquaWuzK-92ZasJO46EeH7fXvziebNQbaT8T3WoW1QJegzgOHmNrMY1nXSSRGdCJdOz2La7CwAfMgXNQVK20umMVj8Jakr0LOX3bK8c_hVsQSUpR7YOwHgekDsUVTgnITyQgTnjq_mAX3veLuHKBbix-KBMEshTojFBsnsY69i_MFkNA4uMlmbOHcKOkFrdooePOOqCyhCrAD4TwX_-tUQxWL-IfkhlDIiAmmIjwfWXE65rYW3sgKlmecLDXERgXeYawdqmf9fcKFKMCiT1sG58Avug9bla6S5MRk8Ej_SQLj5ydAwQmMvaN7hx-8Uqc-qu43RhfCGVtc5etLPMACl2-hn3hO41qMhNWTyv56XL9atumBDq8GbU2-y8L1Azj9HbRijPpD23bfUOBJddvCFPx4wsMU6SE5qiq23FjEB2narHddtYzeEx0nJ_LfKd6f1d68SYicTktdn2BJlyY15xt899YlZGcV6-4QcGtPyBq3lT5QKAYkreNvDutjh7I0amA-FJYfSOIIFSvsKRBI3YzJrQrJsGrim9i6HbLht9aPb0NQn_coBsugb0YkyhJsY2gNjAyJrc6ZjB1FaVpPoXQN2Z9twEQBo_KsUDqzudCww4igBx0n7vsk5CgpPL3G8at7Pb_bTgbekBAjlN3YeL4vaLy_tmrrf5M2AYn1TF3OqyUjna47WUxAGZtNK7ogxLBWVYuQZRe2Z6UtS3VjoMrspWitAd4fXWh_9kCJpyZHpRZ0saJc5tWP38fB2rX147ha6PiMkkQ4R8MnZponlqoyKn2_iFg0iFLiTPYMI9FJgeeH1LoCYUm3FpL48JtYbe306xzPnHs0KrV-_yi8HPrpd4BUFXZ_MKHkTHXQVJvxQyIPY3ZE1o68sqCLjzR7wmzjn81FLgrcoW_w3uoNAtu7RqqwIwvUuDqjPqEyYoMVzcs1CGZHRfSBzLqxFVOUoAD_DGghMXKwo6lWZxL21-JGxzC78Bo-qxd0dMYGNmknk5irM_wBGFzG7d-Vu4T0BRznHCMZXAYSMlfu1ECBAeNa8LS3mJ23mnBekmwGs88Kx5Bt4dlnHmyjZ_-Oz70yWQtQ2SusfTn7SSBU38wZq8-mFQFD_rjb4bknB_jC3pb6o_0em6CBHKoHYFWEwadD4-C5AzEWr4TvweEGEnkIEVc5yKhRFvvbrUruMY3SpRAIpRAodcmKfs4XRa7hUIicWizft70xhPBeU9UIdbKXNkZ4wZCncCRkQSoGWGFxjairDjkKo48pNr9lRvKBXAv6sqdPmN8ws76xLiB1tW_J&cid=CAASFeRo3hTi2LgRCFM7-QlCI0I2_FQy2A&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c01f33fff3aeed339459039f58d2909903f7e85124240e4fac3aa6fa563a213b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12931
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A695
42 B
515 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bp3XP5m2VBp2zGKyJLWd45qgPFPC1vw0M5EeAsZdGpOfzEQFdKL2BsIRpjLg8gBXiHUFIwZjm1q0dQGwMqf0JCrnBhwXSIml7jR5ocvJF0_bjI4xg
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame A695
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j-PwduIj0Z536Hg1RmPp2p&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame A695
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j-PwduIj0Z536Hg1RmPp2p&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame A695
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A695
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame A695
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
l
www.google.com/ads/measurement/ Frame A695
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtWh5lfq0Q1tqF0L61NzcByS3kE8zqleyjrdFG9xmKLsjLf9PJlkWuQK2rl7yXLTt-8Gl3GI7ZWbeLMQ-7Qk49cd4_PQ
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 1DB5
624 B
754 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 527B
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BABDwM1r57yKzVVavLvLGid5cJmuo59y1w7eXVtUOCbi4QCpJHvERwAn_3HBkRn5yN2yvI8XzozJodTQ2UbIYLSsmwpwBEMEz1xAC_DrNvpuv45-gEkhGlLDCN_BZ4DgG8CS0ZzAi83EbMy26WQI7N_HX35Q&cry=1&dbm_d=AKAmf-DCCwwqlCFho7aKQQw1VuF2_Plyfwp4ZZ0GXjknYtq4JSngMAHvgYFo6VLfP9AKPe0Ux8naIECMOi7qcOfPufa15v4rcityL7oUNAap1uFrPUNqj6HyKiDv57m_EzFmo_ZcbVnoMX2JJ3w0Y-XjEzDsqtW1sW8XuL-Nacs6RJUxj_0FPTAQrzEXDOogeYBNEx9uZmXSWITt_4BLbGDD5IsmO0VJpKbrOuulR9oA7ZUkL63jL4ucOtSak8Ex1sjlN4vgFnQpRSPDQ9cf0Bvv7LBYxQtM4o7wOieu8Bk2VRwSOPKY4GLHhX4nZmVMFEqvA0hXQuSkrNtw4BN8b3BJDgyYlS2rXaS1Q7vYmZa_lqIspBdQt0sMEQ7PyoNsP3rTHkmTCb4qayRfuvSFwptx_aZXXd6mJRXEMKy34vjWU3NVAF-HN-6WtxiQ4o-v_yQBZRdgsbQKmX5AHh8oTh4yIJSwRuAKBvv9SWIXlCEDKmQ92JbcY8dQb6qRI6H2dVlf36ItLQ7Olk5PoZL5HC-Zzcfv95mX_tgE1aofRoXP7e9iHy1DMyNM-2djaHlfm2voFy2_zJXL7IjJnaZfM_dXz3Mhmasbvwf7pyZmqsDfRCDzQSK8SRthOEnsnGV6OleC8wtrtbXCc_jy_4kURDfo3EW3fZ5zIOltr0JehwRuWK2-o-9U9d3bHu9h93_k-RQm6cX7J5zVU7Wa4QZC4knibD0jct3fGLJa_5EI0yzksR_WROBtlDqKbKOYbCqUG4oQiABSTg5TJjugwFLHdJ_TimzaRgGoC0fGQBEAyzcCetPeue08giqfZCvQ1vXmENW7bSqXU_Amy-eBT0dTzgGNSFE5qO0fP6aAji6yH3uY8qWnSVg4VH2Lih-aj8P3OmvQwUO_44aRALilOGEU55Qjiz2Sf8SeB6lSUNUP143EXnuh2eplfEdRu5K2X9un9Ax8UDAeHtAlRN3y-NsOQm6Fel1FbcIKRnLIp8fC9Pf6TYNZkotm-Gm-qPxBNDW7rgIeV1Lo1ng63GHWcj7D-j_VslBnVJwp-EDoLbEs9QCkGHt8CHmY_0gZsmQZv8kFdZDRdwLqbkEFkglNswIewaikovXXGSiAHmfuV2lBglJoeyMR3wRduk8NfIZa65hzkiFs7arKCXgdtyn857nRaRRVpMN6FAXVVZastRl19P6WHhNy4kLNxlRSOlLnIepoKrV8vqAMbzhTa0EhsczWujGNSg3gShH9xr1WwXVhDLpy8U0n2t9m9kR3mhmVUkKpblCP5DEF_i5Dkqwk8pyx4E7JIy5wFAc9VgA__GrA1Getm9FcNViYkl8vNBbB8uclq3lMIJiSblJKATVlciBXq_4HbRy9lxt_IbM2kWNF3aWWhDs4xzJ00KLwrC7fsmg4tWjV-rphe05tSvOfuZWVqPdL-khv-ebAhDkS_8lZMzcYWGVapzweDoGOoBkrWPN24vgQ8QVDZdz9HBEBleMNbn4VXmRtYMLhNBeikA_tPCfor7qjngwGXyrYQKv-D-AozsqRKEM8zTyXG1l82z2gUhgUs3kKPaZCk0D9ZX5s-RcMeMg4l9EdVbjbXpqjSLB9n5i66axnG5x_C79c7iSn-cDCY8RLEZvvpG4JBvEfF5zOeCRRy8XmTjE80FlCPwe_yv_DfFNswDWDvpWgkisoZjUuEEHRr5HlRe8oC_lCaqX6x2Vf86Khp3gTUKheiqIodvtrbdeiZnmPibct-YjS-Cv6JEqbDZ0kqPdUjCbivjct8CABZcTvuvrXXCxCqr4_C3VnfrH2VG7alToyvZ4aMglkEHPLnHhFz8dfpOOv4HIDew4VbMdZrAl4nORPZ2A0W5J0G3ShIxwglkWIgT4BTssziuL-bJBuWqp-ZQvtuEH7Y22b4r3yDNyJfr7b9prwZ3r_Q10OKu2vWY7BilIi1Je4Qm__UqSrhM-ZG2jBr-YYIUzRq2houU-yRp3R6Z9giPPLwQmPE5L7uskAcM_07dBiQjjzTCoFCaT7wz9LCiuXLFIgNO8XVxV-BV0-I9sh7uuQ9xYM6w3CIw8rQphDut2FKR-D-zl888VdeWke7MJy3ffF9gx3Whv6uk0Lio4wo6otlDIl2CnvRdxOUg9bPtq6pWT5FkdJ6VJFtyLe2K3bZk23VxLoOqiNsx1Ok--qQJVyUTUvVrVgIch3ylBHvYFBCUOdd1RF4MGgIUvlPfOpV4UkjhySIcWUHBmBYYxuSCWH-cPXecprsaygm62RcDcbZNXb58gTht4YhJRR0BCNRqR8j0m6NujhfimFHn0OkNqeaSy1vAiVzGYb-RQl_fJ8ANOaB6D230IWra3uTuCNduQDLLTTWO53MBWHE4phTeYm5TFXTRgQ772sB2I9qxwOMJJDFqFhgAgFvYgqPjyhfYqxBIZj4FBsSXoadJejfOxTZgNcrhHUa01tVKgPh6jzEocza8Wf8RuRoif6vCp88NtYDQqgG93APUcaiXoDwe3nxYsxdUBfXrnzz8P53tiaawnWzAxATXRQIDOEs6KYsHgNDWWvT5vKTxQNXd44gzU7nloC8rxLSlANX3nNlteGqPhflS6FA9-t6yyyrvNQWftddNypAPltYKkDG2tZrIX0e3Si5RYfXDic8yvlbcZg7dVUTbQ_xZiEfu3hG72HaXLCvJJxrMNdKD0T0Wf7dPcCi5iRRnbiIp9vPb79y2GxDjorLmKhbm3_YjQLriHh_-Gt9UPaqLykTjoSN6e-D8Ao-n_zgMC7jyLKYcF0pgWvP2RWmjv0P_nPh6TjIPW6HMFna3SgL8Sl6DaWMULOrOqJE2zy8o44XvM_vrCzbcztCrZiwH7enPgqtlCxcgWvNCwmTFw_LCzLhjZp9sGkIwL5PmLSu_mK0UmQ8k4UGStir7lzHquXtntQTdJbg9y8nxDeffDjabBo1BcfjPxlsJBS662gNYBNFFuhVB7wGCKFo4eL2sT1pxQue8G7v6aQAJ8v-svcmO_-oZCeqZr3YdpJhKE3AYuVVwL6rzphw3wTSJmyjjqkKwcsFN4XuS10G6C3h2N6YL9gMNwiyP1gFlHQMknq7_O_RYSaCRYy49J2p8Y55XC2PmqCuF6EFXhwAfQyRBIpnQyY43fmAQf-QWAxDpm8Vf0_Hke4FgtCm9SjsjIy7yLurZA2Jh0CQ9SZBslSV3-ytfltyfOlaGFlLvBUYXH1AkNj2ITZ3oIIUHswXiASxcvOlCq9-2OY7mhj1uwrd665F36An9ifNWz-WEG0UebsJIZHhECYlVcWYqJS9tToByVrLed5Iu21n5mVw3s98jTqHny9KsuaS5ke6vCdCzANBA8l&cid=CAASFeRoewSKGa1uWMEL2dYyg4goJLAxgA&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bf56bb95d356267f31317c82615739c95854914bd3e2ba204c5652556194848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12966
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 527B
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFINcACk2Isu2TEl2VjZb9IZ8D3C0P03zjvzEq_LR2EroRRHj79U1DiN4S8yf2-QnzpkgqzfAMI9Uzu18jxXFmERDUWmfyytZgXC9sXoHQtBfsprg
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 527B
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jAz83jdbU8m8in9aRRm25O&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 527B
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jAz83jdbU8m8in9aRRm25O&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 527B
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 527B
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 527B
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DDD6
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FCCD
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaBv7Wj76P0uoXFZzVUe0f8kPKd3ftjZPy_tQ06oSQoTCsB3rXviJDIlZUycETn28F6ytqsQnMdkFUJ8CbWesWSH8bUUjvyQvPPmpM5Nt-TZKBgAb6_7H13gVI4WkgDWVcpkgIBIOCbF0VySRSt2eYJ5mQgA&cry=1&dbm_d=AKAmf-B1NEkqxq9f3bJ0iukiomJmWuG-m3bLPbx_QMuaUKsqRd5Or85IOmxPxcc7Hclvb8xXDm7soEUSPLG_9GllpyrqNKDO5ul983w7xUlIc4h1a_kuz7aDNTW6Ws8_K7TKRbUrU4Vi38dUk3uAUX9ScCkUAug0UEiCu_gc20FOtcCU38P2kNnR_5KiNhZU4suB0kIyHzM7QCXJFMDq-YPh6yK4KUd5iksr2YgaQ_ELFq3JqVmxfr3yDF4lQyYw6i3pPcEWQEaDlF5y0ffRjbhX-bwx_IZUNhHBfPIxGj_F2QcX2axAGlrufuTFMoPaXdHqIvapbDwiuvMCfmK1yOHirOnw1uWrBEQggWhW58zVV0JMfnf0SaMcLu5NFE7Ivy9UeW1IBjzB7g7PiPjkMmifCz3f4jduW36MF0Tgy9URSuWk1VJCr6T70krEdI-r2nA0-1qjmx6CNBOf1TCBEpQSuywmlkv15gua5CoNBnE1l3cl1854VZe56KQAB7PqRXXrPXRIVWhbLpKJnXnFGFDbodXLjUrnSu_q6D3d-_YpmmQLMep2Q3bjXxDT81omGLwFdZy_y7PMIYWj06oZiPAsUDQz_q_atAFE6_xdyKV2G-YvH7DjpbilB9JwDuV1Wl7kfGUdKwG3u_yUufoRDkHGFVEHJV1wckz_8DwFVmcSxcyefvrilwzjcMtbDoK9wBTuyY01t0P0XJSzXK4pM_Tj22omOQOEnSc9ccwCTwTVCe8Rc6E-q3jKn3t-_lrQt6925Bcu4u6eEK3dKOaXNu8L0CnoZJIVD4xnXKEU6kMHzDpkNrNBGjyO-OgRsj8pkyFtVsq75OQ4jvCQbYLJVklgCu0hT2d0GX5EGF-QADnk4GAbmGBUoPstWVXZYhoc_SnKf_ydsljIQuKzB8z8r7o2_ksgix0Ltoz6ZntabsKjMVJfCu9BqJqnDiK1jRjUUFhg4v7fbugPK5yqOxGgohC7JBVWL198P7BxBKvNozV2ks2Q2uAFHehI-PTwFnfbtZpbh0AzsRd98BlX1Jie87H2_xyJXNEYz7CX3efXwr2w3XVoikSP67QJtlpGBBdl9aobuk7IC_pMPkIGw3l4QRwQ5hT8HWxHfPDQ-kwnYqL2sswMBRwJlepZJIOuOoQxIv-S5qZmhfsc52Vy7_tSXoCdHCRJWKH3rrG8HhWoaemuzHoMwtPYAG7WtbAEDuoVTHysvjuF8Yev8IJtgsCeoRGQxHIDut7p7MEagu1jinTB2-d8A7cTtP-ljEjGpVjXavBSGpg6Fb7_yIzURiWqgl7j2laoz_uW4tgohRk0vYN8KLsvS09LcA2wsoFxFyW4JdsYUuJgNInZKo-CU4gdASY1GAmtCPpZSp4PCUcUBYVKqONtldRqkSXIFEjZvcU2BB1CH0M4i6bVkkNHsuHnMuKu9Kd2heh2zCtBW1dmfNQ8mxLp7ZhtdQXEmrBtLpOr1QSjBCpl2W3qxR27aZ-orPPcHvRsHUH2gSQN1IqLO3ZvNgDrzMARYpld2Vi6Wo11jfQUWeN1pjk_Dqj6vHahY_tyyAALDZv5tnHVtP06J2UuRBNUH6sdOG3GVSt-BvDSdjKfYaJucvK-fZEDo9K9JviQmkDpkDtWjCdiTfQ3grWdrcikNOVI5ooNvOa3FknkzNvvlIhkmCLpKLG5TZ-7v7DXeHAYAV3TdqUgl67qmsSFjeKUkbLzIFZpvqZS6PXsCMV-WS5hnC_F66NesAPO6bS9v55fT3_lyoMGYDW0FYL-BDqcUbeE4tKLXOfZZ9S9YAQTLtB6HBVkHxYuNriDdf9DKn2iMn9X4bdoObjso6Gg6arDasZZlXPnnL3K-HuZqxQQ5wbSuGtXl970rc09ya78hsceJ4Mt0-5NW-LbMG3lkH8NBXIHVlm6zSFSCPbvfabFnqmJ95XDm1LY6AOHCg_WHVZbcneAhh02cKInPpNlABK7mnHEQDXtfGLvd0CxABGosFi6qgdSejTs9MMbl74z6auCeJ_dDLzwHcZVyjasLrd86SOP7ueDLw1TxkPzM7l7DaOpnRoCAqBhUEEm6LI64_wlXrdldWU_UIHZfvpUmkDsRr-egAUgPMK2ojSHhtqwmCSzJZEwNmO51FS7vCY3x2rtFrlF46nOTXm2EbmXAzad4uK9GexHiphq2rgpF379JJsbWw8KEsBPuxRhWAE9dxAXmq0301B71MEUZcKtBqKkBaM196CI7zaEfBLbIP0ZM_kEmkH8C7KKmIJwznA8lhgspToflS8uFl_aOt9FlESYUs-HVluUth_nVF2an2FWYm6wg_2As0gJo3VF0c7Tn8X0Vq3ZPC7ao0yC7yITRgd4Q4vOQZmoKYMDiavk_wQfdfWMZv8Nik8qS-dMggLN6bPcvS6kIsknp3oADxKfFGMsiE9inEhr7XALuA80cv7M6nZPwlePnRl34e2thRgUv6zKZA7WP4D_RvNfn-Ad6MtQo7o-0x8vShNrJCaLQRptMWFhzDfllWy8eEohPsf2S13vUq6UcB7xhyM0croDJMDYX0J2nfeXQSNSZxKCqwm190hNkF4MLpfwtiN1sb0ZqRUvrFMVAvlm8G1uP79vCJH8TPwl_lZBM6tinZbCXyG75b906z_d2rbSxVPYEIfDKxI5WGyTqyx1K19lmZrvDLm-SGbfrur6CRF5JtcedGw8YEz3nKims9u7hE3lpsLfzqonIM-fDK9J8CNx0MZ7kmF7OGbDnrpCz1PH0KfTzlxUolSWgag7dgQ7wfnZALI5Fs8Q0OrccPP41aV_MZy2_AA2sUCaU58oo5hsBnt2KCc-MFtmY4Fca3TIexdC6RxzflKk6c3pVgNaZjq1FKt_6RWU3MD7Wf7W_RI4n5ILX5csIps9YgZ6r1Aw6bzBK0fTmCp8Xn3WYyBoVDlP2Y_pzOeE2u9HA4Oqq7kUHMGt-WIWKZLvzAmvZby0mWguDKhLSKorwgfeMaqIkPlaItX20BJZq7mONm5q3ltitDBpkWK3RCnbC6sKnkoHtb_sPgoQDObwzHsfKV_SrU9Y80qMvG1vUxh_KgvR1iXW14ye0GDrMfnVuUZtl72mb9KuE3T-oSrQp7Ms7_uOJ5ZbAGd-4xj90WLYOWh9aAh4cs63mSGHWuX_wrXx531l7FrVkhQZaQQyeZcyXWFvbkmNy3KhUkhrAp4RlkMElOSKYAw2UB5-wVHuu-ouvJN9J2y53p1gZbHa423C6Kgzt0xwYIK1pVL2QXTyqJIzYZxwEHqXOGV4hGZuv6HaGnRT_hhTyNcNy6_1eXlOcuoJ21m-Tow9a0RbWYO0pWWG6tVHDS4lBaHPtDqCc_80&cid=CAASFeRocDeG9B_IR6DKTIUs_1iXV-pnTQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fe2cf2b4e9b9df717da1f8eb20e4b547c88b65e24bad32022102bc9cf7da8e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13045
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCCD
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cgz3BFlTfAvvynjNeY31pm99twwOhVetJOucr4xwdUTMLGjU6rScW6AF1KBvA0L4fMuAAFJhdn4cKPcJXzRvUqvvEZIZNus2eHbzWxHrQdnx0OmlM
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame FCCD
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jQ7U9fKoSTNJvyRnpyj18d&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame FCCD
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jQ7U9fKoSTNJvyRnpyj18d&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame FCCD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCCD
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame FCCD
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
l
www.google.com/ads/measurement/ Frame FCCD
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoChNiIn2a1j7PIynrw-D6x1nMJ93AlbZXGxN1mslFq9L3spmz_VxDa9mDiOUWZP9Wrt--Q4MADwq01beqwCtaISVxhQ
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 7A55
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F7C4
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmIVDwq6XDF-6Y3qDz59ITRC6-rvfb5TH0MsARbPMKX8G3pvym0l_m80i1HeyNvQWUaIoBbKGNKy39yCvXglRQw76JR5gDQ9HSbzrUt1Ix0MlcLSuWzzLZQ_2goUXHLTcXdystLAKiViWCFYvOMW29-ITFTA&cry=1&dbm_d=AKAmf-DIr02X4M1WMFKPZtjEV-jl_F37maF-ZZkesNjF2s4GJVpaXVE_TdIrEn5zkgcVn44qkmxxYWvB66sdOPY5F6-gK5lSLRAKmDSIbP9UAEuzYQi_0NJiv3VfD9e-nwuk6jxZuMRs07Qw5kmxc0pBc8jcOC6py0aatg5WGwniHVEC4XWfRuguMMkCVqi0WnYhrjFzRfJPx7E2Pnx5th6Ta6oGb2Qv1PldKSMQZXht7QqEM5HIhPbvPnFqmUXWEtNtemxNMyyCxIctYLbalUIAMEpZD8ty_OIGGcfFABCzYpyzmL9_hmIvDy7glVVcDoAeKGVilqRYslgVrP7jiCPNYpMSHuC7bbwgkzHBB_Sh_9SxMXUy_jNNaIP2qQfBlmm8y4NJHdg8RBG84fNdImi0AyhXJ8A-Kk_0-uUN4w4kRs4lBeO-tDYoiQRcKAZKaCG5Tpn6s4IXx96IK62y6I3kSjRD-_9fpPE-XKpHvqNqq2fNdsz9cRjnhGYaVsH5MQ_UNQK8lgMpj749uZEDooKyuv29-QVT-WWZIgwSGO2uPaBeMKohpe1-e1FYC9NKGCxwEccIzK-DMr_r-Igzocd4XXS891rL7VNqpxWqC9tDZfK9d7hOYX_ly6MPoYtInyA1jThbMvtplDyey7C-57ZQEtTlQGk2SEJI--4sUN8QI1t4ze_H5WYxO0MTefYR45ZV_WTNmBl_f-AhYaFtHvcBxH3g-Q6rq-RcWOyA8D8hUZ-Y-iinfF1zfEV_zmZFD-5KbHvffWauAHRj99jO_koh3uJc-xjjbfM5YVlR7TliUawEJzAitoViAAPMU3CL8xliM0IXuiFGgEcPpyiJdmQuszTZ_Tr5vGPgurp7QWZTXeHaTjSCRZHsPp9HMogX8C-5PF80LNcvWumZwJt28orDHpIqHKAaioOvZQE6_nKK_Aqk_NdUnUmPa7MBV1OR4ndn12X0950zMyNV7QHCV7XMdfzSvyVrE6XkUKYZq9Fo8M2xUni7b3xk0ySpifwR6jd2NyBCCyRf08RmzI2z8BbBgi7UwS8sekXSvELxim_62-0puRcvE-7GTYHFsrAtByDZm-bMSF66yRGP7RbnOZ83FtSmgPWbkwBGPNCfxkErNe41YPgOvnNUn5IQHSmi4UMQiRMiWGBeofmATHY5THZxh-QyjycBFp4kLsLj6bPpPMQ2Gy3PkpQzpiyg6aDJ0eGXuL6IdNIsIo8Izrz88KchQ0R8rIQZh_X_c0UeTfSkZSTxzslydU_1lLS41nS5p7r7tB0CDeB2bjCxlmDRdaPZWQ3o8lbB4K3cs2pr5Iw2nCbkSrnkBBspGuYyIioPIPzbWY2EzxrmcT2eECmgmDVLCT8N4RmVdSYKd2axzfvS8-teF4QO-AZf-ONW9QGrZF2XOmfwL5msdS8RX0JA44Ke8cIvsGOTMqddsKSvfs4gYJrHgih-ZyLr1VTvQQ8ktmmLTf_SRxFwB2mHRhrF16B7h29FcKZqdLrGIRYEVc07S7Di7EF1fIbwhbsndCMu9L2_6Rkfkr4Mtgyu2HKWBgpB6zNJebCHz3R6ZCC0ZN-fN4Z12v0QhLpCGbz-6QfNw8EBXNd5-ddJxEkae0R1ZScoFyNXW6BPkXd7KplHVl7IOeLsiA-9W7GA3J-2DsjV4iMG5xn6csSq1374Oo0wOhd0uIbgYzIKD_Bc25rVaXj7WyEqW6IJNVlsScrh-dG0gYeX3_vsdKXPL1Xg47Uu4sJ6RjIHwS86RP-aOE9lkZiqYhWf1YGhC1lY0mG4hs9-eM90molZmxDkK9fbml9eQnVaTie6Tl5e1yLF4C1MVxrkyByFxjXyCozllUcbPLBxdkutwNtcsY7cUIzF2xiiJJFWQ8j1XtMP2uQC8-0sYwZn3ZlojmcjYc3ODbB9fY-tZgF4xJZ4ae8p2WgfRqeX3SLPXMAEncYgs4U3HUqUOMEn_7upMK6eJxrLseDFV4qMv0n8zN7RPy_0CSNe_kPpd6aNiIK2nTfHcvhRxrNde9ZA3Fi323bIKdHZDecVPZtFvhPkZZPJ4vvT87ImZNRjNlO4OcLUA1mrnqypU5uDptYAGFbxsmHpjxS6WVuPzI9j4dmvgI6ghDHLaI_zbouTcfGyVGMHqQToTyOTWvfqBD92voTlIgsyt6TwMviccq4fVGIHqzUGi23MdbrnrhOcL59Py_eokbYtn83d9Jp_jK0R8hqKMo2s_OaZnYicyratkAV9dFi0hktra6WHJEyk_tDJe1ndse8pbL2v3LufKI8DgeWwN7YwA6b25MsdwIEaZYWfz_LvdN3sOM6P_CZFY4T6Ie-rGYf--RtESQ6QLAPABlB-ovduy2NU2LcuuyoOXrdcBHOc0E8_fvl_Py2uBE6Cn-FsKcKzqXqG5XPynCtRbcKE-VIUmoUASz55v33Hb4HObSokcz917_YlRUUCSrjysOSsO1ux1wxlbD0NBgSxM_UDwP5hCKARESQGo67b6Msu66uSSqZc643U-iiGc-bKK2WYvXOeQFu4orcyt72lo7qUNlHrtJ6v465zkhRyg8bq6_1dF4oU5oUjWvkWdvSIGEIuYvxxExJRYbMcOqCR0IkatM8ZVatrcY629fnrX9x4Z4VuM3vAxhQvl8Zg_UYGUIc-ICDhXBMD0vF1Mzn7YFnxPiRVrkwcfaOcZj6eZz-I0Snt7cD9tZQcUo9Z5ww7NDf9yH8S9B5o_-yVIpi7z9QHyL_1zOXJRaJM3y8x2ERvnUIsu-B9DCCSPXEoZUUq7rKl9OS36hggHDoyO--4Tev8Y7u1xeGgDHOaNnrR_PBhkNEiNvrr2ieq-MzEKbaZFOwJe1YC2hwVz79kd1ru-N1fHqT6szoQiE2CiMSquQe5HlPx_qg8r2gEaGSbEmosqspg3NtXt8L2zGH45xXeIGNIjeUHCbEEE_999HMNZUfsc2R8bzH2mTVrJILHjVQ-V-EFMafVY-1DzBKsy3r9SVtiPz3GXYomlc_g200awRbgDnJWx_AwDDAhra0acLeWXQvaCDXG47OgN_bstb36FZhuJRmzARxIxcEJ_1PTLZ5IN4z-Zq5Tf9w1UDrvBzxHWoMeGELVovxi0vzMtIcjQp-R7mSNVCq95BD9GoMDMKuVas-ieDzQcUohJsE052gzAyVY0aX8sp5i6sCA3wbmIDjTTukbK8kAF3RQQzcDUkzz6zJ2MucwTT7ZyJ08oDXvon8vgX7XL46cd9NNP-nLRT6TfGc924neB6AbDjsFYojzeMMtfFLh2LZzvNT3aU4j8tcQ5TTK3CzOmIVLu3AQTZW7aY0h5AUEF6UmzPMpEY-Zi3F8G_kC&cid=CAASFeRoOiiTtV0-E7j3tlyjY5CLTGamew&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7df688571c2604736a89f64c36fea91cf21ef77d36d7de00d8710058707bfa26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7C4
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_fSY1OsmRZQr1u7sOnKBLxpoKXl0FBfrhpgaucFssZakZOp0Rli0w0JpcJSo5efGjDHr97NCr9ogLFivlkV0u7s5Mn_XWGlrspQiukLDRrFPiT-k
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame F7C4
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0itn-y4fJEiEb2cf7hr065f&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame F7C4
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0itn-y4fJEiEb2cf7hr065f&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F7C4
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7C4
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F7C4
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
l
www.google.com/ads/measurement/ Frame F7C4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw1H80rp2-0oqkHVl58PL3anynka9TaTUG5JuBpW6DNZhWkjUslcsl3KOobEiT6kFgOm47bmQGZzxhfxw9ndHZMETa-Q
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame ED3A
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 42EE
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYWV2psUy0KNS84mu9HZMkrMQUXKV1iYWfSFiVYxhW_3F14AGPDbgcmt-3wHlUIjVBvd8gOITgWH4f3DpnSp1oC6MVl0TvvqizhjRuiZT3qEPo-Z9pborntmEQ7ZUAnr2vNb9bvmXDjuvXZxK4Ty0dcKPveQ&cry=1&dbm_d=AKAmf-BUcaOlw4wRcp496laqUSXo0nAzvmOkAQHsj-JuwJC0o0mH9GQk0y8_Pk53zyrqr0wGj0pYg0WhJ9hnjRyN5PP5eZUzOH4Ql0_D3SUlUYhir-XzlrIUaTnrCcVjL_doxVidWyZSnE-2QPTJ6p5B1btGrRQQ3-kiI-yRB94A-EqlarqhkelPIo7vqKsEMKv4wRm9Rw3ZKN38eOuXZXyI7Ixu8UlLMr0hoZba9ziS661JP-_IW_4pJOA8lh8rGd2QsWE_kxpjEqbPqTrgmfcfcGgi3vlFMEul5XrrnFEHmItlknuPU_-uciJdMpXgQ95wEjHwidK9ETVPgRoCLFX_P9XVfSpBeEtg4qIRFGNiwarn9qbvRmHWG5BiwrNf4BihTloqvmIDQgul8_yJQXNGyZSjW-yOKDVmCj5tKSa09o5hP7-CfFHQJMZ5CV3XrKcMs-553yWd_dYrJYbgSzbhp_B7b2VU5ILzg_dknNIw6znp5-vj6I1o7ZbiFLoVylGgttqNjcWjYBkXE8MqVelUJ9xHBWA1j3nPkIUawyWKFsV3V7K1bxvKJYmCcVEBUzYkUkpWYQVJNkSCDlUI6gFD0H1CZrBWzlwTrpWcw5kuOamPG1c_8qc7uB1sPd6h0aD10AUWUZzhLwR0wNEelEAneh5CgWCaBW7wBW5Po0e53wwxupY_Q0ASzttmPEMltO18PIJICv5--gTD2HFETu1vwv-qZlpps-RJE5YB5LSZ5oacZ74VDA5rcCTVyhhgjG5vvlQ8JFhbPiMQTB7CsOduPsye4BmmzbC1veUg135W3ZnAHRn98TwBQ_tzJzNlzCNltW5gEPBvjmmszGpAEOwcCKemmwKTWYNnYcYrB0CChA7ZfAR3bYtsUteAK_BDdy8OHPN6XCU3G6SP-btl5BTZixcFRVWSyfDA1QCseGYpqR1HpJmvWgzCA2H7mQGY8zm2l1YfHZ4sv8Klwy_LLPaKtJqCjyytjcBLgh7oMkspr9sUIHQG9-gJR--j-wBXdt8BNs7_pesiUgaX1gfMnMOLEGRTcoSHbgNPPsQ0A4m2BCptFmz9uePSr3TZDybSk6Ek9n7DZBZysYaR83t-vRQewgN0GOgPAJObqB6dvsRVgODCkr48hWxTeoNMXGnrVmButpEEG2qFXAtj6SGHfdfot1qUXOb0vwqn2rWJawYbmp53f3h71QF2nuD1NNjtWThjd772OqN4CAmmT6hxxS2kEtbqWcnkrXu8xP7W2Um5XB7IyW29RHyF96IphSUaqMbRM32PIyskcEXxn1QDlmDHHmeLwrAElcx64Z0dzAH4hq2vqeVEoXoumz24iMqI3mDTlq7iR0nyMiHCGf7Zj4wXcXvSdL1SXmU-NDebqgiW-mMT_8z5wOTq3lM-2tlf1QMwSwtjtaAHOIu_oPMzOpW2CJcNeHbuOhV_-eK8pOXSIepfdpTtl4OPqCUsaSzPdKIpNnNbe1gKRa7wWYjORg8UI3BgPa0-7vpgUqvIo69I8t9nKvofaMp-oJEy8cyfdEKyxy23WW7MEJIpZdTiPmVb7ahswaNNCPx7tTFJcfLn3n4fjiUfkv-IuXcJB8fD-rOIf4_aqzeArOrDPBYPSxy-uIuklkg56ydwhRcS4dvFhn_q5KvyGBr_U7IjA9kQQVDqU1yRjTiUBC8WY0bTCCmAqlOkRmRx8IgOYDb51ZfCE1ap6_Zg8LL1R88QoGTpxeCgCgZfSHS354ZsYsf4b8ZR7C6jOSXgIFZHNxZk7vl4ww967qZ79ZsGCEHmX8rxSXavl4FThJhJUFnpGpHm1FYJcZ0WMoVTyFzLaIVTsJTZU7RuJtN_6oKSchol6VhcYV6eqKcO2IGJYU_35hyfUB55oy3rHnVeSGBHaGiIIrnksaBTZk-14pvkOlSKe6LlmkjaJGcrSBqBEBuPOzV0JRsibLXtEOcN1ueIw7N-zq8eIaO5qSl2008Ld8UnGgpn_LExxKSkzXX_9KKScISNEo-RBPb-1uLfL-XqfiyOkAMC1pTl_CV_V-nRERdxvv4UJxE0UrE24sBXx7Rcdza7ULLQtH1iaBWnAXjT2fZlEZKRZ2W-gAnUhVjwk8WcuNV9isJ3FTt0Ljn62zIGtlll1LvY-BCb2U0RQjqrU-97EFQ_TMsUMYSq-aJ_PevCylKhxeCyk6K2KryfHzKERpriMh2FVWxfm1omy8b7htDMF0T5i66iKaibWJzCC-aHI6a1ARuYVF3FP8ImMj-2ycjZ4fViYYblsE-pfcc0L9hbJcvYJBNdbIoGMSQuCRTQWRjYexEPiZIPcqFdQ7xq4KzfhAQrhR8bzvYP5Boqit2LHUHHt0vhEUS3USWKL-KrX9Me5IolxP5T4UfvhlHEOxLQwo4ljtZTCs0-HG4j8A6i88ODdwNNpgXHyIwTBZSOlnEBd4OVIzhVeJRmbfl-kiLGag1ojJuMOzg6R2Y1yxhV7C0mGoZgrJhZejSsMyl-rhf3c-QkNtaVW0Y9ops2JaHrAimuwwFaSkalUeUxKmQ6rRxHdBZVk637qMCw6v2ozk5Xk2hyzrMbdhAJqRPeqdPW0CafqBqu9t7a2eHhwa1urVbsp1aEc-2F5O4gHIkb0cOi-_3YKTvWil61hkwKc0UGH7wb8LJZghLLvM40RUJb1cN1wgLUaw4u9A7G7he7YXPBaw22QRkFeLTYl3YOfHoEFGWdjw0H49-26UnZDkQc90I5ABrh6nGW3P2oVJSehSC1lKNMkWOQTqEkO3cP2jLE0A6KOIngJ6_OD_7oW-zgnC7zkpMWXBnqn_fcLXW1MJHq2yLvOMAA4ZGjDC68CpcGR01hoBOTBRs5_de0CGApYWPjSD6XHchlNvRqgoohrSl-LI8MY46LzTit2VRlFxYQ3X82Bs77B8EEUvnnccnu9On0Kxz2GM_yybbL8mktSFgmksrJyk9en-bHaOQhlH_24N5F2bpNdkvcC3skZI_MAAF2xRN27lz-4wVqfiFIjlWALPvCW554vsBKO4Orj42CEm1kBR3AN0SXT4orgCtDMCsLFIfgv2PrNOKh6nIV0KGR6MWaugVxJ0_micgVk_dR1Gp5ZAFPJBCX2gRRvk2wwTb_tb2cX5B0BAsDgcwKeYV_Zs9gZEHYVk-O2z8wpPZoQ9tFcrBwatd_8J79Ne_Qy6UnNOlJe3eZz8Gl_iJA9KSpYtY13jdcPJdZYJb9kztwBf4cTfPAyjYBmBQRsmipgkramt7zrTwMP0nIyEsnyS8kwFQ0qrQxRF5Vk-nl0P4Bz3eqx1xeM7A-SA&cid=CAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4a24ff5877ca451fddd867b599d359255c9c4d6d65e1aeaf71d2df901daa2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13019
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42EE
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAxtRzrpaRMHpsmLBG1Z-QGI6nyhCWyVMb2kqahRxALSErEGRKD4mrnx24IdBcyfuCwWG0sWnvXnA7DXCI2gXeh2_9XRg-VxcbgNd891v3spiLldY
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 42EE
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42EE
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 42EE
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
l
www.google.com/ads/measurement/ Frame 42EE
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROfXBoJeQb2KZfTSNW_GYMb_llFGSMDT5k1PzUHU906xLS7oDOIk0cqoTHQoQJLq5-X6nRreeL90zp9maRVpkVMKyumA
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame FF7C
624 B
340 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E30B
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACnYDC7PB9vGLNe5M2Oih02724DPmAjtx4DAmy6mZKGzwIQH5K3QAk4PQ4Dr8xtssU_36aEoCwdYH1L2yDBz05wqVSoxFAAfQubomAo3t7j4_QXqY-qvavoQgZI6QU-LFxgI-fmMHn8PiA8ukiu3kSITo5zQ&cry=1&dbm_d=AKAmf-AEu4HtuKSOQ5BCSrzXmHWR8HJ9tEROWAFpIZJJwyuaiCfjCKgDixOVTWsMCsXtX8hdEZvO8tKd7YlH0SCuaIiYF-I4xXarpNZczPuJ-lItZqakDtSc5SLW6zwUyxH5fDZQ6Rn5xZxII75V3EKGiHjm4xD477iKPp3ZkLOlj_gkCYN3ioQc4aE9TghM591wY6Y51awiTYim9jNgng0n4mmdUce9hakRpnm7ukqVMrfO6iL03LdGbZPViBrrLZH4tdOI9KAHXE93-PRF4IY5ifAyJyrTBX65Op_7BE4Q_YvTGzxgFBIt0dQlNp-2oQnOiI1WylnbJikdSueKdwRKJTlCdO0JrpA_g6g1r-sNFE-Qb9CGFEsk4fTlncmEpWneSrlHDaMbVlaDdqFPlCjPnnXkTllHN2uD6IDRP5OTkAWyMRuj6UA6bEx1dOOaaHFq4qendeBjiZ9iPd5ibMwwgKuxCNT8dDpITA9r9C4gGMAQg6O1GUGjkE7kD60wxUOPzMvp_vuXrHk4VGJ2SYMYRoj-yDtkVgHGAW4w_tFceQ9qEbMNV0f24kl3VQ_Jdm-6H6xx2WBOKSru9GzJLTocMJjMryU1aMq3ZkFkKADe9Yf6DSDRzy43o_PhaNfoNyaGmyOGeQB5Jrj-nTyCbo1UPGV_sutkSkB7VPASzrc8m4alLmkHFX7THQLYgJZ9BIQnb2ucML8FtB8oHMEkYF0MLNfZ-0hF9QqKHrlKQMQ7f2N_BtwfvEiBaVrnknUg2ItLheOq6DhtOtg_5UqsoJJ3rc7R5HXcomvOWGvxbf-KpN0KdRLj43YZhiEV0pHz2YgFvrokSbY5VoLv0Da5IPvCQZRZAxbdusMuu_uNq805g_IO4ZcV0exYZgBqObTmFCNYVebA-YlEiISrsTr7O4gcayO72f-PqB4D8-YLfj7TRkNrMzofTWLrKsXCo2mmG0J1Ttuso6hyh7vYheap06oq9muTYyF7WqS1uE_kE98bcug7xjn77QN-kscFzCZPD4aYv3M751lWfueoXVu5tj6GC7NsJ6TiauzDHQdHDsyYDTAYX8vbVWPTASbHb37HAh6-cUbvNm67M2e9mMmz0_eV4XGaHWjpN70M-t6YiBhGsS9jLGU08EzBER_8xmd1bv-uNmoUyr6wf77OIUDzEAboOvRsz104kLvN2To7VWEMt0CMZnpLO-RD9U-CemH7SV6_WFjwxkQhoSgkPwy-R6VUr1iOXmO4bPnVcz8Rr7ErA-4W3L7z-HKzLAu5ITWN-H-DYa2G_S5TmcYG0mfGlYNwvlj6nZlVH6nveATPX47Olv76QwhwQeoS_kYELEbDqnZ-gtgf_zYmOzSHB6Nomtauawf-D0FB-85I-luMg773dP9nXiSK1K0sAS3i7xLz3BeI2y8cL4khGWV3A15EX8rrENUrEaXL8det--vIWdZifKYUUJNW6fD9MVjPt0nzl54oHZpoT7d6a9OCPReS_hj-HYJjb7dRvkcWdIgIT3A-i3DyaSR0_nzF2gMAXJBjqxmfSM5tYwpTMnjG_jEFeRetZiCbO_9A-TMTfqONN7Bcra2hXcgk_W4dYT1jISSTyHMTpoW-PHHefsOGEnR0hl-tGmET45Dl4P56mBL54WtF9et4yX9sRyE_N6DwXuCI0m3Q7vZbkZzfj18vzhcOpMRXFjz0Qc0DU392VyLQnGBKZoBEX6g-SGfnzEdyZLNDqwLhx3cqSBXxC9AWMwdHI4lV0pfDrkqp7Krn9fA3E2zeKkD6tYPRMlosRTxyTU_IoRHluS6vFjFYOZiTWNRuW4uaq7JZncxEOodtnHXNVeNaV-u-WqjtxfYtp3APs4f7vGZaJvjopfPnwJCoRd5g_d9sDeDsR0fZEXg-ephAcMSwjyLfSwurWBToQF7-zhNbPst0YO-Gb5fUTpOxjEJ1OwkgGTx33Qt2s4aHzfSiIfAAKZTvF0Dmdevxw4wqB50eeKupvCgnptjfN4HgcrPKng1_gPcRnWlq89a4bjjl5dmOPhpjWej1gFVPQ0sLQb5UFczE49x1FOXRViAU8CQsil1c94UXIioFKY2wEm4_aJpMrecFfZScflfQiIknlewqkOfZjA8TwCdJSxZv3hPyYQmbpZWo7d08ZaZPgsWmlBhagWRSSQzRW1OPYqmxBQylaIuVSLe1thB6Uxz_F4uY6L0qeYvd2CR8jmm3lzn4kfbjwcpIddKrilAnXZBwEzSqiQK6batDogUv77dDt5EfXRNm5cXLVQmk3Rtq_IDPUF9D0AI71IrPqjzkhYvqdlaZ-HNik3XNtx925uK_sL-E-wX8dE2QuxRTS5TYzsHAhkSJnEiHbMWxPK9JbgdlC8DzjLkL_alq9JH5tDf3KG24xW_3h26zjMO-_bnqSJPM8_lR2YzXT-ScJ51eOvDAiw5Ki6Nl94rQ83QlFoqU3YdYR5_jLm5QhqGd6o8bgtzA0dM_W_1-un6EIrArfnIlcmLOJ461N9j43NpzuZDpGqJhDS0HYY4Rl6m0p3uTawPCjeSwPnbXp9fqHOihcAcA-hFECGrGlZTRXw1nS18rjtNe7CJNTi8Gu8sPw4eZwaa53u1tY5l24zPde7WlIikK9ivMF5kjsCn1810mkS1mPi_kokfNqGN17QXbyUbudLXt2G9jeHAPctW9ijHlhhBkX5zuxq8OLEXP9UiRPRyaqjSfED09eM4j5fpY8pWou-b3-R-ZQShh6SOTesFH3C9MlewHJoAv4mNcPtna0soqI8yapitUrGSs2h1nFreMJ4VLYAWe4b_0LUntOitC5kJI3hDQVtFQrnabE4pNt91d7gjdpjKcljvVk_d1N5kqp2X-5I_oKwwulz7P2P3eCeUghGAB9J2MLFjgnmZzP2ebLeCTx1EEvvXv02QrqMc23txsInA8Ro8di44DIQZzdhe3ahDRxYJU5knhHd7YxfzmlRftL_ZCvhxHyQNwcy1apkXcFkeEzrEi4GcBGf5xfbjggBXsoGZGxopFOlEzuuardxf2MDuwKohkQF2MmehKUhKrACuZrD69Fkk7wsOgMH1D4dTCYZYnoJg5mm4jHgzfxXZBzPBXde1pE3c-3pLp2yKS3MddqQj_fxiBfeCtHL6jWWEihrClw7-umzk2-hTN2eYiFjgJtue2F1byUDZu5_GccyCGKtUDiTPHtv8jfKCFRfnhBcIHE1gkSsJmWgcu9SFJR9iFJRf8ufT0P3nIHuO1qO-YFA7QNzz6tVCkQGiMHmregO43yGxiINl6IwMEUFZ6f_DlM_hC1uvSIQ&cid=CAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85453b1884d7375dd7a249c23942a8f9091fa0802942b9254500ef938421789f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E30B
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7h6tynrKWsFfGYJUm2DZTCqVdYklIIuV1CXJyCxy6WtpGgVn1uA-fNuzOX-tOCEaRjjQwnIBtori4LOmTQ0S8k9i3W2Jmq34wud9zikxVJRfNUsg
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame E30B
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E30B
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame E30B
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
l
www.google.com/ads/measurement/ Frame E30B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzBfKhieAneJnQHKmqI4kCqnkYjEI-kdSZ46foGyry6A5LYAODOsU5qVuYKrrXjW2RTLebKtqIbfVl8BlWbnuVGg89sw
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame FCEE
640 B
363 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DEFB
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8XKodmjzrc4AQovZrZiuDBYQwWT5mqHPEh1jLA-KDqNIzrkM5zYISXbRYJN2nFHUPzeao-1Qyt9ReDxHNtNMjMq9OsrHvs_tGa_4DHe2dUIsyJLT9AEFWivP-c_ipHABNKEHJubx3X0I4z2CJpzPq57f_kQ&cry=1&dbm_d=AKAmf-BgHpBMx4H4P50RUjet2RZ0w4BEVA-WDPrS1Gs5oZ6KH32gX8MSaxXDxtBYPZTHfxcEXQlU2ZyEXqWOuWBYOR0P2y7G5PCRb7wrpaiiwogO16mwEEs96FUHOo766aVoIDQM7keBlRl8Biq19mllGLNK7_C7V1RxU668oKXGUD58yGXeYzZHWbFLtKlokcIoYS2WMiJWJgcGWfKDrBQJAyQJh40C6IL6oXWGnZM4ez-kbSrBA7Qrbp56KkjzAIaXeq9FjYwkWFAxcgz-XjpP9DUw47G4GLnOqfEy4RStxSMefTtruVnjcEslcsaDORQEMjGO7K9OvFDiOL6e5KwD3lu3Q7vq4kQisY2Mfm3bnvm9bofw6BGMtHSF_Hx5FEpz870nwZ-0ltLEPLbjuMYpR3QNXzv0lrPQxeiB8LbKMpkg3s2Ccp3HfyfvUc8RPeONCyoDzunDKmX4CgX1FwblLC3fwqIIGXyD2W2Ii0lCjlr1LBTBJKjBqHRbRXyeozSxwOe6IHYYYlnQqLHSm7RAltKdP_Z4QmKMCsTb5H9o5prYAO5ZypKc_x0YCWAMTJXoe6fKkEAhhwl4Y79ils2CSbI4jKa99Al34j0mG7jAeQPnM64RRZlBvws_v5kzIQ7qpAN8MG5MGHLK7XXxy2yjmy_Gfpv2fMu-xjsrbtfrrocbUvGj-jZ_qFIjxlbX_ikqLqX4jqiPclsRnwwa1FlZne0Q9J1RYrXVsncdievtWYSUq8w2dsr6TJfiKPXmlgkr9QjRNodVKTEyIKq6AzlIAYNrzqm6hjzgO_-AvcUUY6S0i2ejZU9vdXj8R7dZdry83uUHmeEUExxdAWyp6MtSbT3rWiicnEaHNn0r_JHQ3lRfgJNHAyPzSgslIB2puj8B-l8hWXJSumimSV-j0Kl8SUvUnhHo55dTqDgVMv-PoKOq8R_qvBjoA3YgV-FeL0mCiID7vwXmjIVqXNqsY2vtqw39d_8ThnmVnnbW8lXqiQU7VSDM08H3-Lv0Aixyt_jgTZG4KVO1REmaIPnrmMn2uyB_0ion21jt_1vfjJDKlGgAGy8th2lS9c-VfzRMmg24951K1jiTz7woAtIDrRFugArV7ZRjOu16agB9Uz2qmVn_I9sO9cv-2K0p12r0klDSfAgpqY3AU4kUsJ7QzfOw4tKrIlcWFMW4ngUCVNRlSRBKG95N3svWS3C3VVC67iNHzEm7CAPp_KfT7P62soVXUWj5VN_OLdbiaCyo_tOEfUtsnwNaei3qMZKU2MlAGGLR9jfLLkw3sIp3exilXbb7DI3Xjl2-sZ_oUz1Ofho003M-QV47TW-MTAP7rxu8ytukZfb4L7Hxl6gX9_Q52G4C_mi5tDMn2KkMsFV6Xt3k8FmVxGcgM4CO0bq5vibJKI5YVPso-yrhJfbBmklUv5zlMjOhEmGHC33Y5kWEm2QnCPe0tHbBzYJPuZZBhSRhpPBJr77dfFiTLXOLbQft-4-f_1SWqf6KhYq2A0ugPSSmpYEP49gGUk4_wml2djTjUc2jBCMB_Nn0siCysURRbTNV_adAIyr7pACjJkugK2e1v9z5ecKKuSlulb0cA1B5-a5_Kqi55Z2dk1Dbj227-bcggkx5wD8mqNPavo6psYNDEcseQjgeotRjW94Vx3Yx7LrBE0ii7w1V2NfnEkdYw3-5ZWpv-NZ5gO4-Mo7QT4OwDHCfoZf9T7kobaOPIuTXr2Qs7UxOOH-lXd8I_SiUORsqTqWCddWVf0Rd7PVaBaZ55HRiEYf8XCySZCryPs8-raQ9ySBqaNUWCNH3XIK3BEDEmtD4C0ElN8EBGdtw-Vay89m2hJjWls0lOw7nktQvUc_8eurVY_QiW4dbpt06mjpC5lCYfkGV4RBBcQmX1fT2qoce9syGDVoRdcW-2L_RFmPIn5DU7JNAJU64ABLJF3T3Pa4ZZxWW_JXDav2ZiI_SM4P8ak99wmmFkuH0Na00g_PTvvN5GM8ZU1HH-oU6L030N4kMHJ2_6xaZetMWJX8C9YNSzSXfj9OVN2wDJJDiOn4N1VPpTMwSiRWWyJHG7mV9PnYmzE6WPOvvAQiYxgZ6tYA8wOXaq3PkENQwDXO-BzxzetQoeGM5agwxb9h8qDkrsRpl7o_9KIg3-z-EF_ZiR1nfiYwIyPE-Of5Q7g7qHulc32Mf47VJvPI7RiXw8c3ju-YXQaY9IyoASQ-iBC3MhfOSgfDut-FW9qqOxAhNnGQKOwKECnTJAdHbGmPZz248geX6RiOcwsA1jXGa_kd0YWAy8qKHLyTiUE0SsaXYJOlZnTnNOauYH317oB2ZJIQRgJahdE4DB5nVg5Ydh66jmSQNp2GBUUmaidERnb90TmraoZUPljmxP8BL1iUTeqUEtZEfjF2jQjQ6Xu0awFBiIczMeBN0xf4BNyB9iZfCHo3ZRnt-MfoJp5oE3GhbNX10g6r7dkaEndzzWSOHsXikGQFe7OtdJvy7Dwn6QXGxbXSd8Pw8p88n80YF4eTzSse177sute4DYPo6Kjc9KGughKnD-9t8wnmjBc7JiOJPwLaYE_qwAFnTGs7KpvdTCDyF45Wo2HE19_DL3sdnsR7DoxfOtuISn3pdPNH324-uDkeYrCirJRXbI5we2o8LqMDGXv0Mcu0zNXZC-KyAiV_b3o0b6vTPJWA3xhKgMQY0x6NzzZzsExO5Jjg3f6h80R9pl3BVtJDMrslKQ0STTz5jJE6iJlfI2YUSBv7bQmi8pFXz7_Xzn91OM16W4C0r4Nf1yFVNAvPTwfk6PJUHWMLfE3WnaKEEeRMnb6jazPyYkLiScMGwgQVrnL6epo_uG5rz7mHPLdvR1ifJeWuYryujayKRC4nZ0Hyi7WOIpLO8kLJfSKbUOJlgeFV9eFC5_Y6ov-4bQATwlhtpH7rhboYZFXdSHJDSF76lZ4Y8kV5TwUZaao6_piBYBIhAkH6YIQpC-jOU-7NwzRErh1eo0KsLljKtezGQkj8jGp3yT6StChv_4_cDoToYnDhMVBNtpLKyefahfiOsS_C8qCKg3SG8UsLNkDm9d46SVb8x4laUP7CU81D1dUYprpeC2pfF91CgmX_pFz9HRBw0D2CPfquPxNcRLeO62IxqACjiVW28oq_q7hEVxAcizE0gHfSxLkGpFfSiQwRUJVXjpp-x4BIRes8iWVwTTbvgj__d6lLloxreulgavdOv4AikqGvTfZm63YVsTQ1ottbBqsciNuHFxyeATZr6LEf0Z7d2DIA5pZtPsEkkq9ZAoY4f-fIHsMMfGY6tKIu_HA&cid=CAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
671524a16ddae2f3272f95bda6ad492bab1731ae0a960308cca6dc6a96c6a64d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEFB
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BzYFX_bRlvaCKREAk2Wry9w0VghVlWRCmH06wLZaPWJwQSE_La1pXV1i3-lu65OpeCipDd1RBstVHwwu3o0nP0GMGryXC4w66wVoc9LtESO3YNdHc
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame DEFB
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEFB
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame DEFB
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
l
www.google.com/ads/measurement/ Frame DEFB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9DdZXQfQe4abjW-k7NFa-xEH1oELKz4kkr-1yhIuw-kNhRD4GwSzIyxUNk9Fv0JXAokY7859CBDYGAIBzKkkUjJxnnw
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame C73D
499 B
334 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNU1YlJDYtYZHaVL-p03Z_kM6xdZ9tUsQ6GjTdUrodB-46HborP-cjx3_WMPzDzrzXC-OgCwu4IcekMw75MB_PGlloNsJYnuAhRfdNZeg1Zsy2JLFSACjwAOUugR3PmELynjd7eDOeDyX0FRYfpzCw2cWh17cuw4kT60RpowG5P1MXWWij8
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNU1YlJDYtYZHaVL-p03Z_kM6xdZ9tUsQ6GjTdUrodB-46HborP-cjx3_WMPzDzrzXC-OgCwu4IcekMw75MB_PGlloNsJYnuAhRfdNZeg1Zsy2JLFSACjwAOUugR3PmELynjd7eDOeDyX0FRYfpzCw2cWh17cuw4kT60RpowG5P1MXWWij8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3AB2
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4-tF-LB2v9PU2j964-wEUoTJCyBtZxx3VE-W8iy333V2-W_bCVoki0OwMM4cphjfNkd7Sm9wOcNra0Xz9ni6emtpEoet34w9RvAAnrr0t7k_LRSxhwVDeeIv902FwvdIh_uVOOv_QW1a-qzyldrv6Asgd3Q&cry=1&dbm_d=AKAmf-C4zA7ytAfKJQ9RQcEOlSFwUDPcUFUvqXH3Jdfy9nadF9lZL9vieaXzYwDrVCvPpPCe3Xgn3yKFSH3qOuAU3IOmupCfQT0yJUR53im6X2xIj_53Q0OwdGf3_-9S6nwW65qvM_cUUSdmJncmIEmMuI3VKeBXJD1cZ3BhNHbvKL8ThoCEKxacEy0AmFw3PF5sT-H0OWSdxANyRSGvtYyF2y0571vmPMP5BPk9vxBm8KynTV807zCLlBJNq5-LfhVpecr22m03B9CnTiN_cr-NGy7zg0rW_xxQEKsxd1vEWY3RHKZ3GjobM3JrDZNTRFWdqXye8tyhyod7uNBYFEGz5b0X2reX9cbSluI9xPICo1Nyd9djJZct-FkHKWUxEIV24Sr9hu9Yh7fol1dfeYW-7k2PHJY8_xq49AGiUnbiaz0HG2tNvr-xJfX6jvhRdk-yrz32nnjxcde6ZskC2zclrmSz5It_jYdl9bhmS79P3HjGEb2lo-isA9QXKdQ2Zg-kAzgeg4KmB532kWUvHXTOAp6raNNgxxzaFwEr1hGtsDeWDwbiteQ8en_B2fmioJeqzYKdZSvGFJgqemQrtH3HM5RqGlY35na4eLobLqmp-yk_ZuID1Yry2k7-zmGIYVMt6Spkhx-HLgfAuCm46IJFVfQl_bjrSmzmdQDNyrwmGtZMkDks7BFswx7Lv8_rAp62ntE-_zrKNpQUK-gqsbpIpltBozMBjT3zOgwnELNktOc4Nb9tUuuFqCYUKohRGyrEVA6ir3LBljZyJeeNPz1-9ULT2d36nUYjJ8Ez3EYcMBcyDuJvNyGh7wt-ngVawATGWBhkZU2o5OXDYFcHO8YyaDUg6EPp34ZftUw51ciBilUGnTdkB0XXcne5kEsnOnd4wXdtERqll0IwlCX_Wtt8WvuVa3oEm46s-pdlakXkGZ--mNEla07bzVEaaPj3dT3Df_LNdOVS3WWGHUFeuOcFP6y8vgzMxP6orzT5xrTWgh_2Pv4X3kES7wvTrEcukY4SUsQRoym0L56KqdHHkdvW6KYltfa2ispYveEPpJKINjjBhAn_xgu2MHIDl8tVue9OL0c28sdx2nAtUeE00CiD1MkJIC5Abl5DNidXh3RL_gE_8mTO09BnwpDkgPGawsSOOjzrZ_p6xqKx9hZW1le8GjD7s__hlM5b6aTpwhiwvgLUCczNYPQrFCvAw0iHHcfnwSUamJiWElrCAyhyDIy3042IW_F8rpHvHRaPKfMclS8MpbJ_irJydGVC0CeGTdOZ9b8g1-8gTDub3DsquXBi7Td2R-SkjLlO3jFgNvhEc_iTG6LEidGgm6hMEPAXHLOfjuxyjFTr7N4nR1TQTA3DDdfzo5EIKwhXzDMZczbxJMT-yCThVl18Dys01Y4bUsBDvkiOK7V_A8SwGRMnBaj1TQ0fTt9shB-2dsZxSmu6QznIJ0Byv5RFGuje1XgyNX4sgoeBtwAlD17wa22n62egBpMDtc52wYItZhWFREJ-mMop5c7Qugl9Qr4E1wOuSm0QHE_D9X64JBocqhN01Xf7MmDejWhfYjnu4EndAShZxAM1hntLLurSSpkgVrW2ewT-Qx7jO4vVCKwsSG1BBOfBD2RPPHNu5um3UiP5lVDM1lcLNzdqqEHme4psRsSnfeHsSXn0OvTFuyfRl2H8a_QzJTeCufa28zSL8rYQgIa3vJzmjcp2bX-7TAIdXyMJNq3_uJxHpABfaktkhm2V7w2IqbrAbj8vzyy5l3RLU0JKik1TRXsFSymSCLWsYVbsV48UaCno1jCghf-6oebJMR-5P4hondSHFBqYxFLxm5oZ8xYD1FL5OyobFI7RkWNLNvRQqbJaAtrhCtlqZ7RD_dxLG94UFDwbLYm5xZeBOAMprtmGBZMrB2XWlXHRwSszGUjH7pSpfR5mw7LUsajd1U9GUAgplOi9meL7yoN99Rv_LZhc_eoP7TXZEMTY5dnVU11X2RNVItHtWGGkkVFGnWuuI-PrBlgiTvjaAyKju0MM4F2Z2_D1i6tNfCQXobPX-wq-JUJ0kZuXgKxiRqRd-0tJrUpT4RgICt5cHeoFxFAbwn2IoqgDZM19pJzOVaGPFhqV6ZgNN710BtEBenFMGQg_Xmtji41D196tdFnmdZqV94vcC_LOHiCRRUmfGL5l5gbRw-NkvZQ5EQvTB2YI5fjgWq2HVyLTZvmne0lwo2hNOdC4KuT7hPbTwiypttaZicCZgFIxetSqubBKk29KUDH1rT63685KGKtwb8aP3pRgjoiO-NW-l06AKNqHEdJ_uZrpyk5BYd1xXAvhU8BeX1yq5wP5auegdOg1f4JQY1GUWh-YnKHx5adtUXvD35i22wjs9BX7arza1rO3H8-JzRULW90-tMgmMRROaNL2xDUJnmcSYYFUwyRow7jBJRZmvkB02pckmJ-A1Q6bc1_5aadcOCLXKbeZNGX9XZRVThxCKmfyDQF5ad2JChyQKIZQsImQz8FqEDdMfwtCirwvstiXTw3uzyEP-V7_jIlhl-PtskzYpN7S6kFAH1pJ68GR6O0z1Dw3Y9ABU4OQ1amNG6tmZSQW608oBNv3jEoUJvBoLDqs4lK11QeIfM2JwExc6Vaj1HK4De052I2K3tObIa4-HPU9IEYA1KrGZ-fxG2iC744IiUp71r036k9z2c8V-d7bni82mW09IqisDsuVSg5TddfbWS759LPnR9l33xYy7af_XKSBMfM_OVmFU_7TbVeBoMNoVQEPui35ILv6u6k8cWArMnb-DM4iQ4mGKWvglOs2FBh9JVFU9Nt1AnlJb9V419-8J6Aw3O-rt02ILQNbD8i5rvxCtqZ1d-Tu3eG8pHD6tCWHj2j9nC4sp6yPUSbfJliUwbGmbmCWXWRdIvwhMGVxun7fQN4LVVHAvMu9HbUbYmV6CQ6VkZ_x7E4t12VqSa9f0X0-VOH2vhcbmJIZL3tPodGD8HZiBpkEIA5GRn4UegEib2E6ZHQNGxUKaWD5KUhqRObcQRHFo-sHsFKcXiRoKqGC2ThHG3K6rLYkDueShkWJM70dYdqY6WNg-ujiSHpSCW6MN4K1mjBcDTTGaFd0BMmLOYcZBoQYubrEBbXkJz47aVCA56Pk_SGMNtZhAnKTj00CWicXDEuBNuez68vz9vYy0lB1oSZaSuiHc7x-4MwC436OOB0zCgJU2btXHEHoVUfg4_0ZDH9m2kymoyzmFmLc2CoQ6-jMv-epYIF37_TNQWFxysDvBrk4aeAJs6h5SvChIpFfclkzWtxhQD7YYeOoHw&cid=CAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec7bdaf13b90111920db9aa45b14254a0ff6e0def039faffe5adb8198cd3430c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AB2
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bvj_jmp1yqozc7iJmX1a8OIjP7bTg9dCEAS5zZs9a-Fj_xzAlARtCLpgVSkVdB6jaCGKXWfwuekhP3dsRAPPkKX0l39tfvQQH0o-yDW-KBz7iLQeM
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3AB2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AB2
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3AB2
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EC91
500 B
320 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWcXCSNn8PI9p89DLbFsMbDuT7r9BS09rrgTybYJaz3-K5QPG0cKDuhSS5a1Fc71KCEue7ILwC2EqrKfEhIne9-1vo2XGoq9WKK-VNQJA7e9QjvYyKDu2I6aw9WfigV6uPWXSbqV9T9qoBC5DTTh_aVJ0z-4ASTehGLylbagQQFPL_hHus
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWcXCSNn8PI9p89DLbFsMbDuT7r9BS09rrgTybYJaz3-K5QPG0cKDuhSS5a1Fc71KCEue7ILwC2EqrKfEhIne9-1vo2XGoq9WKK-VNQJA7e9QjvYyKDu2I6aw9WfigV6uPWXSbqV9T9qoBC5DTTh_aVJ0z-4ASTehGLylbagQQFPL_hHus
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
299
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2782
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzR-LHdlFxtgD2yYh0W1uykoXqmU9AckuYDm7ltondTBau5aDxdO3uQKxEUyqCZJOcm2l3KXU_as0MWokgmlZxkKGuWcv4gkwQbkVgsUaIfrSmK_2WDRwxRyo7Nw8gcd19ktWzyHSylYcsnrl2aAzd6I-mWA&cry=1&dbm_d=AKAmf-CHKAD4SWZ7AhD6zzEKt9jdsXhr7iphix_fqhT11dVPwcTfzuddMUmzEwqQE60fhmm8XpZCZ2Brx3_GWs_rYzbicDx7Wz-MKALdqnSbiEy2USVuFtlnwDFdFa7ICwnNWb8PEJNlVrq9aRWNWBkgQt6AbSEEySgEi2_e5UE1Y7_h4-BJWwt9O8bt4Rrwj9BmxtaS3tpb5kuFCmf4z6v8Mz3lgu6U7yCWdmEigxVwAmixJlzlg7YghiBC0qaEIDz5HqTwcpYJFVuWn6jRTAygHAcwYHIxHgMrz4cuT-ksUu49XDeMUWikMORReLJOd5Vk_g8i_Cs_TBaXPyXdFVn-xBbSzdnioUFUvwlsBhSiCD9QSp7QXqosvb_VkDVFC4xm_XB_-ddzJS_lHY1OvHDH1iBTyW2YuFqgWxa7OS-2cLEmnYchuTNQjp2nx1v6-1LPxkHDQ0zfpQT1cY4fmRqT1lFgzMEKHU8RN2TuhLY_jKBax9AD3HxXs7gKLnugFYYuy9lF03l6C_6URjquUFgG-vBeeierQ5ZJXiT-4iVXCGqKwV4uLt3Pf9lDwJ5274s1McDzmQl5Huj-kWFsgqhnxamSXClMNV74LcA6peHtaf9Ti3nPWV0cjiYSZalmOUEPWMjklayxUOX5pslLqNzVMLF89c-UafE6OZTJTqK1HFaX_0P2r7tZVVN2eR4PmRae-xtxfl8iuuJqeMUuh765DFAnyDPqrW8qw4BRB4aqxCzvVT9kHymVN9H2NzpwSy8DHc-cvw4tC4A5Rfht6sbc_2fHBsaExJGfe88lWs-g0McM9wWJ3Je7cD5oKqT17rtQtejnOQH2Mn68o3tm-1ZvX-YIDlhgjZDAvVqrnOfR0eDhjUfubPEt2IBdq4Yz1BZR7QaPkAqo6EO7o3fXtYRJq66lTdSXwztBcwcpEQR6QsyYacyjpdiSZ1uoeySLXu_BmtjptTX0OnKsjACfkNTJGZHFO6rtbkUj_zWdIUdo0R80Pke4nH4IpGMXlmZ_rcq62Rx9L1RXRII6prh-oWSxXG2WDdHRYG07CBS3Aqvy3hEn2z-3OSGBjppA4Y1okCBleFDALJUKJH_ElW0hhjx7eeeZRGf9g7h8VnVbf3n5ldlCGY05XmALmZnQ7ez4p-dz_uDY5c24h8Px8VpvuuBz-fUCOEutLiSSpk4fJkrhD_RAICSORJVtU-Q0u22sG9jOZ0isLX1ehDVFCSTpASW_18sKt0TWx8ppnZHCXJKwYNZxbLCLAlN_eVLHi1sV_oFeaqxvyDjl-h_VA47mEB7CCouW4_M-S30LE7Wt1MJhGD9HAMTYx5VocgqErsAyiURJJCvEiu8B981AFGmNd3VOesopQWeQIcmCbQ7hx6YYLovwW4K2XcQPvfzKJb8YClt9D9n2nu45jQJ6nIwNiQolGHPX31VL8D_FPfyoUe9ZBNsUdOZuZmKTUVnwy1Ghr2iGFmbqRgdr44rMBXRt7l5jT__xHx-ge5LBi8SbBQRgTFC-Udme5Z2rds_DLKKie1lVjgXDP8hP6y2lP_TRUW3P31dlBwbsSE8qQwhZp6PzOKE0kcT7byWvgk9rbtp_2pzsoZTbGja-0nAuq6isysZ_CtnrDhy_Qi7nvBYw0KJfKL8MaVnGysSHNdvoaG0BOe_OIix6GU87JlN1CEuM1SZ68dWLW_r6T5zKuuBWy7KSVPlAQRMqT6wOXucjq9xo9rDLWWWzNXIelM5q8iftJJKTCEzn4prqLytTKfvYCkCbHoH6bHI6mBvhT576SNg72y_wb_Zn7wvn8v48XJO9aL1QWAgXN-pzYIRT23gDZSbMhQsdkK1pY2LPB2VcJWNbNf-baqDK1AMZ90ZUd0F2w-Yqk_jcQJ_wYZJsOGU1WFJFlfD0C8gQvaytxMsO7yk8kvohxoMc0pu8b63RY9OkmbJn4iE3BjpIh5vnIp05gD6e8ybWGAPUPLImIOdu6SKuLngA2y3G2iXvLpkdctBthSzAdWvggarkOltFSwLU4PcfpNWdnHjoX3_UKBOsnUE4VgyBgxT_0XncqVn0mMKjQJHHtChRBMA5CGwTIPm3UsHaDwCE_I8UUf4a6jQb8lv3E4OjRvd9xQeJKQqnprze_WGCto_W3QTRs25RbR3r4QyA_hFdLn6so0sHET5guanOeSXpEbfXeHkxCPQPJbJW0lGQ_5aV9SS5UJ8F8qrimf45_T6PqEHJJ8n30KCSnGQpJmKytPIrhV-BPfByCqD6PkwwJ0fHuO6F8WtT_1sX8PhHV9Xmsi59HCGAUqFUIsmwoDVykKNRYaUp7QZ8upPxgp4b7zpkEtkf74XCt5FV1XzzVfsWGTsWgu0_Jb3mvutHvi03xQSRdDvnWTWyqWH5Lg2oUcbdtcI_qQITqI5U4NhRZj6LPcdbxwdowzDJODe-_XOLrJV9mPi28dKW4ioPXbHcP0gJt0RbhnGwtGtbD-QNY6_ubGbGbbg1NbUgROljCKrBkwVLhCyLIjtTNoIAj_P8VSJTRW3jIG8wt-3abxOeq-QLkkYLSzyLXG5Tq3V2S6PUjy4M1U610DZg5Pw48uRNB3DqFr1m0l1UbvV-ClH18iCRiSJy1562z121yApONu5oppfBmW1EAUzTQZQXHbSII7jo4P05uAhoW7GAgD-1Rm74-rkIk3a9K7fYTYkIqWFN4liRBEjvDPi-CY0cb6EePs3z6nUwX4X0z52NZ_UCd5L6lHzNdJCk7UsRLbB86MapRJg-ARyctB4YgrfdSe1Dl21GGXWXelmeKxbH-1XXW2rYZdF2256Ze6xTZkYxMBC9I_M3oul9mBGRLIbRkUQz6ARrycw2-IB1gk5-_GSqPSvQNTyAhQ8woPiAFj4nUcB6fahqa_ubumczE50IUVjtqxC5EvU8uAbNemjMndUrYrGJtW10mY0P57TKSjDAPaEQj8Qi1vsN0kZ6lRDc_19Y5dtgJVNVUCRK5FfPJ6PEnh2txcQ3eHxkUD9QJIOI9YHdFag5eZ5Df9MMqr39uMT1_zTiU08TBfk_Y0YZv-XxcPOSzVtd81etTzz98VpduWG1Ackp-kLgFD1JGBmx2bdf1QT2SvTnvHFQI90iU9DBiXMrpquIgO0Be6o8z_IyB71bImSR-VhEY7k9Ve8RCXIkCSy7KYD0rUXACpQDiTdqkf7wi3b0Mxu8e84NE1uFA1L_9kJpT0DpbVv3rWw2WuuQvvmO8nJPPMFHKjuVqZSf2DHFoZHYOGEMpD0TCFcX2Y5piE9F0oL9pgTNICGlUen_ZNQ3ghF4_A&cid=CAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d67330baf1f8349b424f3e1e05ca06287e3144b3d8561047e4f5a7dac04a939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2782
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7bUs6Ska7DBwG6uZ7wzKUME9BJpkPNEV7Uu1eOGnRZpzXvW928EhG8aSHwYNrmOPNSWGwejvG6fMZdJM_FvdT3alNCQI7JPFKgI7XUf6HWzR6pY8
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 2782
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2782
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 2782
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6BB2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FEB0
500 B
320 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNW4BfQtOr_Pnp3GjwoNdISlMuHsKs2zOb39LR3HPXIKJ9gSaHVbyvLkocpRVi86wI0z1w3JV7m-qRKlRqxDT7QUbj5tUWoSGwevq5m7ZUWrrRt3pNB2xp-lnHwKTQxTMNDmZTBahJ531rinSc05IpDTjYdhbxmOY-p5IBDVguAEwVaTcf4
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNW4BfQtOr_Pnp3GjwoNdISlMuHsKs2zOb39LR3HPXIKJ9gSaHVbyvLkocpRVi86wI0z1w3JV7m-qRKlRqxDT7QUbj5tUWoSGwevq5m7ZUWrrRt3pNB2xp-lnHwKTQxTMNDmZTBahJ531rinSc05IpDTjYdhbxmOY-p5IBDVguAEwVaTcf4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 24 Aug 2021 06:13:04 GMT
server
cafe
cache-control
private
content-length
299
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E5DF
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChXfM0o2JglmzGWKcKIoZLPxS70mbtlEUlt2CJpzuFolpuNctSj8xNv7ZnEUZJroSyGdpjwDJcvEW1im-quDTCf5k6M4zuIJmJYyuPrliphQ-NdBqFzaH7jd-OEQ4PbR3lOJQxRRoGokFtjE9WIULNqGKo7Q&cry=1&dbm_d=AKAmf-AjJ5IbX_tXIaqEYcbABiauREgFEubSlu3fAoh-Ne7FPM6IZvCDA2uBdW6F9EJCxm8xZkNXq7GvlxpE_fpnnZ1j9hdhIzn4O3_vciPK11VDsQ7NL2vWT8ZMnqE_RkqYjWEg4CZtTzgKlE35iEYaONZX7qfcanihh6_rVmw1jy0NduHjMvuzfornX9PZ6K2jrQqgZy9RHu1WZLO9MnPv0Bijnv5naPDNWpOID0g0lIDNwRBtEK9L2-MEdoJLfhw0ShjRI9OptyX_zyesAiaJ_2WuF83o4Q8zSqpJ6d7nFuNFTE-12Gm__qQUyl9azw4Ar19dj8ig4A6tfDtrISotPyKHVKB9q96AIDowoOsA_s3kwL66vx_se6ZW4ZlUe86s_VLgSMV_Rh3cevyMsAzQARp9CdxWMfGAbtEqIwO4tv6Eao74yPt94VteRloIlXR0yLiv_WCdPPi46cZ6wDDnbgjk3W7IhwyNiGpbMQ-XeYOBhagocNdPrL7GkTBs3eesyNemJ3XVW3dRjgmJJMhNlBs51vkiV9tvYk3YEycVKVs14ila69koLfS4nIA6Wfc-2hPbPp9eIzFSNvrm1qgYcxdWGTqDzXZIb-qCnYbQGYsbJ1bHxb7ttmUP4vixnVRTVebRoycNMXMEdXtAESJCTbcXtzE8LnYOBZnacjUlfexoMETqF_Ly0PIXXisndTv3yrcY9ywhWe8XWrpze09TO3TapLFu1blfdkEbcZ_0Rp2fFB7nv2tIXs11jQ2QgFp5C3Gr3_AokEz6euCV6Z11XyXQzTVuPWRtyDb1VkK6101NnNpTKFRmyCAnvs-Ri6mhQ8JA6kxRZcUTulFqW6Jp4PA4H4Li8SjfPOEJ7yj9CuF5piodvousNky_5bJduxr6xv1rkN6dtopD3hHHOYBZ8F1hQFFAVcM-Ume0ED4dqHBIBkC0BTsEJIf5Ix15drKc5AB0UoRKRtCiuCSK6XmY5yxTb8pH60imB_eiBCCCzuWNnZ7gZhJpBuGz-NZShRxrS6T5nlwKr_c_TW-W80mO8_9LmxAUAze_Zs-UOF9blRya5YntfEI8kmmYL3caLlarsCkHahTWtSpLTfjucaECigosrhgyFZ2fNOBvKAsBYwUv1xApMhVHwOpuXwXYj1nFS1nRc3jIAiOKhfW3vhOdFOA4_LugIQaDUfcvi9H0DKgGXTKsM61IMcFlpcXb0GwtW0IgJxKIPivsG8GYwZgZUUFUXtCtt79biAQVSjfH_Uk5qP1jEbAp2P1_p7SAfp1tp-dzYLW6GEpTzny2HTfvseuDwqVDTsTQcQmdbFrPlp4Hg2AHYVtUaCZEdteKjjSZPaDwWK1yeBqL7sAaYN7cDHg-HaQNh-Lzkx1byPjhG8no8FIo3qtvL6_hW00aiKm8PHfrW3J3RGbDA31plg76f4rL_bDSMgoZVGqynJtXJmNlxucv9cL4AGiJ9yUdf0AX-JkDIiJXkPRbQTuvm18SgedAkThmHf5dd0qqwQ5ZzMCedr8IFo-iEB3yBjkLTdY6n9EPqU2GEbNWTp-2PPpSRUNOPCVc7yDA1fMsaGrF-baF9Qq1bRObpl3gazNoCIiTgpDxCUzltlkTTOejrHFwqBeFwoIMNT8JEEV_Cw1yuiMYhNs2QIK-pDaqS4JyRsmERYvJo5l2MK2yaaqB5gEb3-CZwkopapxFBmu2IG1SYGZLiYE1VF6H9iwzojh2oQrdsjFILFsdOEMFSGEtc4jXGjbGU827ZnSvOYekgAoSoMc2F2weDQPv7Nmio09fWdeQSyRjWVk-_Dr9L6N3AxuXnvnpPCz1wSdLMaX-fsE2xCtT5HeKP9GYL8RgyGRortmGg78DqPdn3R7hF58MMwqZF5OpBEcDREtSxEfqVFB_yGnPLzp_HSpLzRerAnBd9xh4ecpfg13MCXH9ZE2Eu9bQzs8iFY7RrzJJcZ622H5MUHQLHN3gDMwwoQ7sTlmzfSB46eFl46vT8jIZoDFGm9_6QHBI_yPgfASAJfq6MfbKBD3VX3X4nCeiUTqE-qu08Zxs97SiYgfJ1gQxnx9VnbBmQ0_wG3HTxsnCyCN2XQU7W_WIHBNupqNbUHgnqHuOSzRRd4-QXLzZlGyCZAyRiXKUGkd-NeBtds8qPyQIe4Q_55d7NxgJJrECcRtIkqpsSuO_yciPwrZtenMAegBx45gvUk1F4PKHZj4OJaUv7aGcOHM-oXeJCdb-g9XQN-rBZ07oOdIhePtcty6jG3YJI3mqkActKwIzxfTJzFyvqEKvvEmQB505DZAT2iGoXqgJfn8wR_o_scl3za0GE1M7mugOznzF_Z19kstBLHdTP24CfPAMNmcJw4xQSmlIeJEa5n02HUbAhw8pxZZJ6wC7deDd1Zap859I0SV1q6OnxLiJYbgT4Z1FOUsNtHgtyC2D0VjBbYXHkTCakQ6bfJqxdXTCYqplzou6Z4yNfdlkPMPbraafTWU2WRRnqUuONOu_-Yqb22rLlZb0ev10o6-6_ENxibH72d3EUh4iOHHXeAlGISvqOp2zhc5BbZK8OGpRuCA33C21kAb8clDpwaBWErQVa8iURK2z2-I8mX_NHHN6gMvvXgwsfKIuvWNx0eCMq0epyb3GnsHgPlP97ruUfg7XZqFvIsdi7g5TMZgysEb-N5LUl7qFB-opXfSPGRC4dmZQTGk9lKGPtxWs8kcXtI23mhZfsjnisvtDD3QzZ3TE-5ff6yV0JGXxImpHsbdtePOxtAweFcSjscEsu9zhjMFEhhq2g8X7nE-PAYCv1wvsCr9rVOzJaSHTR4F1uTs8ithV3ZQZOM8NtM7xawDOfP4K0HmMShYGh4-6dky0bv17bUuaoclQvbARAE9a6o6TknWLP_ZDqg73nkdeiFZODwj79dLpzdTSG_l53OGeDYRVBnr_Rw1a7cZHXr3oifxrWFGP8LkbAf0a-s5-pUpgq6XqZcQCnRlYzwfa52o3TxNuu1DZ90khskcLVLNzj8oOpEG5stKK7nOxUiDTA9l1Qc7mNcMNIsk9X1N7HRFZqTwmDRNe202E5Cot2G7G0gZXSx5wDaSBuA6LwVj1o_VloydVTEtB5HUYzeqXVM5MaCb5BsuKskrigjyJpf-3lghW0t2T74Qvat3XQT3oyb2FbuqKfZ49RP-6tglKJFGjUSnYnl_8eqnl4BA3HtsdmJLZfzbtFMzhEZ0dhUrHe_2XDfBRtWyqdtkxx1pUhc85zL7XygUOJFHE9sGV1ebu8ADPZEnWZUGMGJUOpoLCXOeg0jRQg93oTrvMcQ&cid=CAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90cc89becd7c3af3942cd59fcff59b32bbb9d07f48d6e9c192c0c4857d26eae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DF
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ahfs2NWrEr1DuI0Sv3OO2breN-WL1z0Akv66DvWr_sdbgrUJV_eJIRG95Muto6UiPotSnmQvD0j9r8F19G14hSCMtk98m8jPzOwM7TvYz4WnxsuZ8
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame E5DF
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5DF
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame E5DF
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9CFC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 24 Aug 2021 06:13:04 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame FCCD
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaBv7Wj76P0uoXFZzVUe0f8kPKd3ftjZPy_tQ06oSQoTCsB3rXviJDIlZUycETn28F6ytqsQnMdkFUJ8CbWesWSH8bUUjvyQvPPmpM5Nt-TZKBgAb6_7H13gVI4WkgDWVcpkgIBIOCbF0VySRSt2eYJ5mQgA&cry=1&dbm_d=AKAmf-B1NEkqxq9f3bJ0iukiomJmWuG-m3bLPbx_QMuaUKsqRd5Or85IOmxPxcc7Hclvb8xXDm7soEUSPLG_9GllpyrqNKDO5ul983w7xUlIc4h1a_kuz7aDNTW6Ws8_K7TKRbUrU4Vi38dUk3uAUX9ScCkUAug0UEiCu_gc20FOtcCU38P2kNnR_5KiNhZU4suB0kIyHzM7QCXJFMDq-YPh6yK4KUd5iksr2YgaQ_ELFq3JqVmxfr3yDF4lQyYw6i3pPcEWQEaDlF5y0ffRjbhX-bwx_IZUNhHBfPIxGj_F2QcX2axAGlrufuTFMoPaXdHqIvapbDwiuvMCfmK1yOHirOnw1uWrBEQggWhW58zVV0JMfnf0SaMcLu5NFE7Ivy9UeW1IBjzB7g7PiPjkMmifCz3f4jduW36MF0Tgy9URSuWk1VJCr6T70krEdI-r2nA0-1qjmx6CNBOf1TCBEpQSuywmlkv15gua5CoNBnE1l3cl1854VZe56KQAB7PqRXXrPXRIVWhbLpKJnXnFGFDbodXLjUrnSu_q6D3d-_YpmmQLMep2Q3bjXxDT81omGLwFdZy_y7PMIYWj06oZiPAsUDQz_q_atAFE6_xdyKV2G-YvH7DjpbilB9JwDuV1Wl7kfGUdKwG3u_yUufoRDkHGFVEHJV1wckz_8DwFVmcSxcyefvrilwzjcMtbDoK9wBTuyY01t0P0XJSzXK4pM_Tj22omOQOEnSc9ccwCTwTVCe8Rc6E-q3jKn3t-_lrQt6925Bcu4u6eEK3dKOaXNu8L0CnoZJIVD4xnXKEU6kMHzDpkNrNBGjyO-OgRsj8pkyFtVsq75OQ4jvCQbYLJVklgCu0hT2d0GX5EGF-QADnk4GAbmGBUoPstWVXZYhoc_SnKf_ydsljIQuKzB8z8r7o2_ksgix0Ltoz6ZntabsKjMVJfCu9BqJqnDiK1jRjUUFhg4v7fbugPK5yqOxGgohC7JBVWL198P7BxBKvNozV2ks2Q2uAFHehI-PTwFnfbtZpbh0AzsRd98BlX1Jie87H2_xyJXNEYz7CX3efXwr2w3XVoikSP67QJtlpGBBdl9aobuk7IC_pMPkIGw3l4QRwQ5hT8HWxHfPDQ-kwnYqL2sswMBRwJlepZJIOuOoQxIv-S5qZmhfsc52Vy7_tSXoCdHCRJWKH3rrG8HhWoaemuzHoMwtPYAG7WtbAEDuoVTHysvjuF8Yev8IJtgsCeoRGQxHIDut7p7MEagu1jinTB2-d8A7cTtP-ljEjGpVjXavBSGpg6Fb7_yIzURiWqgl7j2laoz_uW4tgohRk0vYN8KLsvS09LcA2wsoFxFyW4JdsYUuJgNInZKo-CU4gdASY1GAmtCPpZSp4PCUcUBYVKqONtldRqkSXIFEjZvcU2BB1CH0M4i6bVkkNHsuHnMuKu9Kd2heh2zCtBW1dmfNQ8mxLp7ZhtdQXEmrBtLpOr1QSjBCpl2W3qxR27aZ-orPPcHvRsHUH2gSQN1IqLO3ZvNgDrzMARYpld2Vi6Wo11jfQUWeN1pjk_Dqj6vHahY_tyyAALDZv5tnHVtP06J2UuRBNUH6sdOG3GVSt-BvDSdjKfYaJucvK-fZEDo9K9JviQmkDpkDtWjCdiTfQ3grWdrcikNOVI5ooNvOa3FknkzNvvlIhkmCLpKLG5TZ-7v7DXeHAYAV3TdqUgl67qmsSFjeKUkbLzIFZpvqZS6PXsCMV-WS5hnC_F66NesAPO6bS9v55fT3_lyoMGYDW0FYL-BDqcUbeE4tKLXOfZZ9S9YAQTLtB6HBVkHxYuNriDdf9DKn2iMn9X4bdoObjso6Gg6arDasZZlXPnnL3K-HuZqxQQ5wbSuGtXl970rc09ya78hsceJ4Mt0-5NW-LbMG3lkH8NBXIHVlm6zSFSCPbvfabFnqmJ95XDm1LY6AOHCg_WHVZbcneAhh02cKInPpNlABK7mnHEQDXtfGLvd0CxABGosFi6qgdSejTs9MMbl74z6auCeJ_dDLzwHcZVyjasLrd86SOP7ueDLw1TxkPzM7l7DaOpnRoCAqBhUEEm6LI64_wlXrdldWU_UIHZfvpUmkDsRr-egAUgPMK2ojSHhtqwmCSzJZEwNmO51FS7vCY3x2rtFrlF46nOTXm2EbmXAzad4uK9GexHiphq2rgpF379JJsbWw8KEsBPuxRhWAE9dxAXmq0301B71MEUZcKtBqKkBaM196CI7zaEfBLbIP0ZM_kEmkH8C7KKmIJwznA8lhgspToflS8uFl_aOt9FlESYUs-HVluUth_nVF2an2FWYm6wg_2As0gJo3VF0c7Tn8X0Vq3ZPC7ao0yC7yITRgd4Q4vOQZmoKYMDiavk_wQfdfWMZv8Nik8qS-dMggLN6bPcvS6kIsknp3oADxKfFGMsiE9inEhr7XALuA80cv7M6nZPwlePnRl34e2thRgUv6zKZA7WP4D_RvNfn-Ad6MtQo7o-0x8vShNrJCaLQRptMWFhzDfllWy8eEohPsf2S13vUq6UcB7xhyM0croDJMDYX0J2nfeXQSNSZxKCqwm190hNkF4MLpfwtiN1sb0ZqRUvrFMVAvlm8G1uP79vCJH8TPwl_lZBM6tinZbCXyG75b906z_d2rbSxVPYEIfDKxI5WGyTqyx1K19lmZrvDLm-SGbfrur6CRF5JtcedGw8YEz3nKims9u7hE3lpsLfzqonIM-fDK9J8CNx0MZ7kmF7OGbDnrpCz1PH0KfTzlxUolSWgag7dgQ7wfnZALI5Fs8Q0OrccPP41aV_MZy2_AA2sUCaU58oo5hsBnt2KCc-MFtmY4Fca3TIexdC6RxzflKk6c3pVgNaZjq1FKt_6RWU3MD7Wf7W_RI4n5ILX5csIps9YgZ6r1Aw6bzBK0fTmCp8Xn3WYyBoVDlP2Y_pzOeE2u9HA4Oqq7kUHMGt-WIWKZLvzAmvZby0mWguDKhLSKorwgfeMaqIkPlaItX20BJZq7mONm5q3ltitDBpkWK3RCnbC6sKnkoHtb_sPgoQDObwzHsfKV_SrU9Y80qMvG1vUxh_KgvR1iXW14ye0GDrMfnVuUZtl72mb9KuE3T-oSrQp7Ms7_uOJ5ZbAGd-4xj90WLYOWh9aAh4cs63mSGHWuX_wrXx531l7FrVkhQZaQQyeZcyXWFvbkmNy3KhUkhrAp4RlkMElOSKYAw2UB5-wVHuu-ouvJN9J2y53p1gZbHa423C6Kgzt0xwYIK1pVL2QXTyqJIzYZxwEHqXOGV4hGZuv6HaGnRT_hhTyNcNy6_1eXlOcuoJ21m-Tow9a0RbWYO0pWWG6tVHDS4lBaHPtDqCc_80&cid=CAASFeRocDeG9B_IR6DKTIUs_1iXV-pnTQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FCCD
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaBv7Wj76P0uoXFZzVUe0f8kPKd3ftjZPy_tQ06oSQoTCsB3rXviJDIlZUycETn28F6ytqsQnMdkFUJ8CbWesWSH8bUUjvyQvPPmpM5Nt-TZKBgAb6_7H13gVI4WkgDWVcpkgIBIOCbF0VySRSt2eYJ5mQgA&cry=1&dbm_d=AKAmf-B1NEkqxq9f3bJ0iukiomJmWuG-m3bLPbx_QMuaUKsqRd5Or85IOmxPxcc7Hclvb8xXDm7soEUSPLG_9GllpyrqNKDO5ul983w7xUlIc4h1a_kuz7aDNTW6Ws8_K7TKRbUrU4Vi38dUk3uAUX9ScCkUAug0UEiCu_gc20FOtcCU38P2kNnR_5KiNhZU4suB0kIyHzM7QCXJFMDq-YPh6yK4KUd5iksr2YgaQ_ELFq3JqVmxfr3yDF4lQyYw6i3pPcEWQEaDlF5y0ffRjbhX-bwx_IZUNhHBfPIxGj_F2QcX2axAGlrufuTFMoPaXdHqIvapbDwiuvMCfmK1yOHirOnw1uWrBEQggWhW58zVV0JMfnf0SaMcLu5NFE7Ivy9UeW1IBjzB7g7PiPjkMmifCz3f4jduW36MF0Tgy9URSuWk1VJCr6T70krEdI-r2nA0-1qjmx6CNBOf1TCBEpQSuywmlkv15gua5CoNBnE1l3cl1854VZe56KQAB7PqRXXrPXRIVWhbLpKJnXnFGFDbodXLjUrnSu_q6D3d-_YpmmQLMep2Q3bjXxDT81omGLwFdZy_y7PMIYWj06oZiPAsUDQz_q_atAFE6_xdyKV2G-YvH7DjpbilB9JwDuV1Wl7kfGUdKwG3u_yUufoRDkHGFVEHJV1wckz_8DwFVmcSxcyefvrilwzjcMtbDoK9wBTuyY01t0P0XJSzXK4pM_Tj22omOQOEnSc9ccwCTwTVCe8Rc6E-q3jKn3t-_lrQt6925Bcu4u6eEK3dKOaXNu8L0CnoZJIVD4xnXKEU6kMHzDpkNrNBGjyO-OgRsj8pkyFtVsq75OQ4jvCQbYLJVklgCu0hT2d0GX5EGF-QADnk4GAbmGBUoPstWVXZYhoc_SnKf_ydsljIQuKzB8z8r7o2_ksgix0Ltoz6ZntabsKjMVJfCu9BqJqnDiK1jRjUUFhg4v7fbugPK5yqOxGgohC7JBVWL198P7BxBKvNozV2ks2Q2uAFHehI-PTwFnfbtZpbh0AzsRd98BlX1Jie87H2_xyJXNEYz7CX3efXwr2w3XVoikSP67QJtlpGBBdl9aobuk7IC_pMPkIGw3l4QRwQ5hT8HWxHfPDQ-kwnYqL2sswMBRwJlepZJIOuOoQxIv-S5qZmhfsc52Vy7_tSXoCdHCRJWKH3rrG8HhWoaemuzHoMwtPYAG7WtbAEDuoVTHysvjuF8Yev8IJtgsCeoRGQxHIDut7p7MEagu1jinTB2-d8A7cTtP-ljEjGpVjXavBSGpg6Fb7_yIzURiWqgl7j2laoz_uW4tgohRk0vYN8KLsvS09LcA2wsoFxFyW4JdsYUuJgNInZKo-CU4gdASY1GAmtCPpZSp4PCUcUBYVKqONtldRqkSXIFEjZvcU2BB1CH0M4i6bVkkNHsuHnMuKu9Kd2heh2zCtBW1dmfNQ8mxLp7ZhtdQXEmrBtLpOr1QSjBCpl2W3qxR27aZ-orPPcHvRsHUH2gSQN1IqLO3ZvNgDrzMARYpld2Vi6Wo11jfQUWeN1pjk_Dqj6vHahY_tyyAALDZv5tnHVtP06J2UuRBNUH6sdOG3GVSt-BvDSdjKfYaJucvK-fZEDo9K9JviQmkDpkDtWjCdiTfQ3grWdrcikNOVI5ooNvOa3FknkzNvvlIhkmCLpKLG5TZ-7v7DXeHAYAV3TdqUgl67qmsSFjeKUkbLzIFZpvqZS6PXsCMV-WS5hnC_F66NesAPO6bS9v55fT3_lyoMGYDW0FYL-BDqcUbeE4tKLXOfZZ9S9YAQTLtB6HBVkHxYuNriDdf9DKn2iMn9X4bdoObjso6Gg6arDasZZlXPnnL3K-HuZqxQQ5wbSuGtXl970rc09ya78hsceJ4Mt0-5NW-LbMG3lkH8NBXIHVlm6zSFSCPbvfabFnqmJ95XDm1LY6AOHCg_WHVZbcneAhh02cKInPpNlABK7mnHEQDXtfGLvd0CxABGosFi6qgdSejTs9MMbl74z6auCeJ_dDLzwHcZVyjasLrd86SOP7ueDLw1TxkPzM7l7DaOpnRoCAqBhUEEm6LI64_wlXrdldWU_UIHZfvpUmkDsRr-egAUgPMK2ojSHhtqwmCSzJZEwNmO51FS7vCY3x2rtFrlF46nOTXm2EbmXAzad4uK9GexHiphq2rgpF379JJsbWw8KEsBPuxRhWAE9dxAXmq0301B71MEUZcKtBqKkBaM196CI7zaEfBLbIP0ZM_kEmkH8C7KKmIJwznA8lhgspToflS8uFl_aOt9FlESYUs-HVluUth_nVF2an2FWYm6wg_2As0gJo3VF0c7Tn8X0Vq3ZPC7ao0yC7yITRgd4Q4vOQZmoKYMDiavk_wQfdfWMZv8Nik8qS-dMggLN6bPcvS6kIsknp3oADxKfFGMsiE9inEhr7XALuA80cv7M6nZPwlePnRl34e2thRgUv6zKZA7WP4D_RvNfn-Ad6MtQo7o-0x8vShNrJCaLQRptMWFhzDfllWy8eEohPsf2S13vUq6UcB7xhyM0croDJMDYX0J2nfeXQSNSZxKCqwm190hNkF4MLpfwtiN1sb0ZqRUvrFMVAvlm8G1uP79vCJH8TPwl_lZBM6tinZbCXyG75b906z_d2rbSxVPYEIfDKxI5WGyTqyx1K19lmZrvDLm-SGbfrur6CRF5JtcedGw8YEz3nKims9u7hE3lpsLfzqonIM-fDK9J8CNx0MZ7kmF7OGbDnrpCz1PH0KfTzlxUolSWgag7dgQ7wfnZALI5Fs8Q0OrccPP41aV_MZy2_AA2sUCaU58oo5hsBnt2KCc-MFtmY4Fca3TIexdC6RxzflKk6c3pVgNaZjq1FKt_6RWU3MD7Wf7W_RI4n5ILX5csIps9YgZ6r1Aw6bzBK0fTmCp8Xn3WYyBoVDlP2Y_pzOeE2u9HA4Oqq7kUHMGt-WIWKZLvzAmvZby0mWguDKhLSKorwgfeMaqIkPlaItX20BJZq7mONm5q3ltitDBpkWK3RCnbC6sKnkoHtb_sPgoQDObwzHsfKV_SrU9Y80qMvG1vUxh_KgvR1iXW14ye0GDrMfnVuUZtl72mb9KuE3T-oSrQp7Ms7_uOJ5ZbAGd-4xj90WLYOWh9aAh4cs63mSGHWuX_wrXx531l7FrVkhQZaQQyeZcyXWFvbkmNy3KhUkhrAp4RlkMElOSKYAw2UB5-wVHuu-ouvJN9J2y53p1gZbHa423C6Kgzt0xwYIK1pVL2QXTyqJIzYZxwEHqXOGV4hGZuv6HaGnRT_hhTyNcNy6_1eXlOcuoJ21m-Tow9a0RbWYO0pWWG6tVHDS4lBaHPtDqCc_80&cid=CAASFeRocDeG9B_IR6DKTIUs_1iXV-pnTQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame F7C4
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmIVDwq6XDF-6Y3qDz59ITRC6-rvfb5TH0MsARbPMKX8G3pvym0l_m80i1HeyNvQWUaIoBbKGNKy39yCvXglRQw76JR5gDQ9HSbzrUt1Ix0MlcLSuWzzLZQ_2goUXHLTcXdystLAKiViWCFYvOMW29-ITFTA&cry=1&dbm_d=AKAmf-DIr02X4M1WMFKPZtjEV-jl_F37maF-ZZkesNjF2s4GJVpaXVE_TdIrEn5zkgcVn44qkmxxYWvB66sdOPY5F6-gK5lSLRAKmDSIbP9UAEuzYQi_0NJiv3VfD9e-nwuk6jxZuMRs07Qw5kmxc0pBc8jcOC6py0aatg5WGwniHVEC4XWfRuguMMkCVqi0WnYhrjFzRfJPx7E2Pnx5th6Ta6oGb2Qv1PldKSMQZXht7QqEM5HIhPbvPnFqmUXWEtNtemxNMyyCxIctYLbalUIAMEpZD8ty_OIGGcfFABCzYpyzmL9_hmIvDy7glVVcDoAeKGVilqRYslgVrP7jiCPNYpMSHuC7bbwgkzHBB_Sh_9SxMXUy_jNNaIP2qQfBlmm8y4NJHdg8RBG84fNdImi0AyhXJ8A-Kk_0-uUN4w4kRs4lBeO-tDYoiQRcKAZKaCG5Tpn6s4IXx96IK62y6I3kSjRD-_9fpPE-XKpHvqNqq2fNdsz9cRjnhGYaVsH5MQ_UNQK8lgMpj749uZEDooKyuv29-QVT-WWZIgwSGO2uPaBeMKohpe1-e1FYC9NKGCxwEccIzK-DMr_r-Igzocd4XXS891rL7VNqpxWqC9tDZfK9d7hOYX_ly6MPoYtInyA1jThbMvtplDyey7C-57ZQEtTlQGk2SEJI--4sUN8QI1t4ze_H5WYxO0MTefYR45ZV_WTNmBl_f-AhYaFtHvcBxH3g-Q6rq-RcWOyA8D8hUZ-Y-iinfF1zfEV_zmZFD-5KbHvffWauAHRj99jO_koh3uJc-xjjbfM5YVlR7TliUawEJzAitoViAAPMU3CL8xliM0IXuiFGgEcPpyiJdmQuszTZ_Tr5vGPgurp7QWZTXeHaTjSCRZHsPp9HMogX8C-5PF80LNcvWumZwJt28orDHpIqHKAaioOvZQE6_nKK_Aqk_NdUnUmPa7MBV1OR4ndn12X0950zMyNV7QHCV7XMdfzSvyVrE6XkUKYZq9Fo8M2xUni7b3xk0ySpifwR6jd2NyBCCyRf08RmzI2z8BbBgi7UwS8sekXSvELxim_62-0puRcvE-7GTYHFsrAtByDZm-bMSF66yRGP7RbnOZ83FtSmgPWbkwBGPNCfxkErNe41YPgOvnNUn5IQHSmi4UMQiRMiWGBeofmATHY5THZxh-QyjycBFp4kLsLj6bPpPMQ2Gy3PkpQzpiyg6aDJ0eGXuL6IdNIsIo8Izrz88KchQ0R8rIQZh_X_c0UeTfSkZSTxzslydU_1lLS41nS5p7r7tB0CDeB2bjCxlmDRdaPZWQ3o8lbB4K3cs2pr5Iw2nCbkSrnkBBspGuYyIioPIPzbWY2EzxrmcT2eECmgmDVLCT8N4RmVdSYKd2axzfvS8-teF4QO-AZf-ONW9QGrZF2XOmfwL5msdS8RX0JA44Ke8cIvsGOTMqddsKSvfs4gYJrHgih-ZyLr1VTvQQ8ktmmLTf_SRxFwB2mHRhrF16B7h29FcKZqdLrGIRYEVc07S7Di7EF1fIbwhbsndCMu9L2_6Rkfkr4Mtgyu2HKWBgpB6zNJebCHz3R6ZCC0ZN-fN4Z12v0QhLpCGbz-6QfNw8EBXNd5-ddJxEkae0R1ZScoFyNXW6BPkXd7KplHVl7IOeLsiA-9W7GA3J-2DsjV4iMG5xn6csSq1374Oo0wOhd0uIbgYzIKD_Bc25rVaXj7WyEqW6IJNVlsScrh-dG0gYeX3_vsdKXPL1Xg47Uu4sJ6RjIHwS86RP-aOE9lkZiqYhWf1YGhC1lY0mG4hs9-eM90molZmxDkK9fbml9eQnVaTie6Tl5e1yLF4C1MVxrkyByFxjXyCozllUcbPLBxdkutwNtcsY7cUIzF2xiiJJFWQ8j1XtMP2uQC8-0sYwZn3ZlojmcjYc3ODbB9fY-tZgF4xJZ4ae8p2WgfRqeX3SLPXMAEncYgs4U3HUqUOMEn_7upMK6eJxrLseDFV4qMv0n8zN7RPy_0CSNe_kPpd6aNiIK2nTfHcvhRxrNde9ZA3Fi323bIKdHZDecVPZtFvhPkZZPJ4vvT87ImZNRjNlO4OcLUA1mrnqypU5uDptYAGFbxsmHpjxS6WVuPzI9j4dmvgI6ghDHLaI_zbouTcfGyVGMHqQToTyOTWvfqBD92voTlIgsyt6TwMviccq4fVGIHqzUGi23MdbrnrhOcL59Py_eokbYtn83d9Jp_jK0R8hqKMo2s_OaZnYicyratkAV9dFi0hktra6WHJEyk_tDJe1ndse8pbL2v3LufKI8DgeWwN7YwA6b25MsdwIEaZYWfz_LvdN3sOM6P_CZFY4T6Ie-rGYf--RtESQ6QLAPABlB-ovduy2NU2LcuuyoOXrdcBHOc0E8_fvl_Py2uBE6Cn-FsKcKzqXqG5XPynCtRbcKE-VIUmoUASz55v33Hb4HObSokcz917_YlRUUCSrjysOSsO1ux1wxlbD0NBgSxM_UDwP5hCKARESQGo67b6Msu66uSSqZc643U-iiGc-bKK2WYvXOeQFu4orcyt72lo7qUNlHrtJ6v465zkhRyg8bq6_1dF4oU5oUjWvkWdvSIGEIuYvxxExJRYbMcOqCR0IkatM8ZVatrcY629fnrX9x4Z4VuM3vAxhQvl8Zg_UYGUIc-ICDhXBMD0vF1Mzn7YFnxPiRVrkwcfaOcZj6eZz-I0Snt7cD9tZQcUo9Z5ww7NDf9yH8S9B5o_-yVIpi7z9QHyL_1zOXJRaJM3y8x2ERvnUIsu-B9DCCSPXEoZUUq7rKl9OS36hggHDoyO--4Tev8Y7u1xeGgDHOaNnrR_PBhkNEiNvrr2ieq-MzEKbaZFOwJe1YC2hwVz79kd1ru-N1fHqT6szoQiE2CiMSquQe5HlPx_qg8r2gEaGSbEmosqspg3NtXt8L2zGH45xXeIGNIjeUHCbEEE_999HMNZUfsc2R8bzH2mTVrJILHjVQ-V-EFMafVY-1DzBKsy3r9SVtiPz3GXYomlc_g200awRbgDnJWx_AwDDAhra0acLeWXQvaCDXG47OgN_bstb36FZhuJRmzARxIxcEJ_1PTLZ5IN4z-Zq5Tf9w1UDrvBzxHWoMeGELVovxi0vzMtIcjQp-R7mSNVCq95BD9GoMDMKuVas-ieDzQcUohJsE052gzAyVY0aX8sp5i6sCA3wbmIDjTTukbK8kAF3RQQzcDUkzz6zJ2MucwTT7ZyJ08oDXvon8vgX7XL46cd9NNP-nLRT6TfGc924neB6AbDjsFYojzeMMtfFLh2LZzvNT3aU4j8tcQ5TTK3CzOmIVLu3AQTZW7aY0h5AUEF6UmzPMpEY-Zi3F8G_kC&cid=CAASFeRoOiiTtV0-E7j3tlyjY5CLTGamew&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F7C4
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmIVDwq6XDF-6Y3qDz59ITRC6-rvfb5TH0MsARbPMKX8G3pvym0l_m80i1HeyNvQWUaIoBbKGNKy39yCvXglRQw76JR5gDQ9HSbzrUt1Ix0MlcLSuWzzLZQ_2goUXHLTcXdystLAKiViWCFYvOMW29-ITFTA&cry=1&dbm_d=AKAmf-DIr02X4M1WMFKPZtjEV-jl_F37maF-ZZkesNjF2s4GJVpaXVE_TdIrEn5zkgcVn44qkmxxYWvB66sdOPY5F6-gK5lSLRAKmDSIbP9UAEuzYQi_0NJiv3VfD9e-nwuk6jxZuMRs07Qw5kmxc0pBc8jcOC6py0aatg5WGwniHVEC4XWfRuguMMkCVqi0WnYhrjFzRfJPx7E2Pnx5th6Ta6oGb2Qv1PldKSMQZXht7QqEM5HIhPbvPnFqmUXWEtNtemxNMyyCxIctYLbalUIAMEpZD8ty_OIGGcfFABCzYpyzmL9_hmIvDy7glVVcDoAeKGVilqRYslgVrP7jiCPNYpMSHuC7bbwgkzHBB_Sh_9SxMXUy_jNNaIP2qQfBlmm8y4NJHdg8RBG84fNdImi0AyhXJ8A-Kk_0-uUN4w4kRs4lBeO-tDYoiQRcKAZKaCG5Tpn6s4IXx96IK62y6I3kSjRD-_9fpPE-XKpHvqNqq2fNdsz9cRjnhGYaVsH5MQ_UNQK8lgMpj749uZEDooKyuv29-QVT-WWZIgwSGO2uPaBeMKohpe1-e1FYC9NKGCxwEccIzK-DMr_r-Igzocd4XXS891rL7VNqpxWqC9tDZfK9d7hOYX_ly6MPoYtInyA1jThbMvtplDyey7C-57ZQEtTlQGk2SEJI--4sUN8QI1t4ze_H5WYxO0MTefYR45ZV_WTNmBl_f-AhYaFtHvcBxH3g-Q6rq-RcWOyA8D8hUZ-Y-iinfF1zfEV_zmZFD-5KbHvffWauAHRj99jO_koh3uJc-xjjbfM5YVlR7TliUawEJzAitoViAAPMU3CL8xliM0IXuiFGgEcPpyiJdmQuszTZ_Tr5vGPgurp7QWZTXeHaTjSCRZHsPp9HMogX8C-5PF80LNcvWumZwJt28orDHpIqHKAaioOvZQE6_nKK_Aqk_NdUnUmPa7MBV1OR4ndn12X0950zMyNV7QHCV7XMdfzSvyVrE6XkUKYZq9Fo8M2xUni7b3xk0ySpifwR6jd2NyBCCyRf08RmzI2z8BbBgi7UwS8sekXSvELxim_62-0puRcvE-7GTYHFsrAtByDZm-bMSF66yRGP7RbnOZ83FtSmgPWbkwBGPNCfxkErNe41YPgOvnNUn5IQHSmi4UMQiRMiWGBeofmATHY5THZxh-QyjycBFp4kLsLj6bPpPMQ2Gy3PkpQzpiyg6aDJ0eGXuL6IdNIsIo8Izrz88KchQ0R8rIQZh_X_c0UeTfSkZSTxzslydU_1lLS41nS5p7r7tB0CDeB2bjCxlmDRdaPZWQ3o8lbB4K3cs2pr5Iw2nCbkSrnkBBspGuYyIioPIPzbWY2EzxrmcT2eECmgmDVLCT8N4RmVdSYKd2axzfvS8-teF4QO-AZf-ONW9QGrZF2XOmfwL5msdS8RX0JA44Ke8cIvsGOTMqddsKSvfs4gYJrHgih-ZyLr1VTvQQ8ktmmLTf_SRxFwB2mHRhrF16B7h29FcKZqdLrGIRYEVc07S7Di7EF1fIbwhbsndCMu9L2_6Rkfkr4Mtgyu2HKWBgpB6zNJebCHz3R6ZCC0ZN-fN4Z12v0QhLpCGbz-6QfNw8EBXNd5-ddJxEkae0R1ZScoFyNXW6BPkXd7KplHVl7IOeLsiA-9W7GA3J-2DsjV4iMG5xn6csSq1374Oo0wOhd0uIbgYzIKD_Bc25rVaXj7WyEqW6IJNVlsScrh-dG0gYeX3_vsdKXPL1Xg47Uu4sJ6RjIHwS86RP-aOE9lkZiqYhWf1YGhC1lY0mG4hs9-eM90molZmxDkK9fbml9eQnVaTie6Tl5e1yLF4C1MVxrkyByFxjXyCozllUcbPLBxdkutwNtcsY7cUIzF2xiiJJFWQ8j1XtMP2uQC8-0sYwZn3ZlojmcjYc3ODbB9fY-tZgF4xJZ4ae8p2WgfRqeX3SLPXMAEncYgs4U3HUqUOMEn_7upMK6eJxrLseDFV4qMv0n8zN7RPy_0CSNe_kPpd6aNiIK2nTfHcvhRxrNde9ZA3Fi323bIKdHZDecVPZtFvhPkZZPJ4vvT87ImZNRjNlO4OcLUA1mrnqypU5uDptYAGFbxsmHpjxS6WVuPzI9j4dmvgI6ghDHLaI_zbouTcfGyVGMHqQToTyOTWvfqBD92voTlIgsyt6TwMviccq4fVGIHqzUGi23MdbrnrhOcL59Py_eokbYtn83d9Jp_jK0R8hqKMo2s_OaZnYicyratkAV9dFi0hktra6WHJEyk_tDJe1ndse8pbL2v3LufKI8DgeWwN7YwA6b25MsdwIEaZYWfz_LvdN3sOM6P_CZFY4T6Ie-rGYf--RtESQ6QLAPABlB-ovduy2NU2LcuuyoOXrdcBHOc0E8_fvl_Py2uBE6Cn-FsKcKzqXqG5XPynCtRbcKE-VIUmoUASz55v33Hb4HObSokcz917_YlRUUCSrjysOSsO1ux1wxlbD0NBgSxM_UDwP5hCKARESQGo67b6Msu66uSSqZc643U-iiGc-bKK2WYvXOeQFu4orcyt72lo7qUNlHrtJ6v465zkhRyg8bq6_1dF4oU5oUjWvkWdvSIGEIuYvxxExJRYbMcOqCR0IkatM8ZVatrcY629fnrX9x4Z4VuM3vAxhQvl8Zg_UYGUIc-ICDhXBMD0vF1Mzn7YFnxPiRVrkwcfaOcZj6eZz-I0Snt7cD9tZQcUo9Z5ww7NDf9yH8S9B5o_-yVIpi7z9QHyL_1zOXJRaJM3y8x2ERvnUIsu-B9DCCSPXEoZUUq7rKl9OS36hggHDoyO--4Tev8Y7u1xeGgDHOaNnrR_PBhkNEiNvrr2ieq-MzEKbaZFOwJe1YC2hwVz79kd1ru-N1fHqT6szoQiE2CiMSquQe5HlPx_qg8r2gEaGSbEmosqspg3NtXt8L2zGH45xXeIGNIjeUHCbEEE_999HMNZUfsc2R8bzH2mTVrJILHjVQ-V-EFMafVY-1DzBKsy3r9SVtiPz3GXYomlc_g200awRbgDnJWx_AwDDAhra0acLeWXQvaCDXG47OgN_bstb36FZhuJRmzARxIxcEJ_1PTLZ5IN4z-Zq5Tf9w1UDrvBzxHWoMeGELVovxi0vzMtIcjQp-R7mSNVCq95BD9GoMDMKuVas-ieDzQcUohJsE052gzAyVY0aX8sp5i6sCA3wbmIDjTTukbK8kAF3RQQzcDUkzz6zJ2MucwTT7ZyJ08oDXvon8vgX7XL46cd9NNP-nLRT6TfGc924neB6AbDjsFYojzeMMtfFLh2LZzvNT3aU4j8tcQ5TTK3CzOmIVLu3AQTZW7aY0h5AUEF6UmzPMpEY-Zi3F8G_kC&cid=CAASFeRoOiiTtV0-E7j3tlyjY5CLTGamew&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 527B
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BABDwM1r57yKzVVavLvLGid5cJmuo59y1w7eXVtUOCbi4QCpJHvERwAn_3HBkRn5yN2yvI8XzozJodTQ2UbIYLSsmwpwBEMEz1xAC_DrNvpuv45-gEkhGlLDCN_BZ4DgG8CS0ZzAi83EbMy26WQI7N_HX35Q&cry=1&dbm_d=AKAmf-DCCwwqlCFho7aKQQw1VuF2_Plyfwp4ZZ0GXjknYtq4JSngMAHvgYFo6VLfP9AKPe0Ux8naIECMOi7qcOfPufa15v4rcityL7oUNAap1uFrPUNqj6HyKiDv57m_EzFmo_ZcbVnoMX2JJ3w0Y-XjEzDsqtW1sW8XuL-Nacs6RJUxj_0FPTAQrzEXDOogeYBNEx9uZmXSWITt_4BLbGDD5IsmO0VJpKbrOuulR9oA7ZUkL63jL4ucOtSak8Ex1sjlN4vgFnQpRSPDQ9cf0Bvv7LBYxQtM4o7wOieu8Bk2VRwSOPKY4GLHhX4nZmVMFEqvA0hXQuSkrNtw4BN8b3BJDgyYlS2rXaS1Q7vYmZa_lqIspBdQt0sMEQ7PyoNsP3rTHkmTCb4qayRfuvSFwptx_aZXXd6mJRXEMKy34vjWU3NVAF-HN-6WtxiQ4o-v_yQBZRdgsbQKmX5AHh8oTh4yIJSwRuAKBvv9SWIXlCEDKmQ92JbcY8dQb6qRI6H2dVlf36ItLQ7Olk5PoZL5HC-Zzcfv95mX_tgE1aofRoXP7e9iHy1DMyNM-2djaHlfm2voFy2_zJXL7IjJnaZfM_dXz3Mhmasbvwf7pyZmqsDfRCDzQSK8SRthOEnsnGV6OleC8wtrtbXCc_jy_4kURDfo3EW3fZ5zIOltr0JehwRuWK2-o-9U9d3bHu9h93_k-RQm6cX7J5zVU7Wa4QZC4knibD0jct3fGLJa_5EI0yzksR_WROBtlDqKbKOYbCqUG4oQiABSTg5TJjugwFLHdJ_TimzaRgGoC0fGQBEAyzcCetPeue08giqfZCvQ1vXmENW7bSqXU_Amy-eBT0dTzgGNSFE5qO0fP6aAji6yH3uY8qWnSVg4VH2Lih-aj8P3OmvQwUO_44aRALilOGEU55Qjiz2Sf8SeB6lSUNUP143EXnuh2eplfEdRu5K2X9un9Ax8UDAeHtAlRN3y-NsOQm6Fel1FbcIKRnLIp8fC9Pf6TYNZkotm-Gm-qPxBNDW7rgIeV1Lo1ng63GHWcj7D-j_VslBnVJwp-EDoLbEs9QCkGHt8CHmY_0gZsmQZv8kFdZDRdwLqbkEFkglNswIewaikovXXGSiAHmfuV2lBglJoeyMR3wRduk8NfIZa65hzkiFs7arKCXgdtyn857nRaRRVpMN6FAXVVZastRl19P6WHhNy4kLNxlRSOlLnIepoKrV8vqAMbzhTa0EhsczWujGNSg3gShH9xr1WwXVhDLpy8U0n2t9m9kR3mhmVUkKpblCP5DEF_i5Dkqwk8pyx4E7JIy5wFAc9VgA__GrA1Getm9FcNViYkl8vNBbB8uclq3lMIJiSblJKATVlciBXq_4HbRy9lxt_IbM2kWNF3aWWhDs4xzJ00KLwrC7fsmg4tWjV-rphe05tSvOfuZWVqPdL-khv-ebAhDkS_8lZMzcYWGVapzweDoGOoBkrWPN24vgQ8QVDZdz9HBEBleMNbn4VXmRtYMLhNBeikA_tPCfor7qjngwGXyrYQKv-D-AozsqRKEM8zTyXG1l82z2gUhgUs3kKPaZCk0D9ZX5s-RcMeMg4l9EdVbjbXpqjSLB9n5i66axnG5x_C79c7iSn-cDCY8RLEZvvpG4JBvEfF5zOeCRRy8XmTjE80FlCPwe_yv_DfFNswDWDvpWgkisoZjUuEEHRr5HlRe8oC_lCaqX6x2Vf86Khp3gTUKheiqIodvtrbdeiZnmPibct-YjS-Cv6JEqbDZ0kqPdUjCbivjct8CABZcTvuvrXXCxCqr4_C3VnfrH2VG7alToyvZ4aMglkEHPLnHhFz8dfpOOv4HIDew4VbMdZrAl4nORPZ2A0W5J0G3ShIxwglkWIgT4BTssziuL-bJBuWqp-ZQvtuEH7Y22b4r3yDNyJfr7b9prwZ3r_Q10OKu2vWY7BilIi1Je4Qm__UqSrhM-ZG2jBr-YYIUzRq2houU-yRp3R6Z9giPPLwQmPE5L7uskAcM_07dBiQjjzTCoFCaT7wz9LCiuXLFIgNO8XVxV-BV0-I9sh7uuQ9xYM6w3CIw8rQphDut2FKR-D-zl888VdeWke7MJy3ffF9gx3Whv6uk0Lio4wo6otlDIl2CnvRdxOUg9bPtq6pWT5FkdJ6VJFtyLe2K3bZk23VxLoOqiNsx1Ok--qQJVyUTUvVrVgIch3ylBHvYFBCUOdd1RF4MGgIUvlPfOpV4UkjhySIcWUHBmBYYxuSCWH-cPXecprsaygm62RcDcbZNXb58gTht4YhJRR0BCNRqR8j0m6NujhfimFHn0OkNqeaSy1vAiVzGYb-RQl_fJ8ANOaB6D230IWra3uTuCNduQDLLTTWO53MBWHE4phTeYm5TFXTRgQ772sB2I9qxwOMJJDFqFhgAgFvYgqPjyhfYqxBIZj4FBsSXoadJejfOxTZgNcrhHUa01tVKgPh6jzEocza8Wf8RuRoif6vCp88NtYDQqgG93APUcaiXoDwe3nxYsxdUBfXrnzz8P53tiaawnWzAxATXRQIDOEs6KYsHgNDWWvT5vKTxQNXd44gzU7nloC8rxLSlANX3nNlteGqPhflS6FA9-t6yyyrvNQWftddNypAPltYKkDG2tZrIX0e3Si5RYfXDic8yvlbcZg7dVUTbQ_xZiEfu3hG72HaXLCvJJxrMNdKD0T0Wf7dPcCi5iRRnbiIp9vPb79y2GxDjorLmKhbm3_YjQLriHh_-Gt9UPaqLykTjoSN6e-D8Ao-n_zgMC7jyLKYcF0pgWvP2RWmjv0P_nPh6TjIPW6HMFna3SgL8Sl6DaWMULOrOqJE2zy8o44XvM_vrCzbcztCrZiwH7enPgqtlCxcgWvNCwmTFw_LCzLhjZp9sGkIwL5PmLSu_mK0UmQ8k4UGStir7lzHquXtntQTdJbg9y8nxDeffDjabBo1BcfjPxlsJBS662gNYBNFFuhVB7wGCKFo4eL2sT1pxQue8G7v6aQAJ8v-svcmO_-oZCeqZr3YdpJhKE3AYuVVwL6rzphw3wTSJmyjjqkKwcsFN4XuS10G6C3h2N6YL9gMNwiyP1gFlHQMknq7_O_RYSaCRYy49J2p8Y55XC2PmqCuF6EFXhwAfQyRBIpnQyY43fmAQf-QWAxDpm8Vf0_Hke4FgtCm9SjsjIy7yLurZA2Jh0CQ9SZBslSV3-ytfltyfOlaGFlLvBUYXH1AkNj2ITZ3oIIUHswXiASxcvOlCq9-2OY7mhj1uwrd665F36An9ifNWz-WEG0UebsJIZHhECYlVcWYqJS9tToByVrLed5Iu21n5mVw3s98jTqHny9KsuaS5ke6vCdCzANBA8l&cid=CAASFeRoewSKGa1uWMEL2dYyg4goJLAxgA&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 527B
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BABDwM1r57yKzVVavLvLGid5cJmuo59y1w7eXVtUOCbi4QCpJHvERwAn_3HBkRn5yN2yvI8XzozJodTQ2UbIYLSsmwpwBEMEz1xAC_DrNvpuv45-gEkhGlLDCN_BZ4DgG8CS0ZzAi83EbMy26WQI7N_HX35Q&cry=1&dbm_d=AKAmf-DCCwwqlCFho7aKQQw1VuF2_Plyfwp4ZZ0GXjknYtq4JSngMAHvgYFo6VLfP9AKPe0Ux8naIECMOi7qcOfPufa15v4rcityL7oUNAap1uFrPUNqj6HyKiDv57m_EzFmo_ZcbVnoMX2JJ3w0Y-XjEzDsqtW1sW8XuL-Nacs6RJUxj_0FPTAQrzEXDOogeYBNEx9uZmXSWITt_4BLbGDD5IsmO0VJpKbrOuulR9oA7ZUkL63jL4ucOtSak8Ex1sjlN4vgFnQpRSPDQ9cf0Bvv7LBYxQtM4o7wOieu8Bk2VRwSOPKY4GLHhX4nZmVMFEqvA0hXQuSkrNtw4BN8b3BJDgyYlS2rXaS1Q7vYmZa_lqIspBdQt0sMEQ7PyoNsP3rTHkmTCb4qayRfuvSFwptx_aZXXd6mJRXEMKy34vjWU3NVAF-HN-6WtxiQ4o-v_yQBZRdgsbQKmX5AHh8oTh4yIJSwRuAKBvv9SWIXlCEDKmQ92JbcY8dQb6qRI6H2dVlf36ItLQ7Olk5PoZL5HC-Zzcfv95mX_tgE1aofRoXP7e9iHy1DMyNM-2djaHlfm2voFy2_zJXL7IjJnaZfM_dXz3Mhmasbvwf7pyZmqsDfRCDzQSK8SRthOEnsnGV6OleC8wtrtbXCc_jy_4kURDfo3EW3fZ5zIOltr0JehwRuWK2-o-9U9d3bHu9h93_k-RQm6cX7J5zVU7Wa4QZC4knibD0jct3fGLJa_5EI0yzksR_WROBtlDqKbKOYbCqUG4oQiABSTg5TJjugwFLHdJ_TimzaRgGoC0fGQBEAyzcCetPeue08giqfZCvQ1vXmENW7bSqXU_Amy-eBT0dTzgGNSFE5qO0fP6aAji6yH3uY8qWnSVg4VH2Lih-aj8P3OmvQwUO_44aRALilOGEU55Qjiz2Sf8SeB6lSUNUP143EXnuh2eplfEdRu5K2X9un9Ax8UDAeHtAlRN3y-NsOQm6Fel1FbcIKRnLIp8fC9Pf6TYNZkotm-Gm-qPxBNDW7rgIeV1Lo1ng63GHWcj7D-j_VslBnVJwp-EDoLbEs9QCkGHt8CHmY_0gZsmQZv8kFdZDRdwLqbkEFkglNswIewaikovXXGSiAHmfuV2lBglJoeyMR3wRduk8NfIZa65hzkiFs7arKCXgdtyn857nRaRRVpMN6FAXVVZastRl19P6WHhNy4kLNxlRSOlLnIepoKrV8vqAMbzhTa0EhsczWujGNSg3gShH9xr1WwXVhDLpy8U0n2t9m9kR3mhmVUkKpblCP5DEF_i5Dkqwk8pyx4E7JIy5wFAc9VgA__GrA1Getm9FcNViYkl8vNBbB8uclq3lMIJiSblJKATVlciBXq_4HbRy9lxt_IbM2kWNF3aWWhDs4xzJ00KLwrC7fsmg4tWjV-rphe05tSvOfuZWVqPdL-khv-ebAhDkS_8lZMzcYWGVapzweDoGOoBkrWPN24vgQ8QVDZdz9HBEBleMNbn4VXmRtYMLhNBeikA_tPCfor7qjngwGXyrYQKv-D-AozsqRKEM8zTyXG1l82z2gUhgUs3kKPaZCk0D9ZX5s-RcMeMg4l9EdVbjbXpqjSLB9n5i66axnG5x_C79c7iSn-cDCY8RLEZvvpG4JBvEfF5zOeCRRy8XmTjE80FlCPwe_yv_DfFNswDWDvpWgkisoZjUuEEHRr5HlRe8oC_lCaqX6x2Vf86Khp3gTUKheiqIodvtrbdeiZnmPibct-YjS-Cv6JEqbDZ0kqPdUjCbivjct8CABZcTvuvrXXCxCqr4_C3VnfrH2VG7alToyvZ4aMglkEHPLnHhFz8dfpOOv4HIDew4VbMdZrAl4nORPZ2A0W5J0G3ShIxwglkWIgT4BTssziuL-bJBuWqp-ZQvtuEH7Y22b4r3yDNyJfr7b9prwZ3r_Q10OKu2vWY7BilIi1Je4Qm__UqSrhM-ZG2jBr-YYIUzRq2houU-yRp3R6Z9giPPLwQmPE5L7uskAcM_07dBiQjjzTCoFCaT7wz9LCiuXLFIgNO8XVxV-BV0-I9sh7uuQ9xYM6w3CIw8rQphDut2FKR-D-zl888VdeWke7MJy3ffF9gx3Whv6uk0Lio4wo6otlDIl2CnvRdxOUg9bPtq6pWT5FkdJ6VJFtyLe2K3bZk23VxLoOqiNsx1Ok--qQJVyUTUvVrVgIch3ylBHvYFBCUOdd1RF4MGgIUvlPfOpV4UkjhySIcWUHBmBYYxuSCWH-cPXecprsaygm62RcDcbZNXb58gTht4YhJRR0BCNRqR8j0m6NujhfimFHn0OkNqeaSy1vAiVzGYb-RQl_fJ8ANOaB6D230IWra3uTuCNduQDLLTTWO53MBWHE4phTeYm5TFXTRgQ772sB2I9qxwOMJJDFqFhgAgFvYgqPjyhfYqxBIZj4FBsSXoadJejfOxTZgNcrhHUa01tVKgPh6jzEocza8Wf8RuRoif6vCp88NtYDQqgG93APUcaiXoDwe3nxYsxdUBfXrnzz8P53tiaawnWzAxATXRQIDOEs6KYsHgNDWWvT5vKTxQNXd44gzU7nloC8rxLSlANX3nNlteGqPhflS6FA9-t6yyyrvNQWftddNypAPltYKkDG2tZrIX0e3Si5RYfXDic8yvlbcZg7dVUTbQ_xZiEfu3hG72HaXLCvJJxrMNdKD0T0Wf7dPcCi5iRRnbiIp9vPb79y2GxDjorLmKhbm3_YjQLriHh_-Gt9UPaqLykTjoSN6e-D8Ao-n_zgMC7jyLKYcF0pgWvP2RWmjv0P_nPh6TjIPW6HMFna3SgL8Sl6DaWMULOrOqJE2zy8o44XvM_vrCzbcztCrZiwH7enPgqtlCxcgWvNCwmTFw_LCzLhjZp9sGkIwL5PmLSu_mK0UmQ8k4UGStir7lzHquXtntQTdJbg9y8nxDeffDjabBo1BcfjPxlsJBS662gNYBNFFuhVB7wGCKFo4eL2sT1pxQue8G7v6aQAJ8v-svcmO_-oZCeqZr3YdpJhKE3AYuVVwL6rzphw3wTSJmyjjqkKwcsFN4XuS10G6C3h2N6YL9gMNwiyP1gFlHQMknq7_O_RYSaCRYy49J2p8Y55XC2PmqCuF6EFXhwAfQyRBIpnQyY43fmAQf-QWAxDpm8Vf0_Hke4FgtCm9SjsjIy7yLurZA2Jh0CQ9SZBslSV3-ytfltyfOlaGFlLvBUYXH1AkNj2ITZ3oIIUHswXiASxcvOlCq9-2OY7mhj1uwrd665F36An9ifNWz-WEG0UebsJIZHhECYlVcWYqJS9tToByVrLed5Iu21n5mVw3s98jTqHny9KsuaS5ke6vCdCzANBA8l&cid=CAASFeRoewSKGa1uWMEL2dYyg4goJLAxgA&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame E30B
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACnYDC7PB9vGLNe5M2Oih02724DPmAjtx4DAmy6mZKGzwIQH5K3QAk4PQ4Dr8xtssU_36aEoCwdYH1L2yDBz05wqVSoxFAAfQubomAo3t7j4_QXqY-qvavoQgZI6QU-LFxgI-fmMHn8PiA8ukiu3kSITo5zQ&cry=1&dbm_d=AKAmf-AEu4HtuKSOQ5BCSrzXmHWR8HJ9tEROWAFpIZJJwyuaiCfjCKgDixOVTWsMCsXtX8hdEZvO8tKd7YlH0SCuaIiYF-I4xXarpNZczPuJ-lItZqakDtSc5SLW6zwUyxH5fDZQ6Rn5xZxII75V3EKGiHjm4xD477iKPp3ZkLOlj_gkCYN3ioQc4aE9TghM591wY6Y51awiTYim9jNgng0n4mmdUce9hakRpnm7ukqVMrfO6iL03LdGbZPViBrrLZH4tdOI9KAHXE93-PRF4IY5ifAyJyrTBX65Op_7BE4Q_YvTGzxgFBIt0dQlNp-2oQnOiI1WylnbJikdSueKdwRKJTlCdO0JrpA_g6g1r-sNFE-Qb9CGFEsk4fTlncmEpWneSrlHDaMbVlaDdqFPlCjPnnXkTllHN2uD6IDRP5OTkAWyMRuj6UA6bEx1dOOaaHFq4qendeBjiZ9iPd5ibMwwgKuxCNT8dDpITA9r9C4gGMAQg6O1GUGjkE7kD60wxUOPzMvp_vuXrHk4VGJ2SYMYRoj-yDtkVgHGAW4w_tFceQ9qEbMNV0f24kl3VQ_Jdm-6H6xx2WBOKSru9GzJLTocMJjMryU1aMq3ZkFkKADe9Yf6DSDRzy43o_PhaNfoNyaGmyOGeQB5Jrj-nTyCbo1UPGV_sutkSkB7VPASzrc8m4alLmkHFX7THQLYgJZ9BIQnb2ucML8FtB8oHMEkYF0MLNfZ-0hF9QqKHrlKQMQ7f2N_BtwfvEiBaVrnknUg2ItLheOq6DhtOtg_5UqsoJJ3rc7R5HXcomvOWGvxbf-KpN0KdRLj43YZhiEV0pHz2YgFvrokSbY5VoLv0Da5IPvCQZRZAxbdusMuu_uNq805g_IO4ZcV0exYZgBqObTmFCNYVebA-YlEiISrsTr7O4gcayO72f-PqB4D8-YLfj7TRkNrMzofTWLrKsXCo2mmG0J1Ttuso6hyh7vYheap06oq9muTYyF7WqS1uE_kE98bcug7xjn77QN-kscFzCZPD4aYv3M751lWfueoXVu5tj6GC7NsJ6TiauzDHQdHDsyYDTAYX8vbVWPTASbHb37HAh6-cUbvNm67M2e9mMmz0_eV4XGaHWjpN70M-t6YiBhGsS9jLGU08EzBER_8xmd1bv-uNmoUyr6wf77OIUDzEAboOvRsz104kLvN2To7VWEMt0CMZnpLO-RD9U-CemH7SV6_WFjwxkQhoSgkPwy-R6VUr1iOXmO4bPnVcz8Rr7ErA-4W3L7z-HKzLAu5ITWN-H-DYa2G_S5TmcYG0mfGlYNwvlj6nZlVH6nveATPX47Olv76QwhwQeoS_kYELEbDqnZ-gtgf_zYmOzSHB6Nomtauawf-D0FB-85I-luMg773dP9nXiSK1K0sAS3i7xLz3BeI2y8cL4khGWV3A15EX8rrENUrEaXL8det--vIWdZifKYUUJNW6fD9MVjPt0nzl54oHZpoT7d6a9OCPReS_hj-HYJjb7dRvkcWdIgIT3A-i3DyaSR0_nzF2gMAXJBjqxmfSM5tYwpTMnjG_jEFeRetZiCbO_9A-TMTfqONN7Bcra2hXcgk_W4dYT1jISSTyHMTpoW-PHHefsOGEnR0hl-tGmET45Dl4P56mBL54WtF9et4yX9sRyE_N6DwXuCI0m3Q7vZbkZzfj18vzhcOpMRXFjz0Qc0DU392VyLQnGBKZoBEX6g-SGfnzEdyZLNDqwLhx3cqSBXxC9AWMwdHI4lV0pfDrkqp7Krn9fA3E2zeKkD6tYPRMlosRTxyTU_IoRHluS6vFjFYOZiTWNRuW4uaq7JZncxEOodtnHXNVeNaV-u-WqjtxfYtp3APs4f7vGZaJvjopfPnwJCoRd5g_d9sDeDsR0fZEXg-ephAcMSwjyLfSwurWBToQF7-zhNbPst0YO-Gb5fUTpOxjEJ1OwkgGTx33Qt2s4aHzfSiIfAAKZTvF0Dmdevxw4wqB50eeKupvCgnptjfN4HgcrPKng1_gPcRnWlq89a4bjjl5dmOPhpjWej1gFVPQ0sLQb5UFczE49x1FOXRViAU8CQsil1c94UXIioFKY2wEm4_aJpMrecFfZScflfQiIknlewqkOfZjA8TwCdJSxZv3hPyYQmbpZWo7d08ZaZPgsWmlBhagWRSSQzRW1OPYqmxBQylaIuVSLe1thB6Uxz_F4uY6L0qeYvd2CR8jmm3lzn4kfbjwcpIddKrilAnXZBwEzSqiQK6batDogUv77dDt5EfXRNm5cXLVQmk3Rtq_IDPUF9D0AI71IrPqjzkhYvqdlaZ-HNik3XNtx925uK_sL-E-wX8dE2QuxRTS5TYzsHAhkSJnEiHbMWxPK9JbgdlC8DzjLkL_alq9JH5tDf3KG24xW_3h26zjMO-_bnqSJPM8_lR2YzXT-ScJ51eOvDAiw5Ki6Nl94rQ83QlFoqU3YdYR5_jLm5QhqGd6o8bgtzA0dM_W_1-un6EIrArfnIlcmLOJ461N9j43NpzuZDpGqJhDS0HYY4Rl6m0p3uTawPCjeSwPnbXp9fqHOihcAcA-hFECGrGlZTRXw1nS18rjtNe7CJNTi8Gu8sPw4eZwaa53u1tY5l24zPde7WlIikK9ivMF5kjsCn1810mkS1mPi_kokfNqGN17QXbyUbudLXt2G9jeHAPctW9ijHlhhBkX5zuxq8OLEXP9UiRPRyaqjSfED09eM4j5fpY8pWou-b3-R-ZQShh6SOTesFH3C9MlewHJoAv4mNcPtna0soqI8yapitUrGSs2h1nFreMJ4VLYAWe4b_0LUntOitC5kJI3hDQVtFQrnabE4pNt91d7gjdpjKcljvVk_d1N5kqp2X-5I_oKwwulz7P2P3eCeUghGAB9J2MLFjgnmZzP2ebLeCTx1EEvvXv02QrqMc23txsInA8Ro8di44DIQZzdhe3ahDRxYJU5knhHd7YxfzmlRftL_ZCvhxHyQNwcy1apkXcFkeEzrEi4GcBGf5xfbjggBXsoGZGxopFOlEzuuardxf2MDuwKohkQF2MmehKUhKrACuZrD69Fkk7wsOgMH1D4dTCYZYnoJg5mm4jHgzfxXZBzPBXde1pE3c-3pLp2yKS3MddqQj_fxiBfeCtHL6jWWEihrClw7-umzk2-hTN2eYiFjgJtue2F1byUDZu5_GccyCGKtUDiTPHtv8jfKCFRfnhBcIHE1gkSsJmWgcu9SFJR9iFJRf8ufT0P3nIHuO1qO-YFA7QNzz6tVCkQGiMHmregO43yGxiINl6IwMEUFZ6f_DlM_hC1uvSIQ&cid=CAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E30B
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACnYDC7PB9vGLNe5M2Oih02724DPmAjtx4DAmy6mZKGzwIQH5K3QAk4PQ4Dr8xtssU_36aEoCwdYH1L2yDBz05wqVSoxFAAfQubomAo3t7j4_QXqY-qvavoQgZI6QU-LFxgI-fmMHn8PiA8ukiu3kSITo5zQ&cry=1&dbm_d=AKAmf-AEu4HtuKSOQ5BCSrzXmHWR8HJ9tEROWAFpIZJJwyuaiCfjCKgDixOVTWsMCsXtX8hdEZvO8tKd7YlH0SCuaIiYF-I4xXarpNZczPuJ-lItZqakDtSc5SLW6zwUyxH5fDZQ6Rn5xZxII75V3EKGiHjm4xD477iKPp3ZkLOlj_gkCYN3ioQc4aE9TghM591wY6Y51awiTYim9jNgng0n4mmdUce9hakRpnm7ukqVMrfO6iL03LdGbZPViBrrLZH4tdOI9KAHXE93-PRF4IY5ifAyJyrTBX65Op_7BE4Q_YvTGzxgFBIt0dQlNp-2oQnOiI1WylnbJikdSueKdwRKJTlCdO0JrpA_g6g1r-sNFE-Qb9CGFEsk4fTlncmEpWneSrlHDaMbVlaDdqFPlCjPnnXkTllHN2uD6IDRP5OTkAWyMRuj6UA6bEx1dOOaaHFq4qendeBjiZ9iPd5ibMwwgKuxCNT8dDpITA9r9C4gGMAQg6O1GUGjkE7kD60wxUOPzMvp_vuXrHk4VGJ2SYMYRoj-yDtkVgHGAW4w_tFceQ9qEbMNV0f24kl3VQ_Jdm-6H6xx2WBOKSru9GzJLTocMJjMryU1aMq3ZkFkKADe9Yf6DSDRzy43o_PhaNfoNyaGmyOGeQB5Jrj-nTyCbo1UPGV_sutkSkB7VPASzrc8m4alLmkHFX7THQLYgJZ9BIQnb2ucML8FtB8oHMEkYF0MLNfZ-0hF9QqKHrlKQMQ7f2N_BtwfvEiBaVrnknUg2ItLheOq6DhtOtg_5UqsoJJ3rc7R5HXcomvOWGvxbf-KpN0KdRLj43YZhiEV0pHz2YgFvrokSbY5VoLv0Da5IPvCQZRZAxbdusMuu_uNq805g_IO4ZcV0exYZgBqObTmFCNYVebA-YlEiISrsTr7O4gcayO72f-PqB4D8-YLfj7TRkNrMzofTWLrKsXCo2mmG0J1Ttuso6hyh7vYheap06oq9muTYyF7WqS1uE_kE98bcug7xjn77QN-kscFzCZPD4aYv3M751lWfueoXVu5tj6GC7NsJ6TiauzDHQdHDsyYDTAYX8vbVWPTASbHb37HAh6-cUbvNm67M2e9mMmz0_eV4XGaHWjpN70M-t6YiBhGsS9jLGU08EzBER_8xmd1bv-uNmoUyr6wf77OIUDzEAboOvRsz104kLvN2To7VWEMt0CMZnpLO-RD9U-CemH7SV6_WFjwxkQhoSgkPwy-R6VUr1iOXmO4bPnVcz8Rr7ErA-4W3L7z-HKzLAu5ITWN-H-DYa2G_S5TmcYG0mfGlYNwvlj6nZlVH6nveATPX47Olv76QwhwQeoS_kYELEbDqnZ-gtgf_zYmOzSHB6Nomtauawf-D0FB-85I-luMg773dP9nXiSK1K0sAS3i7xLz3BeI2y8cL4khGWV3A15EX8rrENUrEaXL8det--vIWdZifKYUUJNW6fD9MVjPt0nzl54oHZpoT7d6a9OCPReS_hj-HYJjb7dRvkcWdIgIT3A-i3DyaSR0_nzF2gMAXJBjqxmfSM5tYwpTMnjG_jEFeRetZiCbO_9A-TMTfqONN7Bcra2hXcgk_W4dYT1jISSTyHMTpoW-PHHefsOGEnR0hl-tGmET45Dl4P56mBL54WtF9et4yX9sRyE_N6DwXuCI0m3Q7vZbkZzfj18vzhcOpMRXFjz0Qc0DU392VyLQnGBKZoBEX6g-SGfnzEdyZLNDqwLhx3cqSBXxC9AWMwdHI4lV0pfDrkqp7Krn9fA3E2zeKkD6tYPRMlosRTxyTU_IoRHluS6vFjFYOZiTWNRuW4uaq7JZncxEOodtnHXNVeNaV-u-WqjtxfYtp3APs4f7vGZaJvjopfPnwJCoRd5g_d9sDeDsR0fZEXg-ephAcMSwjyLfSwurWBToQF7-zhNbPst0YO-Gb5fUTpOxjEJ1OwkgGTx33Qt2s4aHzfSiIfAAKZTvF0Dmdevxw4wqB50eeKupvCgnptjfN4HgcrPKng1_gPcRnWlq89a4bjjl5dmOPhpjWej1gFVPQ0sLQb5UFczE49x1FOXRViAU8CQsil1c94UXIioFKY2wEm4_aJpMrecFfZScflfQiIknlewqkOfZjA8TwCdJSxZv3hPyYQmbpZWo7d08ZaZPgsWmlBhagWRSSQzRW1OPYqmxBQylaIuVSLe1thB6Uxz_F4uY6L0qeYvd2CR8jmm3lzn4kfbjwcpIddKrilAnXZBwEzSqiQK6batDogUv77dDt5EfXRNm5cXLVQmk3Rtq_IDPUF9D0AI71IrPqjzkhYvqdlaZ-HNik3XNtx925uK_sL-E-wX8dE2QuxRTS5TYzsHAhkSJnEiHbMWxPK9JbgdlC8DzjLkL_alq9JH5tDf3KG24xW_3h26zjMO-_bnqSJPM8_lR2YzXT-ScJ51eOvDAiw5Ki6Nl94rQ83QlFoqU3YdYR5_jLm5QhqGd6o8bgtzA0dM_W_1-un6EIrArfnIlcmLOJ461N9j43NpzuZDpGqJhDS0HYY4Rl6m0p3uTawPCjeSwPnbXp9fqHOihcAcA-hFECGrGlZTRXw1nS18rjtNe7CJNTi8Gu8sPw4eZwaa53u1tY5l24zPde7WlIikK9ivMF5kjsCn1810mkS1mPi_kokfNqGN17QXbyUbudLXt2G9jeHAPctW9ijHlhhBkX5zuxq8OLEXP9UiRPRyaqjSfED09eM4j5fpY8pWou-b3-R-ZQShh6SOTesFH3C9MlewHJoAv4mNcPtna0soqI8yapitUrGSs2h1nFreMJ4VLYAWe4b_0LUntOitC5kJI3hDQVtFQrnabE4pNt91d7gjdpjKcljvVk_d1N5kqp2X-5I_oKwwulz7P2P3eCeUghGAB9J2MLFjgnmZzP2ebLeCTx1EEvvXv02QrqMc23txsInA8Ro8di44DIQZzdhe3ahDRxYJU5knhHd7YxfzmlRftL_ZCvhxHyQNwcy1apkXcFkeEzrEi4GcBGf5xfbjggBXsoGZGxopFOlEzuuardxf2MDuwKohkQF2MmehKUhKrACuZrD69Fkk7wsOgMH1D4dTCYZYnoJg5mm4jHgzfxXZBzPBXde1pE3c-3pLp2yKS3MddqQj_fxiBfeCtHL6jWWEihrClw7-umzk2-hTN2eYiFjgJtue2F1byUDZu5_GccyCGKtUDiTPHtv8jfKCFRfnhBcIHE1gkSsJmWgcu9SFJR9iFJRf8ufT0P3nIHuO1qO-YFA7QNzz6tVCkQGiMHmregO43yGxiINl6IwMEUFZ6f_DlM_hC1uvSIQ&cid=CAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 42EE
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYWV2psUy0KNS84mu9HZMkrMQUXKV1iYWfSFiVYxhW_3F14AGPDbgcmt-3wHlUIjVBvd8gOITgWH4f3DpnSp1oC6MVl0TvvqizhjRuiZT3qEPo-Z9pborntmEQ7ZUAnr2vNb9bvmXDjuvXZxK4Ty0dcKPveQ&cry=1&dbm_d=AKAmf-BUcaOlw4wRcp496laqUSXo0nAzvmOkAQHsj-JuwJC0o0mH9GQk0y8_Pk53zyrqr0wGj0pYg0WhJ9hnjRyN5PP5eZUzOH4Ql0_D3SUlUYhir-XzlrIUaTnrCcVjL_doxVidWyZSnE-2QPTJ6p5B1btGrRQQ3-kiI-yRB94A-EqlarqhkelPIo7vqKsEMKv4wRm9Rw3ZKN38eOuXZXyI7Ixu8UlLMr0hoZba9ziS661JP-_IW_4pJOA8lh8rGd2QsWE_kxpjEqbPqTrgmfcfcGgi3vlFMEul5XrrnFEHmItlknuPU_-uciJdMpXgQ95wEjHwidK9ETVPgRoCLFX_P9XVfSpBeEtg4qIRFGNiwarn9qbvRmHWG5BiwrNf4BihTloqvmIDQgul8_yJQXNGyZSjW-yOKDVmCj5tKSa09o5hP7-CfFHQJMZ5CV3XrKcMs-553yWd_dYrJYbgSzbhp_B7b2VU5ILzg_dknNIw6znp5-vj6I1o7ZbiFLoVylGgttqNjcWjYBkXE8MqVelUJ9xHBWA1j3nPkIUawyWKFsV3V7K1bxvKJYmCcVEBUzYkUkpWYQVJNkSCDlUI6gFD0H1CZrBWzlwTrpWcw5kuOamPG1c_8qc7uB1sPd6h0aD10AUWUZzhLwR0wNEelEAneh5CgWCaBW7wBW5Po0e53wwxupY_Q0ASzttmPEMltO18PIJICv5--gTD2HFETu1vwv-qZlpps-RJE5YB5LSZ5oacZ74VDA5rcCTVyhhgjG5vvlQ8JFhbPiMQTB7CsOduPsye4BmmzbC1veUg135W3ZnAHRn98TwBQ_tzJzNlzCNltW5gEPBvjmmszGpAEOwcCKemmwKTWYNnYcYrB0CChA7ZfAR3bYtsUteAK_BDdy8OHPN6XCU3G6SP-btl5BTZixcFRVWSyfDA1QCseGYpqR1HpJmvWgzCA2H7mQGY8zm2l1YfHZ4sv8Klwy_LLPaKtJqCjyytjcBLgh7oMkspr9sUIHQG9-gJR--j-wBXdt8BNs7_pesiUgaX1gfMnMOLEGRTcoSHbgNPPsQ0A4m2BCptFmz9uePSr3TZDybSk6Ek9n7DZBZysYaR83t-vRQewgN0GOgPAJObqB6dvsRVgODCkr48hWxTeoNMXGnrVmButpEEG2qFXAtj6SGHfdfot1qUXOb0vwqn2rWJawYbmp53f3h71QF2nuD1NNjtWThjd772OqN4CAmmT6hxxS2kEtbqWcnkrXu8xP7W2Um5XB7IyW29RHyF96IphSUaqMbRM32PIyskcEXxn1QDlmDHHmeLwrAElcx64Z0dzAH4hq2vqeVEoXoumz24iMqI3mDTlq7iR0nyMiHCGf7Zj4wXcXvSdL1SXmU-NDebqgiW-mMT_8z5wOTq3lM-2tlf1QMwSwtjtaAHOIu_oPMzOpW2CJcNeHbuOhV_-eK8pOXSIepfdpTtl4OPqCUsaSzPdKIpNnNbe1gKRa7wWYjORg8UI3BgPa0-7vpgUqvIo69I8t9nKvofaMp-oJEy8cyfdEKyxy23WW7MEJIpZdTiPmVb7ahswaNNCPx7tTFJcfLn3n4fjiUfkv-IuXcJB8fD-rOIf4_aqzeArOrDPBYPSxy-uIuklkg56ydwhRcS4dvFhn_q5KvyGBr_U7IjA9kQQVDqU1yRjTiUBC8WY0bTCCmAqlOkRmRx8IgOYDb51ZfCE1ap6_Zg8LL1R88QoGTpxeCgCgZfSHS354ZsYsf4b8ZR7C6jOSXgIFZHNxZk7vl4ww967qZ79ZsGCEHmX8rxSXavl4FThJhJUFnpGpHm1FYJcZ0WMoVTyFzLaIVTsJTZU7RuJtN_6oKSchol6VhcYV6eqKcO2IGJYU_35hyfUB55oy3rHnVeSGBHaGiIIrnksaBTZk-14pvkOlSKe6LlmkjaJGcrSBqBEBuPOzV0JRsibLXtEOcN1ueIw7N-zq8eIaO5qSl2008Ld8UnGgpn_LExxKSkzXX_9KKScISNEo-RBPb-1uLfL-XqfiyOkAMC1pTl_CV_V-nRERdxvv4UJxE0UrE24sBXx7Rcdza7ULLQtH1iaBWnAXjT2fZlEZKRZ2W-gAnUhVjwk8WcuNV9isJ3FTt0Ljn62zIGtlll1LvY-BCb2U0RQjqrU-97EFQ_TMsUMYSq-aJ_PevCylKhxeCyk6K2KryfHzKERpriMh2FVWxfm1omy8b7htDMF0T5i66iKaibWJzCC-aHI6a1ARuYVF3FP8ImMj-2ycjZ4fViYYblsE-pfcc0L9hbJcvYJBNdbIoGMSQuCRTQWRjYexEPiZIPcqFdQ7xq4KzfhAQrhR8bzvYP5Boqit2LHUHHt0vhEUS3USWKL-KrX9Me5IolxP5T4UfvhlHEOxLQwo4ljtZTCs0-HG4j8A6i88ODdwNNpgXHyIwTBZSOlnEBd4OVIzhVeJRmbfl-kiLGag1ojJuMOzg6R2Y1yxhV7C0mGoZgrJhZejSsMyl-rhf3c-QkNtaVW0Y9ops2JaHrAimuwwFaSkalUeUxKmQ6rRxHdBZVk637qMCw6v2ozk5Xk2hyzrMbdhAJqRPeqdPW0CafqBqu9t7a2eHhwa1urVbsp1aEc-2F5O4gHIkb0cOi-_3YKTvWil61hkwKc0UGH7wb8LJZghLLvM40RUJb1cN1wgLUaw4u9A7G7he7YXPBaw22QRkFeLTYl3YOfHoEFGWdjw0H49-26UnZDkQc90I5ABrh6nGW3P2oVJSehSC1lKNMkWOQTqEkO3cP2jLE0A6KOIngJ6_OD_7oW-zgnC7zkpMWXBnqn_fcLXW1MJHq2yLvOMAA4ZGjDC68CpcGR01hoBOTBRs5_de0CGApYWPjSD6XHchlNvRqgoohrSl-LI8MY46LzTit2VRlFxYQ3X82Bs77B8EEUvnnccnu9On0Kxz2GM_yybbL8mktSFgmksrJyk9en-bHaOQhlH_24N5F2bpNdkvcC3skZI_MAAF2xRN27lz-4wVqfiFIjlWALPvCW554vsBKO4Orj42CEm1kBR3AN0SXT4orgCtDMCsLFIfgv2PrNOKh6nIV0KGR6MWaugVxJ0_micgVk_dR1Gp5ZAFPJBCX2gRRvk2wwTb_tb2cX5B0BAsDgcwKeYV_Zs9gZEHYVk-O2z8wpPZoQ9tFcrBwatd_8J79Ne_Qy6UnNOlJe3eZz8Gl_iJA9KSpYtY13jdcPJdZYJb9kztwBf4cTfPAyjYBmBQRsmipgkramt7zrTwMP0nIyEsnyS8kwFQ0qrQxRF5Vk-nl0P4Bz3eqx1xeM7A-SA&cid=CAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 42EE
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYWV2psUy0KNS84mu9HZMkrMQUXKV1iYWfSFiVYxhW_3F14AGPDbgcmt-3wHlUIjVBvd8gOITgWH4f3DpnSp1oC6MVl0TvvqizhjRuiZT3qEPo-Z9pborntmEQ7ZUAnr2vNb9bvmXDjuvXZxK4Ty0dcKPveQ&cry=1&dbm_d=AKAmf-BUcaOlw4wRcp496laqUSXo0nAzvmOkAQHsj-JuwJC0o0mH9GQk0y8_Pk53zyrqr0wGj0pYg0WhJ9hnjRyN5PP5eZUzOH4Ql0_D3SUlUYhir-XzlrIUaTnrCcVjL_doxVidWyZSnE-2QPTJ6p5B1btGrRQQ3-kiI-yRB94A-EqlarqhkelPIo7vqKsEMKv4wRm9Rw3ZKN38eOuXZXyI7Ixu8UlLMr0hoZba9ziS661JP-_IW_4pJOA8lh8rGd2QsWE_kxpjEqbPqTrgmfcfcGgi3vlFMEul5XrrnFEHmItlknuPU_-uciJdMpXgQ95wEjHwidK9ETVPgRoCLFX_P9XVfSpBeEtg4qIRFGNiwarn9qbvRmHWG5BiwrNf4BihTloqvmIDQgul8_yJQXNGyZSjW-yOKDVmCj5tKSa09o5hP7-CfFHQJMZ5CV3XrKcMs-553yWd_dYrJYbgSzbhp_B7b2VU5ILzg_dknNIw6znp5-vj6I1o7ZbiFLoVylGgttqNjcWjYBkXE8MqVelUJ9xHBWA1j3nPkIUawyWKFsV3V7K1bxvKJYmCcVEBUzYkUkpWYQVJNkSCDlUI6gFD0H1CZrBWzlwTrpWcw5kuOamPG1c_8qc7uB1sPd6h0aD10AUWUZzhLwR0wNEelEAneh5CgWCaBW7wBW5Po0e53wwxupY_Q0ASzttmPEMltO18PIJICv5--gTD2HFETu1vwv-qZlpps-RJE5YB5LSZ5oacZ74VDA5rcCTVyhhgjG5vvlQ8JFhbPiMQTB7CsOduPsye4BmmzbC1veUg135W3ZnAHRn98TwBQ_tzJzNlzCNltW5gEPBvjmmszGpAEOwcCKemmwKTWYNnYcYrB0CChA7ZfAR3bYtsUteAK_BDdy8OHPN6XCU3G6SP-btl5BTZixcFRVWSyfDA1QCseGYpqR1HpJmvWgzCA2H7mQGY8zm2l1YfHZ4sv8Klwy_LLPaKtJqCjyytjcBLgh7oMkspr9sUIHQG9-gJR--j-wBXdt8BNs7_pesiUgaX1gfMnMOLEGRTcoSHbgNPPsQ0A4m2BCptFmz9uePSr3TZDybSk6Ek9n7DZBZysYaR83t-vRQewgN0GOgPAJObqB6dvsRVgODCkr48hWxTeoNMXGnrVmButpEEG2qFXAtj6SGHfdfot1qUXOb0vwqn2rWJawYbmp53f3h71QF2nuD1NNjtWThjd772OqN4CAmmT6hxxS2kEtbqWcnkrXu8xP7W2Um5XB7IyW29RHyF96IphSUaqMbRM32PIyskcEXxn1QDlmDHHmeLwrAElcx64Z0dzAH4hq2vqeVEoXoumz24iMqI3mDTlq7iR0nyMiHCGf7Zj4wXcXvSdL1SXmU-NDebqgiW-mMT_8z5wOTq3lM-2tlf1QMwSwtjtaAHOIu_oPMzOpW2CJcNeHbuOhV_-eK8pOXSIepfdpTtl4OPqCUsaSzPdKIpNnNbe1gKRa7wWYjORg8UI3BgPa0-7vpgUqvIo69I8t9nKvofaMp-oJEy8cyfdEKyxy23WW7MEJIpZdTiPmVb7ahswaNNCPx7tTFJcfLn3n4fjiUfkv-IuXcJB8fD-rOIf4_aqzeArOrDPBYPSxy-uIuklkg56ydwhRcS4dvFhn_q5KvyGBr_U7IjA9kQQVDqU1yRjTiUBC8WY0bTCCmAqlOkRmRx8IgOYDb51ZfCE1ap6_Zg8LL1R88QoGTpxeCgCgZfSHS354ZsYsf4b8ZR7C6jOSXgIFZHNxZk7vl4ww967qZ79ZsGCEHmX8rxSXavl4FThJhJUFnpGpHm1FYJcZ0WMoVTyFzLaIVTsJTZU7RuJtN_6oKSchol6VhcYV6eqKcO2IGJYU_35hyfUB55oy3rHnVeSGBHaGiIIrnksaBTZk-14pvkOlSKe6LlmkjaJGcrSBqBEBuPOzV0JRsibLXtEOcN1ueIw7N-zq8eIaO5qSl2008Ld8UnGgpn_LExxKSkzXX_9KKScISNEo-RBPb-1uLfL-XqfiyOkAMC1pTl_CV_V-nRERdxvv4UJxE0UrE24sBXx7Rcdza7ULLQtH1iaBWnAXjT2fZlEZKRZ2W-gAnUhVjwk8WcuNV9isJ3FTt0Ljn62zIGtlll1LvY-BCb2U0RQjqrU-97EFQ_TMsUMYSq-aJ_PevCylKhxeCyk6K2KryfHzKERpriMh2FVWxfm1omy8b7htDMF0T5i66iKaibWJzCC-aHI6a1ARuYVF3FP8ImMj-2ycjZ4fViYYblsE-pfcc0L9hbJcvYJBNdbIoGMSQuCRTQWRjYexEPiZIPcqFdQ7xq4KzfhAQrhR8bzvYP5Boqit2LHUHHt0vhEUS3USWKL-KrX9Me5IolxP5T4UfvhlHEOxLQwo4ljtZTCs0-HG4j8A6i88ODdwNNpgXHyIwTBZSOlnEBd4OVIzhVeJRmbfl-kiLGag1ojJuMOzg6R2Y1yxhV7C0mGoZgrJhZejSsMyl-rhf3c-QkNtaVW0Y9ops2JaHrAimuwwFaSkalUeUxKmQ6rRxHdBZVk637qMCw6v2ozk5Xk2hyzrMbdhAJqRPeqdPW0CafqBqu9t7a2eHhwa1urVbsp1aEc-2F5O4gHIkb0cOi-_3YKTvWil61hkwKc0UGH7wb8LJZghLLvM40RUJb1cN1wgLUaw4u9A7G7he7YXPBaw22QRkFeLTYl3YOfHoEFGWdjw0H49-26UnZDkQc90I5ABrh6nGW3P2oVJSehSC1lKNMkWOQTqEkO3cP2jLE0A6KOIngJ6_OD_7oW-zgnC7zkpMWXBnqn_fcLXW1MJHq2yLvOMAA4ZGjDC68CpcGR01hoBOTBRs5_de0CGApYWPjSD6XHchlNvRqgoohrSl-LI8MY46LzTit2VRlFxYQ3X82Bs77B8EEUvnnccnu9On0Kxz2GM_yybbL8mktSFgmksrJyk9en-bHaOQhlH_24N5F2bpNdkvcC3skZI_MAAF2xRN27lz-4wVqfiFIjlWALPvCW554vsBKO4Orj42CEm1kBR3AN0SXT4orgCtDMCsLFIfgv2PrNOKh6nIV0KGR6MWaugVxJ0_micgVk_dR1Gp5ZAFPJBCX2gRRvk2wwTb_tb2cX5B0BAsDgcwKeYV_Zs9gZEHYVk-O2z8wpPZoQ9tFcrBwatd_8J79Ne_Qy6UnNOlJe3eZz8Gl_iJA9KSpYtY13jdcPJdZYJb9kztwBf4cTfPAyjYBmBQRsmipgkramt7zrTwMP0nIyEsnyS8kwFQ0qrQxRF5Vk-nl0P4Bz3eqx1xeM7A-SA&cid=CAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame A695
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3z6AGfzhrEEnqn_78-qok4ea5ogMea2k0KA6JnF6iVUNNNS6qwPt2goIBov76Lh8hetQg_TbX7yBUsWnaLzbpMMF06Xrfx6cvf2f_284APdOhSV7IENDKDaRja94pTuMAWHT9foNLRFUpE5XwOXbbViaOlw&cry=1&dbm_d=AKAmf-CPKPDe81aEfwPEj044xG9VWF2Xi1xLpsQmI0fbxbEkCVl0nDfS16Q1zHBcxCW4nwNY8hlOHc0axCBZfCQ1OODSvc9aGJXaPCabZSe6Y02zBa_7EPOutxmIlMgmDZ-R_bG01HuQCyqxQKXomBU5kGR_tX08-PYlT_j9c76-Ec1B9oFuto_jzxnObzthg0GhArANwHqksM4Dq6c7rDNBtAf0zitD4jJmvBooqSyoyDGrZJQkVLYXjqy1BMUcwznRJt8k5R_uTOOcfKh4v1nR-RXnA0_9ZSttpV_MHscrpy9HVadAcPAbrH8ii2YVfnFIgV6dLTU0Jy_HX7gAVBWlIWiW7aGkRP5BuiaahNpNdJ3KmS5vFtUzr_seKGh-cJgScfEiPqnFB68IO28NuXRnElELtUKigKHUPIzHN2-rzCUDGTFGVE7DdNtnaasqU5O6E3h9shmUPWKUxQZLgfNhFrk-gcwkbRtpMJwPn67tWcbhAegsU4XwS0baIwcf98orpZWQX5yt0YYWjP96c2M-27kLviXJZdxYd16KrMdpAFf_WFfgXu7KZHJEI1G32_uUiUbjV4DYYxqukpiu_cWbLliplv3dj_IijkSEUvLReCvvFT4porpS1OJLKsxWaCweiP0mozTghRimxH5dY7nXfzDolDJp6v32vXuPigtbbsfiVQEwQjlOnLJSAgLHVy74FboJDLFhea6Q-dCSdma4xFsYPmHJRrkbzpcgyWkSyAajO0XGhNPndXfvgRQqFQ_duCyUl-mMMWMjJKE5iBMTD4fbE1qpGbp-lkCBIfVwcNwJuo4BMeFr-9BqLw1s5PG7smJILdp5yVGGfc1nEtXswObV-LpliJOB8nQDcd8K5FoNDBs76H3leTRImmQPEq0tbnH10nVRR0zarA7DURrNWZ9l5Wj1zCyK3pRU-5DIEGBun6jWz0U_Xqmlnwbakqc7a-nGSuA42ShhrJw--INNFyOhr5jRWKR3IH_Ulaf_0oXmHl6vdL3eTbXinKzGpW4PDkfivAWcxLFX9GQU5KQROrFqGtphFria70S2vRxcZ1qZqRu00sncmqsXdWwn-KM6k5PLGeA3oADK9SZ736HrBWtKklr5PtLyNepeJcGAjLM4NKArqVlxjEihnSEV_RBL-aUVXWW1o6PFJO1oske_q8f7bIzwPZfWBa8R6r7tm8fdx4lSLXExE63RKstHtul61vJtl1OFlc56Z838gmky2QyMlp2JliWxS_KgVOZ8nLMTS4CwJZu1oWOWUMkOm3g653kSFJplu98uUgPk9L8PTnqGrTJxjzzPivrNML4ZJrrCPMg5IQALSxj2n_r0nNUI5FUnX2B2ZyT8bhGHuVrKxYRpQvYWB6TTJkYNrdq4J959CrgWJ-eCNhCAAwP4qGdybZoH-pyCH8ZvuRMx4vQWnlXaOGlCBZxeR8pnbk0mC3I5m95n-91HNn5rcR9fryaVmBdvc7aoKavBqPN-ORRiyZ67EsGlwIExYYJlgwOcaGQDvwKhozQPPZtaDBxiI5TsJOoDYrWv2jz3_pFnNuMdVeKQmEWM9laFWwi1WoRfboxEFEWaqNJG2K4T1EX8yMHjivhZUyxxnURntUe6hMQKF-pHF9HUAPUHWCuL9iMmHt_dPApsMbUAeVIBD5y8_AwKPA-u_O59EQNufgosfCae95Mej_AcNkxhiemUYWIyn2yC2quD4Hp3Y7hem8MB9eCqGueKLhO1Zsw8GQHDd6NVAHzAVVsmcXWR0-RFLC7AjRRnZk72WVJCYlrHY4oLbJyu3cxjhezb7jYcxmgyu9dBt1k1j_7zKhNSgRMYyxRSM2onxluZea0jQCvncOoP1zjYxnPoAfu03WrKTP_azqUGTTmlFGhz51405gxa7BM2lLGZMZqXUQBNjjDGQIbEHqTs0uyCEXm5ZLIE5nTZ9M-A4LwqIakrs68WEiCajLYUgfQuCe9yRh8DOcQ3wEJMTE3rd-qT2MQrnNAhRseiZrcUjYTx038X3_3Nl23opwcfvAGOtJkUMtEjquaWuzK-92ZasJO46EeH7fXvziebNQbaT8T3WoW1QJegzgOHmNrMY1nXSSRGdCJdOz2La7CwAfMgXNQVK20umMVj8Jakr0LOX3bK8c_hVsQSUpR7YOwHgekDsUVTgnITyQgTnjq_mAX3veLuHKBbix-KBMEshTojFBsnsY69i_MFkNA4uMlmbOHcKOkFrdooePOOqCyhCrAD4TwX_-tUQxWL-IfkhlDIiAmmIjwfWXE65rYW3sgKlmecLDXERgXeYawdqmf9fcKFKMCiT1sG58Avug9bla6S5MRk8Ej_SQLj5ydAwQmMvaN7hx-8Uqc-qu43RhfCGVtc5etLPMACl2-hn3hO41qMhNWTyv56XL9atumBDq8GbU2-y8L1Azj9HbRijPpD23bfUOBJddvCFPx4wsMU6SE5qiq23FjEB2narHddtYzeEx0nJ_LfKd6f1d68SYicTktdn2BJlyY15xt899YlZGcV6-4QcGtPyBq3lT5QKAYkreNvDutjh7I0amA-FJYfSOIIFSvsKRBI3YzJrQrJsGrim9i6HbLht9aPb0NQn_coBsugb0YkyhJsY2gNjAyJrc6ZjB1FaVpPoXQN2Z9twEQBo_KsUDqzudCww4igBx0n7vsk5CgpPL3G8at7Pb_bTgbekBAjlN3YeL4vaLy_tmrrf5M2AYn1TF3OqyUjna47WUxAGZtNK7ogxLBWVYuQZRe2Z6UtS3VjoMrspWitAd4fXWh_9kCJpyZHpRZ0saJc5tWP38fB2rX147ha6PiMkkQ4R8MnZponlqoyKn2_iFg0iFLiTPYMI9FJgeeH1LoCYUm3FpL48JtYbe306xzPnHs0KrV-_yi8HPrpd4BUFXZ_MKHkTHXQVJvxQyIPY3ZE1o68sqCLjzR7wmzjn81FLgrcoW_w3uoNAtu7RqqwIwvUuDqjPqEyYoMVzcs1CGZHRfSBzLqxFVOUoAD_DGghMXKwo6lWZxL21-JGxzC78Bo-qxd0dMYGNmknk5irM_wBGFzG7d-Vu4T0BRznHCMZXAYSMlfu1ECBAeNa8LS3mJ23mnBekmwGs88Kx5Bt4dlnHmyjZ_-Oz70yWQtQ2SusfTn7SSBU38wZq8-mFQFD_rjb4bknB_jC3pb6o_0em6CBHKoHYFWEwadD4-C5AzEWr4TvweEGEnkIEVc5yKhRFvvbrUruMY3SpRAIpRAodcmKfs4XRa7hUIicWizft70xhPBeU9UIdbKXNkZ4wZCncCRkQSoGWGFxjairDjkKo48pNr9lRvKBXAv6sqdPmN8ws76xLiB1tW_J&cid=CAASFeRo3hTi2LgRCFM7-QlCI0I2_FQy2A&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A695
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3z6AGfzhrEEnqn_78-qok4ea5ogMea2k0KA6JnF6iVUNNNS6qwPt2goIBov76Lh8hetQg_TbX7yBUsWnaLzbpMMF06Xrfx6cvf2f_284APdOhSV7IENDKDaRja94pTuMAWHT9foNLRFUpE5XwOXbbViaOlw&cry=1&dbm_d=AKAmf-CPKPDe81aEfwPEj044xG9VWF2Xi1xLpsQmI0fbxbEkCVl0nDfS16Q1zHBcxCW4nwNY8hlOHc0axCBZfCQ1OODSvc9aGJXaPCabZSe6Y02zBa_7EPOutxmIlMgmDZ-R_bG01HuQCyqxQKXomBU5kGR_tX08-PYlT_j9c76-Ec1B9oFuto_jzxnObzthg0GhArANwHqksM4Dq6c7rDNBtAf0zitD4jJmvBooqSyoyDGrZJQkVLYXjqy1BMUcwznRJt8k5R_uTOOcfKh4v1nR-RXnA0_9ZSttpV_MHscrpy9HVadAcPAbrH8ii2YVfnFIgV6dLTU0Jy_HX7gAVBWlIWiW7aGkRP5BuiaahNpNdJ3KmS5vFtUzr_seKGh-cJgScfEiPqnFB68IO28NuXRnElELtUKigKHUPIzHN2-rzCUDGTFGVE7DdNtnaasqU5O6E3h9shmUPWKUxQZLgfNhFrk-gcwkbRtpMJwPn67tWcbhAegsU4XwS0baIwcf98orpZWQX5yt0YYWjP96c2M-27kLviXJZdxYd16KrMdpAFf_WFfgXu7KZHJEI1G32_uUiUbjV4DYYxqukpiu_cWbLliplv3dj_IijkSEUvLReCvvFT4porpS1OJLKsxWaCweiP0mozTghRimxH5dY7nXfzDolDJp6v32vXuPigtbbsfiVQEwQjlOnLJSAgLHVy74FboJDLFhea6Q-dCSdma4xFsYPmHJRrkbzpcgyWkSyAajO0XGhNPndXfvgRQqFQ_duCyUl-mMMWMjJKE5iBMTD4fbE1qpGbp-lkCBIfVwcNwJuo4BMeFr-9BqLw1s5PG7smJILdp5yVGGfc1nEtXswObV-LpliJOB8nQDcd8K5FoNDBs76H3leTRImmQPEq0tbnH10nVRR0zarA7DURrNWZ9l5Wj1zCyK3pRU-5DIEGBun6jWz0U_Xqmlnwbakqc7a-nGSuA42ShhrJw--INNFyOhr5jRWKR3IH_Ulaf_0oXmHl6vdL3eTbXinKzGpW4PDkfivAWcxLFX9GQU5KQROrFqGtphFria70S2vRxcZ1qZqRu00sncmqsXdWwn-KM6k5PLGeA3oADK9SZ736HrBWtKklr5PtLyNepeJcGAjLM4NKArqVlxjEihnSEV_RBL-aUVXWW1o6PFJO1oske_q8f7bIzwPZfWBa8R6r7tm8fdx4lSLXExE63RKstHtul61vJtl1OFlc56Z838gmky2QyMlp2JliWxS_KgVOZ8nLMTS4CwJZu1oWOWUMkOm3g653kSFJplu98uUgPk9L8PTnqGrTJxjzzPivrNML4ZJrrCPMg5IQALSxj2n_r0nNUI5FUnX2B2ZyT8bhGHuVrKxYRpQvYWB6TTJkYNrdq4J959CrgWJ-eCNhCAAwP4qGdybZoH-pyCH8ZvuRMx4vQWnlXaOGlCBZxeR8pnbk0mC3I5m95n-91HNn5rcR9fryaVmBdvc7aoKavBqPN-ORRiyZ67EsGlwIExYYJlgwOcaGQDvwKhozQPPZtaDBxiI5TsJOoDYrWv2jz3_pFnNuMdVeKQmEWM9laFWwi1WoRfboxEFEWaqNJG2K4T1EX8yMHjivhZUyxxnURntUe6hMQKF-pHF9HUAPUHWCuL9iMmHt_dPApsMbUAeVIBD5y8_AwKPA-u_O59EQNufgosfCae95Mej_AcNkxhiemUYWIyn2yC2quD4Hp3Y7hem8MB9eCqGueKLhO1Zsw8GQHDd6NVAHzAVVsmcXWR0-RFLC7AjRRnZk72WVJCYlrHY4oLbJyu3cxjhezb7jYcxmgyu9dBt1k1j_7zKhNSgRMYyxRSM2onxluZea0jQCvncOoP1zjYxnPoAfu03WrKTP_azqUGTTmlFGhz51405gxa7BM2lLGZMZqXUQBNjjDGQIbEHqTs0uyCEXm5ZLIE5nTZ9M-A4LwqIakrs68WEiCajLYUgfQuCe9yRh8DOcQ3wEJMTE3rd-qT2MQrnNAhRseiZrcUjYTx038X3_3Nl23opwcfvAGOtJkUMtEjquaWuzK-92ZasJO46EeH7fXvziebNQbaT8T3WoW1QJegzgOHmNrMY1nXSSRGdCJdOz2La7CwAfMgXNQVK20umMVj8Jakr0LOX3bK8c_hVsQSUpR7YOwHgekDsUVTgnITyQgTnjq_mAX3veLuHKBbix-KBMEshTojFBsnsY69i_MFkNA4uMlmbOHcKOkFrdooePOOqCyhCrAD4TwX_-tUQxWL-IfkhlDIiAmmIjwfWXE65rYW3sgKlmecLDXERgXeYawdqmf9fcKFKMCiT1sG58Avug9bla6S5MRk8Ej_SQLj5ydAwQmMvaN7hx-8Uqc-qu43RhfCGVtc5etLPMACl2-hn3hO41qMhNWTyv56XL9atumBDq8GbU2-y8L1Azj9HbRijPpD23bfUOBJddvCFPx4wsMU6SE5qiq23FjEB2narHddtYzeEx0nJ_LfKd6f1d68SYicTktdn2BJlyY15xt899YlZGcV6-4QcGtPyBq3lT5QKAYkreNvDutjh7I0amA-FJYfSOIIFSvsKRBI3YzJrQrJsGrim9i6HbLht9aPb0NQn_coBsugb0YkyhJsY2gNjAyJrc6ZjB1FaVpPoXQN2Z9twEQBo_KsUDqzudCww4igBx0n7vsk5CgpPL3G8at7Pb_bTgbekBAjlN3YeL4vaLy_tmrrf5M2AYn1TF3OqyUjna47WUxAGZtNK7ogxLBWVYuQZRe2Z6UtS3VjoMrspWitAd4fXWh_9kCJpyZHpRZ0saJc5tWP38fB2rX147ha6PiMkkQ4R8MnZponlqoyKn2_iFg0iFLiTPYMI9FJgeeH1LoCYUm3FpL48JtYbe306xzPnHs0KrV-_yi8HPrpd4BUFXZ_MKHkTHXQVJvxQyIPY3ZE1o68sqCLjzR7wmzjn81FLgrcoW_w3uoNAtu7RqqwIwvUuDqjPqEyYoMVzcs1CGZHRfSBzLqxFVOUoAD_DGghMXKwo6lWZxL21-JGxzC78Bo-qxd0dMYGNmknk5irM_wBGFzG7d-Vu4T0BRznHCMZXAYSMlfu1ECBAeNa8LS3mJ23mnBekmwGs88Kx5Bt4dlnHmyjZ_-Oz70yWQtQ2SusfTn7SSBU38wZq8-mFQFD_rjb4bknB_jC3pb6o_0em6CBHKoHYFWEwadD4-C5AzEWr4TvweEGEnkIEVc5yKhRFvvbrUruMY3SpRAIpRAodcmKfs4XRa7hUIicWizft70xhPBeU9UIdbKXNkZ4wZCncCRkQSoGWGFxjairDjkKo48pNr9lRvKBXAv6sqdPmN8ws76xLiB1tW_J&cid=CAASFeRo3hTi2LgRCFM7-QlCI0I2_FQy2A&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame DEFB
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8XKodmjzrc4AQovZrZiuDBYQwWT5mqHPEh1jLA-KDqNIzrkM5zYISXbRYJN2nFHUPzeao-1Qyt9ReDxHNtNMjMq9OsrHvs_tGa_4DHe2dUIsyJLT9AEFWivP-c_ipHABNKEHJubx3X0I4z2CJpzPq57f_kQ&cry=1&dbm_d=AKAmf-BgHpBMx4H4P50RUjet2RZ0w4BEVA-WDPrS1Gs5oZ6KH32gX8MSaxXDxtBYPZTHfxcEXQlU2ZyEXqWOuWBYOR0P2y7G5PCRb7wrpaiiwogO16mwEEs96FUHOo766aVoIDQM7keBlRl8Biq19mllGLNK7_C7V1RxU668oKXGUD58yGXeYzZHWbFLtKlokcIoYS2WMiJWJgcGWfKDrBQJAyQJh40C6IL6oXWGnZM4ez-kbSrBA7Qrbp56KkjzAIaXeq9FjYwkWFAxcgz-XjpP9DUw47G4GLnOqfEy4RStxSMefTtruVnjcEslcsaDORQEMjGO7K9OvFDiOL6e5KwD3lu3Q7vq4kQisY2Mfm3bnvm9bofw6BGMtHSF_Hx5FEpz870nwZ-0ltLEPLbjuMYpR3QNXzv0lrPQxeiB8LbKMpkg3s2Ccp3HfyfvUc8RPeONCyoDzunDKmX4CgX1FwblLC3fwqIIGXyD2W2Ii0lCjlr1LBTBJKjBqHRbRXyeozSxwOe6IHYYYlnQqLHSm7RAltKdP_Z4QmKMCsTb5H9o5prYAO5ZypKc_x0YCWAMTJXoe6fKkEAhhwl4Y79ils2CSbI4jKa99Al34j0mG7jAeQPnM64RRZlBvws_v5kzIQ7qpAN8MG5MGHLK7XXxy2yjmy_Gfpv2fMu-xjsrbtfrrocbUvGj-jZ_qFIjxlbX_ikqLqX4jqiPclsRnwwa1FlZne0Q9J1RYrXVsncdievtWYSUq8w2dsr6TJfiKPXmlgkr9QjRNodVKTEyIKq6AzlIAYNrzqm6hjzgO_-AvcUUY6S0i2ejZU9vdXj8R7dZdry83uUHmeEUExxdAWyp6MtSbT3rWiicnEaHNn0r_JHQ3lRfgJNHAyPzSgslIB2puj8B-l8hWXJSumimSV-j0Kl8SUvUnhHo55dTqDgVMv-PoKOq8R_qvBjoA3YgV-FeL0mCiID7vwXmjIVqXNqsY2vtqw39d_8ThnmVnnbW8lXqiQU7VSDM08H3-Lv0Aixyt_jgTZG4KVO1REmaIPnrmMn2uyB_0ion21jt_1vfjJDKlGgAGy8th2lS9c-VfzRMmg24951K1jiTz7woAtIDrRFugArV7ZRjOu16agB9Uz2qmVn_I9sO9cv-2K0p12r0klDSfAgpqY3AU4kUsJ7QzfOw4tKrIlcWFMW4ngUCVNRlSRBKG95N3svWS3C3VVC67iNHzEm7CAPp_KfT7P62soVXUWj5VN_OLdbiaCyo_tOEfUtsnwNaei3qMZKU2MlAGGLR9jfLLkw3sIp3exilXbb7DI3Xjl2-sZ_oUz1Ofho003M-QV47TW-MTAP7rxu8ytukZfb4L7Hxl6gX9_Q52G4C_mi5tDMn2KkMsFV6Xt3k8FmVxGcgM4CO0bq5vibJKI5YVPso-yrhJfbBmklUv5zlMjOhEmGHC33Y5kWEm2QnCPe0tHbBzYJPuZZBhSRhpPBJr77dfFiTLXOLbQft-4-f_1SWqf6KhYq2A0ugPSSmpYEP49gGUk4_wml2djTjUc2jBCMB_Nn0siCysURRbTNV_adAIyr7pACjJkugK2e1v9z5ecKKuSlulb0cA1B5-a5_Kqi55Z2dk1Dbj227-bcggkx5wD8mqNPavo6psYNDEcseQjgeotRjW94Vx3Yx7LrBE0ii7w1V2NfnEkdYw3-5ZWpv-NZ5gO4-Mo7QT4OwDHCfoZf9T7kobaOPIuTXr2Qs7UxOOH-lXd8I_SiUORsqTqWCddWVf0Rd7PVaBaZ55HRiEYf8XCySZCryPs8-raQ9ySBqaNUWCNH3XIK3BEDEmtD4C0ElN8EBGdtw-Vay89m2hJjWls0lOw7nktQvUc_8eurVY_QiW4dbpt06mjpC5lCYfkGV4RBBcQmX1fT2qoce9syGDVoRdcW-2L_RFmPIn5DU7JNAJU64ABLJF3T3Pa4ZZxWW_JXDav2ZiI_SM4P8ak99wmmFkuH0Na00g_PTvvN5GM8ZU1HH-oU6L030N4kMHJ2_6xaZetMWJX8C9YNSzSXfj9OVN2wDJJDiOn4N1VPpTMwSiRWWyJHG7mV9PnYmzE6WPOvvAQiYxgZ6tYA8wOXaq3PkENQwDXO-BzxzetQoeGM5agwxb9h8qDkrsRpl7o_9KIg3-z-EF_ZiR1nfiYwIyPE-Of5Q7g7qHulc32Mf47VJvPI7RiXw8c3ju-YXQaY9IyoASQ-iBC3MhfOSgfDut-FW9qqOxAhNnGQKOwKECnTJAdHbGmPZz248geX6RiOcwsA1jXGa_kd0YWAy8qKHLyTiUE0SsaXYJOlZnTnNOauYH317oB2ZJIQRgJahdE4DB5nVg5Ydh66jmSQNp2GBUUmaidERnb90TmraoZUPljmxP8BL1iUTeqUEtZEfjF2jQjQ6Xu0awFBiIczMeBN0xf4BNyB9iZfCHo3ZRnt-MfoJp5oE3GhbNX10g6r7dkaEndzzWSOHsXikGQFe7OtdJvy7Dwn6QXGxbXSd8Pw8p88n80YF4eTzSse177sute4DYPo6Kjc9KGughKnD-9t8wnmjBc7JiOJPwLaYE_qwAFnTGs7KpvdTCDyF45Wo2HE19_DL3sdnsR7DoxfOtuISn3pdPNH324-uDkeYrCirJRXbI5we2o8LqMDGXv0Mcu0zNXZC-KyAiV_b3o0b6vTPJWA3xhKgMQY0x6NzzZzsExO5Jjg3f6h80R9pl3BVtJDMrslKQ0STTz5jJE6iJlfI2YUSBv7bQmi8pFXz7_Xzn91OM16W4C0r4Nf1yFVNAvPTwfk6PJUHWMLfE3WnaKEEeRMnb6jazPyYkLiScMGwgQVrnL6epo_uG5rz7mHPLdvR1ifJeWuYryujayKRC4nZ0Hyi7WOIpLO8kLJfSKbUOJlgeFV9eFC5_Y6ov-4bQATwlhtpH7rhboYZFXdSHJDSF76lZ4Y8kV5TwUZaao6_piBYBIhAkH6YIQpC-jOU-7NwzRErh1eo0KsLljKtezGQkj8jGp3yT6StChv_4_cDoToYnDhMVBNtpLKyefahfiOsS_C8qCKg3SG8UsLNkDm9d46SVb8x4laUP7CU81D1dUYprpeC2pfF91CgmX_pFz9HRBw0D2CPfquPxNcRLeO62IxqACjiVW28oq_q7hEVxAcizE0gHfSxLkGpFfSiQwRUJVXjpp-x4BIRes8iWVwTTbvgj__d6lLloxreulgavdOv4AikqGvTfZm63YVsTQ1ottbBqsciNuHFxyeATZr6LEf0Z7d2DIA5pZtPsEkkq9ZAoY4f-fIHsMMfGY6tKIu_HA&cid=CAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DEFB
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8XKodmjzrc4AQovZrZiuDBYQwWT5mqHPEh1jLA-KDqNIzrkM5zYISXbRYJN2nFHUPzeao-1Qyt9ReDxHNtNMjMq9OsrHvs_tGa_4DHe2dUIsyJLT9AEFWivP-c_ipHABNKEHJubx3X0I4z2CJpzPq57f_kQ&cry=1&dbm_d=AKAmf-BgHpBMx4H4P50RUjet2RZ0w4BEVA-WDPrS1Gs5oZ6KH32gX8MSaxXDxtBYPZTHfxcEXQlU2ZyEXqWOuWBYOR0P2y7G5PCRb7wrpaiiwogO16mwEEs96FUHOo766aVoIDQM7keBlRl8Biq19mllGLNK7_C7V1RxU668oKXGUD58yGXeYzZHWbFLtKlokcIoYS2WMiJWJgcGWfKDrBQJAyQJh40C6IL6oXWGnZM4ez-kbSrBA7Qrbp56KkjzAIaXeq9FjYwkWFAxcgz-XjpP9DUw47G4GLnOqfEy4RStxSMefTtruVnjcEslcsaDORQEMjGO7K9OvFDiOL6e5KwD3lu3Q7vq4kQisY2Mfm3bnvm9bofw6BGMtHSF_Hx5FEpz870nwZ-0ltLEPLbjuMYpR3QNXzv0lrPQxeiB8LbKMpkg3s2Ccp3HfyfvUc8RPeONCyoDzunDKmX4CgX1FwblLC3fwqIIGXyD2W2Ii0lCjlr1LBTBJKjBqHRbRXyeozSxwOe6IHYYYlnQqLHSm7RAltKdP_Z4QmKMCsTb5H9o5prYAO5ZypKc_x0YCWAMTJXoe6fKkEAhhwl4Y79ils2CSbI4jKa99Al34j0mG7jAeQPnM64RRZlBvws_v5kzIQ7qpAN8MG5MGHLK7XXxy2yjmy_Gfpv2fMu-xjsrbtfrrocbUvGj-jZ_qFIjxlbX_ikqLqX4jqiPclsRnwwa1FlZne0Q9J1RYrXVsncdievtWYSUq8w2dsr6TJfiKPXmlgkr9QjRNodVKTEyIKq6AzlIAYNrzqm6hjzgO_-AvcUUY6S0i2ejZU9vdXj8R7dZdry83uUHmeEUExxdAWyp6MtSbT3rWiicnEaHNn0r_JHQ3lRfgJNHAyPzSgslIB2puj8B-l8hWXJSumimSV-j0Kl8SUvUnhHo55dTqDgVMv-PoKOq8R_qvBjoA3YgV-FeL0mCiID7vwXmjIVqXNqsY2vtqw39d_8ThnmVnnbW8lXqiQU7VSDM08H3-Lv0Aixyt_jgTZG4KVO1REmaIPnrmMn2uyB_0ion21jt_1vfjJDKlGgAGy8th2lS9c-VfzRMmg24951K1jiTz7woAtIDrRFugArV7ZRjOu16agB9Uz2qmVn_I9sO9cv-2K0p12r0klDSfAgpqY3AU4kUsJ7QzfOw4tKrIlcWFMW4ngUCVNRlSRBKG95N3svWS3C3VVC67iNHzEm7CAPp_KfT7P62soVXUWj5VN_OLdbiaCyo_tOEfUtsnwNaei3qMZKU2MlAGGLR9jfLLkw3sIp3exilXbb7DI3Xjl2-sZ_oUz1Ofho003M-QV47TW-MTAP7rxu8ytukZfb4L7Hxl6gX9_Q52G4C_mi5tDMn2KkMsFV6Xt3k8FmVxGcgM4CO0bq5vibJKI5YVPso-yrhJfbBmklUv5zlMjOhEmGHC33Y5kWEm2QnCPe0tHbBzYJPuZZBhSRhpPBJr77dfFiTLXOLbQft-4-f_1SWqf6KhYq2A0ugPSSmpYEP49gGUk4_wml2djTjUc2jBCMB_Nn0siCysURRbTNV_adAIyr7pACjJkugK2e1v9z5ecKKuSlulb0cA1B5-a5_Kqi55Z2dk1Dbj227-bcggkx5wD8mqNPavo6psYNDEcseQjgeotRjW94Vx3Yx7LrBE0ii7w1V2NfnEkdYw3-5ZWpv-NZ5gO4-Mo7QT4OwDHCfoZf9T7kobaOPIuTXr2Qs7UxOOH-lXd8I_SiUORsqTqWCddWVf0Rd7PVaBaZ55HRiEYf8XCySZCryPs8-raQ9ySBqaNUWCNH3XIK3BEDEmtD4C0ElN8EBGdtw-Vay89m2hJjWls0lOw7nktQvUc_8eurVY_QiW4dbpt06mjpC5lCYfkGV4RBBcQmX1fT2qoce9syGDVoRdcW-2L_RFmPIn5DU7JNAJU64ABLJF3T3Pa4ZZxWW_JXDav2ZiI_SM4P8ak99wmmFkuH0Na00g_PTvvN5GM8ZU1HH-oU6L030N4kMHJ2_6xaZetMWJX8C9YNSzSXfj9OVN2wDJJDiOn4N1VPpTMwSiRWWyJHG7mV9PnYmzE6WPOvvAQiYxgZ6tYA8wOXaq3PkENQwDXO-BzxzetQoeGM5agwxb9h8qDkrsRpl7o_9KIg3-z-EF_ZiR1nfiYwIyPE-Of5Q7g7qHulc32Mf47VJvPI7RiXw8c3ju-YXQaY9IyoASQ-iBC3MhfOSgfDut-FW9qqOxAhNnGQKOwKECnTJAdHbGmPZz248geX6RiOcwsA1jXGa_kd0YWAy8qKHLyTiUE0SsaXYJOlZnTnNOauYH317oB2ZJIQRgJahdE4DB5nVg5Ydh66jmSQNp2GBUUmaidERnb90TmraoZUPljmxP8BL1iUTeqUEtZEfjF2jQjQ6Xu0awFBiIczMeBN0xf4BNyB9iZfCHo3ZRnt-MfoJp5oE3GhbNX10g6r7dkaEndzzWSOHsXikGQFe7OtdJvy7Dwn6QXGxbXSd8Pw8p88n80YF4eTzSse177sute4DYPo6Kjc9KGughKnD-9t8wnmjBc7JiOJPwLaYE_qwAFnTGs7KpvdTCDyF45Wo2HE19_DL3sdnsR7DoxfOtuISn3pdPNH324-uDkeYrCirJRXbI5we2o8LqMDGXv0Mcu0zNXZC-KyAiV_b3o0b6vTPJWA3xhKgMQY0x6NzzZzsExO5Jjg3f6h80R9pl3BVtJDMrslKQ0STTz5jJE6iJlfI2YUSBv7bQmi8pFXz7_Xzn91OM16W4C0r4Nf1yFVNAvPTwfk6PJUHWMLfE3WnaKEEeRMnb6jazPyYkLiScMGwgQVrnL6epo_uG5rz7mHPLdvR1ifJeWuYryujayKRC4nZ0Hyi7WOIpLO8kLJfSKbUOJlgeFV9eFC5_Y6ov-4bQATwlhtpH7rhboYZFXdSHJDSF76lZ4Y8kV5TwUZaao6_piBYBIhAkH6YIQpC-jOU-7NwzRErh1eo0KsLljKtezGQkj8jGp3yT6StChv_4_cDoToYnDhMVBNtpLKyefahfiOsS_C8qCKg3SG8UsLNkDm9d46SVb8x4laUP7CU81D1dUYprpeC2pfF91CgmX_pFz9HRBw0D2CPfquPxNcRLeO62IxqACjiVW28oq_q7hEVxAcizE0gHfSxLkGpFfSiQwRUJVXjpp-x4BIRes8iWVwTTbvgj__d6lLloxreulgavdOv4AikqGvTfZm63YVsTQ1ottbBqsciNuHFxyeATZr6LEf0Z7d2DIA5pZtPsEkkq9ZAoY4f-fIHsMMfGY6tKIu_HA&cid=CAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 3AB2
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4-tF-LB2v9PU2j964-wEUoTJCyBtZxx3VE-W8iy333V2-W_bCVoki0OwMM4cphjfNkd7Sm9wOcNra0Xz9ni6emtpEoet34w9RvAAnrr0t7k_LRSxhwVDeeIv902FwvdIh_uVOOv_QW1a-qzyldrv6Asgd3Q&cry=1&dbm_d=AKAmf-C4zA7ytAfKJQ9RQcEOlSFwUDPcUFUvqXH3Jdfy9nadF9lZL9vieaXzYwDrVCvPpPCe3Xgn3yKFSH3qOuAU3IOmupCfQT0yJUR53im6X2xIj_53Q0OwdGf3_-9S6nwW65qvM_cUUSdmJncmIEmMuI3VKeBXJD1cZ3BhNHbvKL8ThoCEKxacEy0AmFw3PF5sT-H0OWSdxANyRSGvtYyF2y0571vmPMP5BPk9vxBm8KynTV807zCLlBJNq5-LfhVpecr22m03B9CnTiN_cr-NGy7zg0rW_xxQEKsxd1vEWY3RHKZ3GjobM3JrDZNTRFWdqXye8tyhyod7uNBYFEGz5b0X2reX9cbSluI9xPICo1Nyd9djJZct-FkHKWUxEIV24Sr9hu9Yh7fol1dfeYW-7k2PHJY8_xq49AGiUnbiaz0HG2tNvr-xJfX6jvhRdk-yrz32nnjxcde6ZskC2zclrmSz5It_jYdl9bhmS79P3HjGEb2lo-isA9QXKdQ2Zg-kAzgeg4KmB532kWUvHXTOAp6raNNgxxzaFwEr1hGtsDeWDwbiteQ8en_B2fmioJeqzYKdZSvGFJgqemQrtH3HM5RqGlY35na4eLobLqmp-yk_ZuID1Yry2k7-zmGIYVMt6Spkhx-HLgfAuCm46IJFVfQl_bjrSmzmdQDNyrwmGtZMkDks7BFswx7Lv8_rAp62ntE-_zrKNpQUK-gqsbpIpltBozMBjT3zOgwnELNktOc4Nb9tUuuFqCYUKohRGyrEVA6ir3LBljZyJeeNPz1-9ULT2d36nUYjJ8Ez3EYcMBcyDuJvNyGh7wt-ngVawATGWBhkZU2o5OXDYFcHO8YyaDUg6EPp34ZftUw51ciBilUGnTdkB0XXcne5kEsnOnd4wXdtERqll0IwlCX_Wtt8WvuVa3oEm46s-pdlakXkGZ--mNEla07bzVEaaPj3dT3Df_LNdOVS3WWGHUFeuOcFP6y8vgzMxP6orzT5xrTWgh_2Pv4X3kES7wvTrEcukY4SUsQRoym0L56KqdHHkdvW6KYltfa2ispYveEPpJKINjjBhAn_xgu2MHIDl8tVue9OL0c28sdx2nAtUeE00CiD1MkJIC5Abl5DNidXh3RL_gE_8mTO09BnwpDkgPGawsSOOjzrZ_p6xqKx9hZW1le8GjD7s__hlM5b6aTpwhiwvgLUCczNYPQrFCvAw0iHHcfnwSUamJiWElrCAyhyDIy3042IW_F8rpHvHRaPKfMclS8MpbJ_irJydGVC0CeGTdOZ9b8g1-8gTDub3DsquXBi7Td2R-SkjLlO3jFgNvhEc_iTG6LEidGgm6hMEPAXHLOfjuxyjFTr7N4nR1TQTA3DDdfzo5EIKwhXzDMZczbxJMT-yCThVl18Dys01Y4bUsBDvkiOK7V_A8SwGRMnBaj1TQ0fTt9shB-2dsZxSmu6QznIJ0Byv5RFGuje1XgyNX4sgoeBtwAlD17wa22n62egBpMDtc52wYItZhWFREJ-mMop5c7Qugl9Qr4E1wOuSm0QHE_D9X64JBocqhN01Xf7MmDejWhfYjnu4EndAShZxAM1hntLLurSSpkgVrW2ewT-Qx7jO4vVCKwsSG1BBOfBD2RPPHNu5um3UiP5lVDM1lcLNzdqqEHme4psRsSnfeHsSXn0OvTFuyfRl2H8a_QzJTeCufa28zSL8rYQgIa3vJzmjcp2bX-7TAIdXyMJNq3_uJxHpABfaktkhm2V7w2IqbrAbj8vzyy5l3RLU0JKik1TRXsFSymSCLWsYVbsV48UaCno1jCghf-6oebJMR-5P4hondSHFBqYxFLxm5oZ8xYD1FL5OyobFI7RkWNLNvRQqbJaAtrhCtlqZ7RD_dxLG94UFDwbLYm5xZeBOAMprtmGBZMrB2XWlXHRwSszGUjH7pSpfR5mw7LUsajd1U9GUAgplOi9meL7yoN99Rv_LZhc_eoP7TXZEMTY5dnVU11X2RNVItHtWGGkkVFGnWuuI-PrBlgiTvjaAyKju0MM4F2Z2_D1i6tNfCQXobPX-wq-JUJ0kZuXgKxiRqRd-0tJrUpT4RgICt5cHeoFxFAbwn2IoqgDZM19pJzOVaGPFhqV6ZgNN710BtEBenFMGQg_Xmtji41D196tdFnmdZqV94vcC_LOHiCRRUmfGL5l5gbRw-NkvZQ5EQvTB2YI5fjgWq2HVyLTZvmne0lwo2hNOdC4KuT7hPbTwiypttaZicCZgFIxetSqubBKk29KUDH1rT63685KGKtwb8aP3pRgjoiO-NW-l06AKNqHEdJ_uZrpyk5BYd1xXAvhU8BeX1yq5wP5auegdOg1f4JQY1GUWh-YnKHx5adtUXvD35i22wjs9BX7arza1rO3H8-JzRULW90-tMgmMRROaNL2xDUJnmcSYYFUwyRow7jBJRZmvkB02pckmJ-A1Q6bc1_5aadcOCLXKbeZNGX9XZRVThxCKmfyDQF5ad2JChyQKIZQsImQz8FqEDdMfwtCirwvstiXTw3uzyEP-V7_jIlhl-PtskzYpN7S6kFAH1pJ68GR6O0z1Dw3Y9ABU4OQ1amNG6tmZSQW608oBNv3jEoUJvBoLDqs4lK11QeIfM2JwExc6Vaj1HK4De052I2K3tObIa4-HPU9IEYA1KrGZ-fxG2iC744IiUp71r036k9z2c8V-d7bni82mW09IqisDsuVSg5TddfbWS759LPnR9l33xYy7af_XKSBMfM_OVmFU_7TbVeBoMNoVQEPui35ILv6u6k8cWArMnb-DM4iQ4mGKWvglOs2FBh9JVFU9Nt1AnlJb9V419-8J6Aw3O-rt02ILQNbD8i5rvxCtqZ1d-Tu3eG8pHD6tCWHj2j9nC4sp6yPUSbfJliUwbGmbmCWXWRdIvwhMGVxun7fQN4LVVHAvMu9HbUbYmV6CQ6VkZ_x7E4t12VqSa9f0X0-VOH2vhcbmJIZL3tPodGD8HZiBpkEIA5GRn4UegEib2E6ZHQNGxUKaWD5KUhqRObcQRHFo-sHsFKcXiRoKqGC2ThHG3K6rLYkDueShkWJM70dYdqY6WNg-ujiSHpSCW6MN4K1mjBcDTTGaFd0BMmLOYcZBoQYubrEBbXkJz47aVCA56Pk_SGMNtZhAnKTj00CWicXDEuBNuez68vz9vYy0lB1oSZaSuiHc7x-4MwC436OOB0zCgJU2btXHEHoVUfg4_0ZDH9m2kymoyzmFmLc2CoQ6-jMv-epYIF37_TNQWFxysDvBrk4aeAJs6h5SvChIpFfclkzWtxhQD7YYeOoHw&cid=CAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3AB2
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4-tF-LB2v9PU2j964-wEUoTJCyBtZxx3VE-W8iy333V2-W_bCVoki0OwMM4cphjfNkd7Sm9wOcNra0Xz9ni6emtpEoet34w9RvAAnrr0t7k_LRSxhwVDeeIv902FwvdIh_uVOOv_QW1a-qzyldrv6Asgd3Q&cry=1&dbm_d=AKAmf-C4zA7ytAfKJQ9RQcEOlSFwUDPcUFUvqXH3Jdfy9nadF9lZL9vieaXzYwDrVCvPpPCe3Xgn3yKFSH3qOuAU3IOmupCfQT0yJUR53im6X2xIj_53Q0OwdGf3_-9S6nwW65qvM_cUUSdmJncmIEmMuI3VKeBXJD1cZ3BhNHbvKL8ThoCEKxacEy0AmFw3PF5sT-H0OWSdxANyRSGvtYyF2y0571vmPMP5BPk9vxBm8KynTV807zCLlBJNq5-LfhVpecr22m03B9CnTiN_cr-NGy7zg0rW_xxQEKsxd1vEWY3RHKZ3GjobM3JrDZNTRFWdqXye8tyhyod7uNBYFEGz5b0X2reX9cbSluI9xPICo1Nyd9djJZct-FkHKWUxEIV24Sr9hu9Yh7fol1dfeYW-7k2PHJY8_xq49AGiUnbiaz0HG2tNvr-xJfX6jvhRdk-yrz32nnjxcde6ZskC2zclrmSz5It_jYdl9bhmS79P3HjGEb2lo-isA9QXKdQ2Zg-kAzgeg4KmB532kWUvHXTOAp6raNNgxxzaFwEr1hGtsDeWDwbiteQ8en_B2fmioJeqzYKdZSvGFJgqemQrtH3HM5RqGlY35na4eLobLqmp-yk_ZuID1Yry2k7-zmGIYVMt6Spkhx-HLgfAuCm46IJFVfQl_bjrSmzmdQDNyrwmGtZMkDks7BFswx7Lv8_rAp62ntE-_zrKNpQUK-gqsbpIpltBozMBjT3zOgwnELNktOc4Nb9tUuuFqCYUKohRGyrEVA6ir3LBljZyJeeNPz1-9ULT2d36nUYjJ8Ez3EYcMBcyDuJvNyGh7wt-ngVawATGWBhkZU2o5OXDYFcHO8YyaDUg6EPp34ZftUw51ciBilUGnTdkB0XXcne5kEsnOnd4wXdtERqll0IwlCX_Wtt8WvuVa3oEm46s-pdlakXkGZ--mNEla07bzVEaaPj3dT3Df_LNdOVS3WWGHUFeuOcFP6y8vgzMxP6orzT5xrTWgh_2Pv4X3kES7wvTrEcukY4SUsQRoym0L56KqdHHkdvW6KYltfa2ispYveEPpJKINjjBhAn_xgu2MHIDl8tVue9OL0c28sdx2nAtUeE00CiD1MkJIC5Abl5DNidXh3RL_gE_8mTO09BnwpDkgPGawsSOOjzrZ_p6xqKx9hZW1le8GjD7s__hlM5b6aTpwhiwvgLUCczNYPQrFCvAw0iHHcfnwSUamJiWElrCAyhyDIy3042IW_F8rpHvHRaPKfMclS8MpbJ_irJydGVC0CeGTdOZ9b8g1-8gTDub3DsquXBi7Td2R-SkjLlO3jFgNvhEc_iTG6LEidGgm6hMEPAXHLOfjuxyjFTr7N4nR1TQTA3DDdfzo5EIKwhXzDMZczbxJMT-yCThVl18Dys01Y4bUsBDvkiOK7V_A8SwGRMnBaj1TQ0fTt9shB-2dsZxSmu6QznIJ0Byv5RFGuje1XgyNX4sgoeBtwAlD17wa22n62egBpMDtc52wYItZhWFREJ-mMop5c7Qugl9Qr4E1wOuSm0QHE_D9X64JBocqhN01Xf7MmDejWhfYjnu4EndAShZxAM1hntLLurSSpkgVrW2ewT-Qx7jO4vVCKwsSG1BBOfBD2RPPHNu5um3UiP5lVDM1lcLNzdqqEHme4psRsSnfeHsSXn0OvTFuyfRl2H8a_QzJTeCufa28zSL8rYQgIa3vJzmjcp2bX-7TAIdXyMJNq3_uJxHpABfaktkhm2V7w2IqbrAbj8vzyy5l3RLU0JKik1TRXsFSymSCLWsYVbsV48UaCno1jCghf-6oebJMR-5P4hondSHFBqYxFLxm5oZ8xYD1FL5OyobFI7RkWNLNvRQqbJaAtrhCtlqZ7RD_dxLG94UFDwbLYm5xZeBOAMprtmGBZMrB2XWlXHRwSszGUjH7pSpfR5mw7LUsajd1U9GUAgplOi9meL7yoN99Rv_LZhc_eoP7TXZEMTY5dnVU11X2RNVItHtWGGkkVFGnWuuI-PrBlgiTvjaAyKju0MM4F2Z2_D1i6tNfCQXobPX-wq-JUJ0kZuXgKxiRqRd-0tJrUpT4RgICt5cHeoFxFAbwn2IoqgDZM19pJzOVaGPFhqV6ZgNN710BtEBenFMGQg_Xmtji41D196tdFnmdZqV94vcC_LOHiCRRUmfGL5l5gbRw-NkvZQ5EQvTB2YI5fjgWq2HVyLTZvmne0lwo2hNOdC4KuT7hPbTwiypttaZicCZgFIxetSqubBKk29KUDH1rT63685KGKtwb8aP3pRgjoiO-NW-l06AKNqHEdJ_uZrpyk5BYd1xXAvhU8BeX1yq5wP5auegdOg1f4JQY1GUWh-YnKHx5adtUXvD35i22wjs9BX7arza1rO3H8-JzRULW90-tMgmMRROaNL2xDUJnmcSYYFUwyRow7jBJRZmvkB02pckmJ-A1Q6bc1_5aadcOCLXKbeZNGX9XZRVThxCKmfyDQF5ad2JChyQKIZQsImQz8FqEDdMfwtCirwvstiXTw3uzyEP-V7_jIlhl-PtskzYpN7S6kFAH1pJ68GR6O0z1Dw3Y9ABU4OQ1amNG6tmZSQW608oBNv3jEoUJvBoLDqs4lK11QeIfM2JwExc6Vaj1HK4De052I2K3tObIa4-HPU9IEYA1KrGZ-fxG2iC744IiUp71r036k9z2c8V-d7bni82mW09IqisDsuVSg5TddfbWS759LPnR9l33xYy7af_XKSBMfM_OVmFU_7TbVeBoMNoVQEPui35ILv6u6k8cWArMnb-DM4iQ4mGKWvglOs2FBh9JVFU9Nt1AnlJb9V419-8J6Aw3O-rt02ILQNbD8i5rvxCtqZ1d-Tu3eG8pHD6tCWHj2j9nC4sp6yPUSbfJliUwbGmbmCWXWRdIvwhMGVxun7fQN4LVVHAvMu9HbUbYmV6CQ6VkZ_x7E4t12VqSa9f0X0-VOH2vhcbmJIZL3tPodGD8HZiBpkEIA5GRn4UegEib2E6ZHQNGxUKaWD5KUhqRObcQRHFo-sHsFKcXiRoKqGC2ThHG3K6rLYkDueShkWJM70dYdqY6WNg-ujiSHpSCW6MN4K1mjBcDTTGaFd0BMmLOYcZBoQYubrEBbXkJz47aVCA56Pk_SGMNtZhAnKTj00CWicXDEuBNuez68vz9vYy0lB1oSZaSuiHc7x-4MwC436OOB0zCgJU2btXHEHoVUfg4_0ZDH9m2kymoyzmFmLc2CoQ6-jMv-epYIF37_TNQWFxysDvBrk4aeAJs6h5SvChIpFfclkzWtxhQD7YYeOoHw&cid=CAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame E5DF
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChXfM0o2JglmzGWKcKIoZLPxS70mbtlEUlt2CJpzuFolpuNctSj8xNv7ZnEUZJroSyGdpjwDJcvEW1im-quDTCf5k6M4zuIJmJYyuPrliphQ-NdBqFzaH7jd-OEQ4PbR3lOJQxRRoGokFtjE9WIULNqGKo7Q&cry=1&dbm_d=AKAmf-AjJ5IbX_tXIaqEYcbABiauREgFEubSlu3fAoh-Ne7FPM6IZvCDA2uBdW6F9EJCxm8xZkNXq7GvlxpE_fpnnZ1j9hdhIzn4O3_vciPK11VDsQ7NL2vWT8ZMnqE_RkqYjWEg4CZtTzgKlE35iEYaONZX7qfcanihh6_rVmw1jy0NduHjMvuzfornX9PZ6K2jrQqgZy9RHu1WZLO9MnPv0Bijnv5naPDNWpOID0g0lIDNwRBtEK9L2-MEdoJLfhw0ShjRI9OptyX_zyesAiaJ_2WuF83o4Q8zSqpJ6d7nFuNFTE-12Gm__qQUyl9azw4Ar19dj8ig4A6tfDtrISotPyKHVKB9q96AIDowoOsA_s3kwL66vx_se6ZW4ZlUe86s_VLgSMV_Rh3cevyMsAzQARp9CdxWMfGAbtEqIwO4tv6Eao74yPt94VteRloIlXR0yLiv_WCdPPi46cZ6wDDnbgjk3W7IhwyNiGpbMQ-XeYOBhagocNdPrL7GkTBs3eesyNemJ3XVW3dRjgmJJMhNlBs51vkiV9tvYk3YEycVKVs14ila69koLfS4nIA6Wfc-2hPbPp9eIzFSNvrm1qgYcxdWGTqDzXZIb-qCnYbQGYsbJ1bHxb7ttmUP4vixnVRTVebRoycNMXMEdXtAESJCTbcXtzE8LnYOBZnacjUlfexoMETqF_Ly0PIXXisndTv3yrcY9ywhWe8XWrpze09TO3TapLFu1blfdkEbcZ_0Rp2fFB7nv2tIXs11jQ2QgFp5C3Gr3_AokEz6euCV6Z11XyXQzTVuPWRtyDb1VkK6101NnNpTKFRmyCAnvs-Ri6mhQ8JA6kxRZcUTulFqW6Jp4PA4H4Li8SjfPOEJ7yj9CuF5piodvousNky_5bJduxr6xv1rkN6dtopD3hHHOYBZ8F1hQFFAVcM-Ume0ED4dqHBIBkC0BTsEJIf5Ix15drKc5AB0UoRKRtCiuCSK6XmY5yxTb8pH60imB_eiBCCCzuWNnZ7gZhJpBuGz-NZShRxrS6T5nlwKr_c_TW-W80mO8_9LmxAUAze_Zs-UOF9blRya5YntfEI8kmmYL3caLlarsCkHahTWtSpLTfjucaECigosrhgyFZ2fNOBvKAsBYwUv1xApMhVHwOpuXwXYj1nFS1nRc3jIAiOKhfW3vhOdFOA4_LugIQaDUfcvi9H0DKgGXTKsM61IMcFlpcXb0GwtW0IgJxKIPivsG8GYwZgZUUFUXtCtt79biAQVSjfH_Uk5qP1jEbAp2P1_p7SAfp1tp-dzYLW6GEpTzny2HTfvseuDwqVDTsTQcQmdbFrPlp4Hg2AHYVtUaCZEdteKjjSZPaDwWK1yeBqL7sAaYN7cDHg-HaQNh-Lzkx1byPjhG8no8FIo3qtvL6_hW00aiKm8PHfrW3J3RGbDA31plg76f4rL_bDSMgoZVGqynJtXJmNlxucv9cL4AGiJ9yUdf0AX-JkDIiJXkPRbQTuvm18SgedAkThmHf5dd0qqwQ5ZzMCedr8IFo-iEB3yBjkLTdY6n9EPqU2GEbNWTp-2PPpSRUNOPCVc7yDA1fMsaGrF-baF9Qq1bRObpl3gazNoCIiTgpDxCUzltlkTTOejrHFwqBeFwoIMNT8JEEV_Cw1yuiMYhNs2QIK-pDaqS4JyRsmERYvJo5l2MK2yaaqB5gEb3-CZwkopapxFBmu2IG1SYGZLiYE1VF6H9iwzojh2oQrdsjFILFsdOEMFSGEtc4jXGjbGU827ZnSvOYekgAoSoMc2F2weDQPv7Nmio09fWdeQSyRjWVk-_Dr9L6N3AxuXnvnpPCz1wSdLMaX-fsE2xCtT5HeKP9GYL8RgyGRortmGg78DqPdn3R7hF58MMwqZF5OpBEcDREtSxEfqVFB_yGnPLzp_HSpLzRerAnBd9xh4ecpfg13MCXH9ZE2Eu9bQzs8iFY7RrzJJcZ622H5MUHQLHN3gDMwwoQ7sTlmzfSB46eFl46vT8jIZoDFGm9_6QHBI_yPgfASAJfq6MfbKBD3VX3X4nCeiUTqE-qu08Zxs97SiYgfJ1gQxnx9VnbBmQ0_wG3HTxsnCyCN2XQU7W_WIHBNupqNbUHgnqHuOSzRRd4-QXLzZlGyCZAyRiXKUGkd-NeBtds8qPyQIe4Q_55d7NxgJJrECcRtIkqpsSuO_yciPwrZtenMAegBx45gvUk1F4PKHZj4OJaUv7aGcOHM-oXeJCdb-g9XQN-rBZ07oOdIhePtcty6jG3YJI3mqkActKwIzxfTJzFyvqEKvvEmQB505DZAT2iGoXqgJfn8wR_o_scl3za0GE1M7mugOznzF_Z19kstBLHdTP24CfPAMNmcJw4xQSmlIeJEa5n02HUbAhw8pxZZJ6wC7deDd1Zap859I0SV1q6OnxLiJYbgT4Z1FOUsNtHgtyC2D0VjBbYXHkTCakQ6bfJqxdXTCYqplzou6Z4yNfdlkPMPbraafTWU2WRRnqUuONOu_-Yqb22rLlZb0ev10o6-6_ENxibH72d3EUh4iOHHXeAlGISvqOp2zhc5BbZK8OGpRuCA33C21kAb8clDpwaBWErQVa8iURK2z2-I8mX_NHHN6gMvvXgwsfKIuvWNx0eCMq0epyb3GnsHgPlP97ruUfg7XZqFvIsdi7g5TMZgysEb-N5LUl7qFB-opXfSPGRC4dmZQTGk9lKGPtxWs8kcXtI23mhZfsjnisvtDD3QzZ3TE-5ff6yV0JGXxImpHsbdtePOxtAweFcSjscEsu9zhjMFEhhq2g8X7nE-PAYCv1wvsCr9rVOzJaSHTR4F1uTs8ithV3ZQZOM8NtM7xawDOfP4K0HmMShYGh4-6dky0bv17bUuaoclQvbARAE9a6o6TknWLP_ZDqg73nkdeiFZODwj79dLpzdTSG_l53OGeDYRVBnr_Rw1a7cZHXr3oifxrWFGP8LkbAf0a-s5-pUpgq6XqZcQCnRlYzwfa52o3TxNuu1DZ90khskcLVLNzj8oOpEG5stKK7nOxUiDTA9l1Qc7mNcMNIsk9X1N7HRFZqTwmDRNe202E5Cot2G7G0gZXSx5wDaSBuA6LwVj1o_VloydVTEtB5HUYzeqXVM5MaCb5BsuKskrigjyJpf-3lghW0t2T74Qvat3XQT3oyb2FbuqKfZ49RP-6tglKJFGjUSnYnl_8eqnl4BA3HtsdmJLZfzbtFMzhEZ0dhUrHe_2XDfBRtWyqdtkxx1pUhc85zL7XygUOJFHE9sGV1ebu8ADPZEnWZUGMGJUOpoLCXOeg0jRQg93oTrvMcQ&cid=CAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E5DF
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChXfM0o2JglmzGWKcKIoZLPxS70mbtlEUlt2CJpzuFolpuNctSj8xNv7ZnEUZJroSyGdpjwDJcvEW1im-quDTCf5k6M4zuIJmJYyuPrliphQ-NdBqFzaH7jd-OEQ4PbR3lOJQxRRoGokFtjE9WIULNqGKo7Q&cry=1&dbm_d=AKAmf-AjJ5IbX_tXIaqEYcbABiauREgFEubSlu3fAoh-Ne7FPM6IZvCDA2uBdW6F9EJCxm8xZkNXq7GvlxpE_fpnnZ1j9hdhIzn4O3_vciPK11VDsQ7NL2vWT8ZMnqE_RkqYjWEg4CZtTzgKlE35iEYaONZX7qfcanihh6_rVmw1jy0NduHjMvuzfornX9PZ6K2jrQqgZy9RHu1WZLO9MnPv0Bijnv5naPDNWpOID0g0lIDNwRBtEK9L2-MEdoJLfhw0ShjRI9OptyX_zyesAiaJ_2WuF83o4Q8zSqpJ6d7nFuNFTE-12Gm__qQUyl9azw4Ar19dj8ig4A6tfDtrISotPyKHVKB9q96AIDowoOsA_s3kwL66vx_se6ZW4ZlUe86s_VLgSMV_Rh3cevyMsAzQARp9CdxWMfGAbtEqIwO4tv6Eao74yPt94VteRloIlXR0yLiv_WCdPPi46cZ6wDDnbgjk3W7IhwyNiGpbMQ-XeYOBhagocNdPrL7GkTBs3eesyNemJ3XVW3dRjgmJJMhNlBs51vkiV9tvYk3YEycVKVs14ila69koLfS4nIA6Wfc-2hPbPp9eIzFSNvrm1qgYcxdWGTqDzXZIb-qCnYbQGYsbJ1bHxb7ttmUP4vixnVRTVebRoycNMXMEdXtAESJCTbcXtzE8LnYOBZnacjUlfexoMETqF_Ly0PIXXisndTv3yrcY9ywhWe8XWrpze09TO3TapLFu1blfdkEbcZ_0Rp2fFB7nv2tIXs11jQ2QgFp5C3Gr3_AokEz6euCV6Z11XyXQzTVuPWRtyDb1VkK6101NnNpTKFRmyCAnvs-Ri6mhQ8JA6kxRZcUTulFqW6Jp4PA4H4Li8SjfPOEJ7yj9CuF5piodvousNky_5bJduxr6xv1rkN6dtopD3hHHOYBZ8F1hQFFAVcM-Ume0ED4dqHBIBkC0BTsEJIf5Ix15drKc5AB0UoRKRtCiuCSK6XmY5yxTb8pH60imB_eiBCCCzuWNnZ7gZhJpBuGz-NZShRxrS6T5nlwKr_c_TW-W80mO8_9LmxAUAze_Zs-UOF9blRya5YntfEI8kmmYL3caLlarsCkHahTWtSpLTfjucaECigosrhgyFZ2fNOBvKAsBYwUv1xApMhVHwOpuXwXYj1nFS1nRc3jIAiOKhfW3vhOdFOA4_LugIQaDUfcvi9H0DKgGXTKsM61IMcFlpcXb0GwtW0IgJxKIPivsG8GYwZgZUUFUXtCtt79biAQVSjfH_Uk5qP1jEbAp2P1_p7SAfp1tp-dzYLW6GEpTzny2HTfvseuDwqVDTsTQcQmdbFrPlp4Hg2AHYVtUaCZEdteKjjSZPaDwWK1yeBqL7sAaYN7cDHg-HaQNh-Lzkx1byPjhG8no8FIo3qtvL6_hW00aiKm8PHfrW3J3RGbDA31plg76f4rL_bDSMgoZVGqynJtXJmNlxucv9cL4AGiJ9yUdf0AX-JkDIiJXkPRbQTuvm18SgedAkThmHf5dd0qqwQ5ZzMCedr8IFo-iEB3yBjkLTdY6n9EPqU2GEbNWTp-2PPpSRUNOPCVc7yDA1fMsaGrF-baF9Qq1bRObpl3gazNoCIiTgpDxCUzltlkTTOejrHFwqBeFwoIMNT8JEEV_Cw1yuiMYhNs2QIK-pDaqS4JyRsmERYvJo5l2MK2yaaqB5gEb3-CZwkopapxFBmu2IG1SYGZLiYE1VF6H9iwzojh2oQrdsjFILFsdOEMFSGEtc4jXGjbGU827ZnSvOYekgAoSoMc2F2weDQPv7Nmio09fWdeQSyRjWVk-_Dr9L6N3AxuXnvnpPCz1wSdLMaX-fsE2xCtT5HeKP9GYL8RgyGRortmGg78DqPdn3R7hF58MMwqZF5OpBEcDREtSxEfqVFB_yGnPLzp_HSpLzRerAnBd9xh4ecpfg13MCXH9ZE2Eu9bQzs8iFY7RrzJJcZ622H5MUHQLHN3gDMwwoQ7sTlmzfSB46eFl46vT8jIZoDFGm9_6QHBI_yPgfASAJfq6MfbKBD3VX3X4nCeiUTqE-qu08Zxs97SiYgfJ1gQxnx9VnbBmQ0_wG3HTxsnCyCN2XQU7W_WIHBNupqNbUHgnqHuOSzRRd4-QXLzZlGyCZAyRiXKUGkd-NeBtds8qPyQIe4Q_55d7NxgJJrECcRtIkqpsSuO_yciPwrZtenMAegBx45gvUk1F4PKHZj4OJaUv7aGcOHM-oXeJCdb-g9XQN-rBZ07oOdIhePtcty6jG3YJI3mqkActKwIzxfTJzFyvqEKvvEmQB505DZAT2iGoXqgJfn8wR_o_scl3za0GE1M7mugOznzF_Z19kstBLHdTP24CfPAMNmcJw4xQSmlIeJEa5n02HUbAhw8pxZZJ6wC7deDd1Zap859I0SV1q6OnxLiJYbgT4Z1FOUsNtHgtyC2D0VjBbYXHkTCakQ6bfJqxdXTCYqplzou6Z4yNfdlkPMPbraafTWU2WRRnqUuONOu_-Yqb22rLlZb0ev10o6-6_ENxibH72d3EUh4iOHHXeAlGISvqOp2zhc5BbZK8OGpRuCA33C21kAb8clDpwaBWErQVa8iURK2z2-I8mX_NHHN6gMvvXgwsfKIuvWNx0eCMq0epyb3GnsHgPlP97ruUfg7XZqFvIsdi7g5TMZgysEb-N5LUl7qFB-opXfSPGRC4dmZQTGk9lKGPtxWs8kcXtI23mhZfsjnisvtDD3QzZ3TE-5ff6yV0JGXxImpHsbdtePOxtAweFcSjscEsu9zhjMFEhhq2g8X7nE-PAYCv1wvsCr9rVOzJaSHTR4F1uTs8ithV3ZQZOM8NtM7xawDOfP4K0HmMShYGh4-6dky0bv17bUuaoclQvbARAE9a6o6TknWLP_ZDqg73nkdeiFZODwj79dLpzdTSG_l53OGeDYRVBnr_Rw1a7cZHXr3oifxrWFGP8LkbAf0a-s5-pUpgq6XqZcQCnRlYzwfa52o3TxNuu1DZ90khskcLVLNzj8oOpEG5stKK7nOxUiDTA9l1Qc7mNcMNIsk9X1N7HRFZqTwmDRNe202E5Cot2G7G0gZXSx5wDaSBuA6LwVj1o_VloydVTEtB5HUYzeqXVM5MaCb5BsuKskrigjyJpf-3lghW0t2T74Qvat3XQT3oyb2FbuqKfZ49RP-6tglKJFGjUSnYnl_8eqnl4BA3HtsdmJLZfzbtFMzhEZ0dhUrHe_2XDfBRtWyqdtkxx1pUhc85zL7XygUOJFHE9sGV1ebu8ADPZEnWZUGMGJUOpoLCXOeg0jRQg93oTrvMcQ&cid=CAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 2782
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzR-LHdlFxtgD2yYh0W1uykoXqmU9AckuYDm7ltondTBau5aDxdO3uQKxEUyqCZJOcm2l3KXU_as0MWokgmlZxkKGuWcv4gkwQbkVgsUaIfrSmK_2WDRwxRyo7Nw8gcd19ktWzyHSylYcsnrl2aAzd6I-mWA&cry=1&dbm_d=AKAmf-CHKAD4SWZ7AhD6zzEKt9jdsXhr7iphix_fqhT11dVPwcTfzuddMUmzEwqQE60fhmm8XpZCZ2Brx3_GWs_rYzbicDx7Wz-MKALdqnSbiEy2USVuFtlnwDFdFa7ICwnNWb8PEJNlVrq9aRWNWBkgQt6AbSEEySgEi2_e5UE1Y7_h4-BJWwt9O8bt4Rrwj9BmxtaS3tpb5kuFCmf4z6v8Mz3lgu6U7yCWdmEigxVwAmixJlzlg7YghiBC0qaEIDz5HqTwcpYJFVuWn6jRTAygHAcwYHIxHgMrz4cuT-ksUu49XDeMUWikMORReLJOd5Vk_g8i_Cs_TBaXPyXdFVn-xBbSzdnioUFUvwlsBhSiCD9QSp7QXqosvb_VkDVFC4xm_XB_-ddzJS_lHY1OvHDH1iBTyW2YuFqgWxa7OS-2cLEmnYchuTNQjp2nx1v6-1LPxkHDQ0zfpQT1cY4fmRqT1lFgzMEKHU8RN2TuhLY_jKBax9AD3HxXs7gKLnugFYYuy9lF03l6C_6URjquUFgG-vBeeierQ5ZJXiT-4iVXCGqKwV4uLt3Pf9lDwJ5274s1McDzmQl5Huj-kWFsgqhnxamSXClMNV74LcA6peHtaf9Ti3nPWV0cjiYSZalmOUEPWMjklayxUOX5pslLqNzVMLF89c-UafE6OZTJTqK1HFaX_0P2r7tZVVN2eR4PmRae-xtxfl8iuuJqeMUuh765DFAnyDPqrW8qw4BRB4aqxCzvVT9kHymVN9H2NzpwSy8DHc-cvw4tC4A5Rfht6sbc_2fHBsaExJGfe88lWs-g0McM9wWJ3Je7cD5oKqT17rtQtejnOQH2Mn68o3tm-1ZvX-YIDlhgjZDAvVqrnOfR0eDhjUfubPEt2IBdq4Yz1BZR7QaPkAqo6EO7o3fXtYRJq66lTdSXwztBcwcpEQR6QsyYacyjpdiSZ1uoeySLXu_BmtjptTX0OnKsjACfkNTJGZHFO6rtbkUj_zWdIUdo0R80Pke4nH4IpGMXlmZ_rcq62Rx9L1RXRII6prh-oWSxXG2WDdHRYG07CBS3Aqvy3hEn2z-3OSGBjppA4Y1okCBleFDALJUKJH_ElW0hhjx7eeeZRGf9g7h8VnVbf3n5ldlCGY05XmALmZnQ7ez4p-dz_uDY5c24h8Px8VpvuuBz-fUCOEutLiSSpk4fJkrhD_RAICSORJVtU-Q0u22sG9jOZ0isLX1ehDVFCSTpASW_18sKt0TWx8ppnZHCXJKwYNZxbLCLAlN_eVLHi1sV_oFeaqxvyDjl-h_VA47mEB7CCouW4_M-S30LE7Wt1MJhGD9HAMTYx5VocgqErsAyiURJJCvEiu8B981AFGmNd3VOesopQWeQIcmCbQ7hx6YYLovwW4K2XcQPvfzKJb8YClt9D9n2nu45jQJ6nIwNiQolGHPX31VL8D_FPfyoUe9ZBNsUdOZuZmKTUVnwy1Ghr2iGFmbqRgdr44rMBXRt7l5jT__xHx-ge5LBi8SbBQRgTFC-Udme5Z2rds_DLKKie1lVjgXDP8hP6y2lP_TRUW3P31dlBwbsSE8qQwhZp6PzOKE0kcT7byWvgk9rbtp_2pzsoZTbGja-0nAuq6isysZ_CtnrDhy_Qi7nvBYw0KJfKL8MaVnGysSHNdvoaG0BOe_OIix6GU87JlN1CEuM1SZ68dWLW_r6T5zKuuBWy7KSVPlAQRMqT6wOXucjq9xo9rDLWWWzNXIelM5q8iftJJKTCEzn4prqLytTKfvYCkCbHoH6bHI6mBvhT576SNg72y_wb_Zn7wvn8v48XJO9aL1QWAgXN-pzYIRT23gDZSbMhQsdkK1pY2LPB2VcJWNbNf-baqDK1AMZ90ZUd0F2w-Yqk_jcQJ_wYZJsOGU1WFJFlfD0C8gQvaytxMsO7yk8kvohxoMc0pu8b63RY9OkmbJn4iE3BjpIh5vnIp05gD6e8ybWGAPUPLImIOdu6SKuLngA2y3G2iXvLpkdctBthSzAdWvggarkOltFSwLU4PcfpNWdnHjoX3_UKBOsnUE4VgyBgxT_0XncqVn0mMKjQJHHtChRBMA5CGwTIPm3UsHaDwCE_I8UUf4a6jQb8lv3E4OjRvd9xQeJKQqnprze_WGCto_W3QTRs25RbR3r4QyA_hFdLn6so0sHET5guanOeSXpEbfXeHkxCPQPJbJW0lGQ_5aV9SS5UJ8F8qrimf45_T6PqEHJJ8n30KCSnGQpJmKytPIrhV-BPfByCqD6PkwwJ0fHuO6F8WtT_1sX8PhHV9Xmsi59HCGAUqFUIsmwoDVykKNRYaUp7QZ8upPxgp4b7zpkEtkf74XCt5FV1XzzVfsWGTsWgu0_Jb3mvutHvi03xQSRdDvnWTWyqWH5Lg2oUcbdtcI_qQITqI5U4NhRZj6LPcdbxwdowzDJODe-_XOLrJV9mPi28dKW4ioPXbHcP0gJt0RbhnGwtGtbD-QNY6_ubGbGbbg1NbUgROljCKrBkwVLhCyLIjtTNoIAj_P8VSJTRW3jIG8wt-3abxOeq-QLkkYLSzyLXG5Tq3V2S6PUjy4M1U610DZg5Pw48uRNB3DqFr1m0l1UbvV-ClH18iCRiSJy1562z121yApONu5oppfBmW1EAUzTQZQXHbSII7jo4P05uAhoW7GAgD-1Rm74-rkIk3a9K7fYTYkIqWFN4liRBEjvDPi-CY0cb6EePs3z6nUwX4X0z52NZ_UCd5L6lHzNdJCk7UsRLbB86MapRJg-ARyctB4YgrfdSe1Dl21GGXWXelmeKxbH-1XXW2rYZdF2256Ze6xTZkYxMBC9I_M3oul9mBGRLIbRkUQz6ARrycw2-IB1gk5-_GSqPSvQNTyAhQ8woPiAFj4nUcB6fahqa_ubumczE50IUVjtqxC5EvU8uAbNemjMndUrYrGJtW10mY0P57TKSjDAPaEQj8Qi1vsN0kZ6lRDc_19Y5dtgJVNVUCRK5FfPJ6PEnh2txcQ3eHxkUD9QJIOI9YHdFag5eZ5Df9MMqr39uMT1_zTiU08TBfk_Y0YZv-XxcPOSzVtd81etTzz98VpduWG1Ackp-kLgFD1JGBmx2bdf1QT2SvTnvHFQI90iU9DBiXMrpquIgO0Be6o8z_IyB71bImSR-VhEY7k9Ve8RCXIkCSy7KYD0rUXACpQDiTdqkf7wi3b0Mxu8e84NE1uFA1L_9kJpT0DpbVv3rWw2WuuQvvmO8nJPPMFHKjuVqZSf2DHFoZHYOGEMpD0TCFcX2Y5piE9F0oL9pgTNICGlUen_ZNQ3ghF4_A&cid=CAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2782
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzR-LHdlFxtgD2yYh0W1uykoXqmU9AckuYDm7ltondTBau5aDxdO3uQKxEUyqCZJOcm2l3KXU_as0MWokgmlZxkKGuWcv4gkwQbkVgsUaIfrSmK_2WDRwxRyo7Nw8gcd19ktWzyHSylYcsnrl2aAzd6I-mWA&cry=1&dbm_d=AKAmf-CHKAD4SWZ7AhD6zzEKt9jdsXhr7iphix_fqhT11dVPwcTfzuddMUmzEwqQE60fhmm8XpZCZ2Brx3_GWs_rYzbicDx7Wz-MKALdqnSbiEy2USVuFtlnwDFdFa7ICwnNWb8PEJNlVrq9aRWNWBkgQt6AbSEEySgEi2_e5UE1Y7_h4-BJWwt9O8bt4Rrwj9BmxtaS3tpb5kuFCmf4z6v8Mz3lgu6U7yCWdmEigxVwAmixJlzlg7YghiBC0qaEIDz5HqTwcpYJFVuWn6jRTAygHAcwYHIxHgMrz4cuT-ksUu49XDeMUWikMORReLJOd5Vk_g8i_Cs_TBaXPyXdFVn-xBbSzdnioUFUvwlsBhSiCD9QSp7QXqosvb_VkDVFC4xm_XB_-ddzJS_lHY1OvHDH1iBTyW2YuFqgWxa7OS-2cLEmnYchuTNQjp2nx1v6-1LPxkHDQ0zfpQT1cY4fmRqT1lFgzMEKHU8RN2TuhLY_jKBax9AD3HxXs7gKLnugFYYuy9lF03l6C_6URjquUFgG-vBeeierQ5ZJXiT-4iVXCGqKwV4uLt3Pf9lDwJ5274s1McDzmQl5Huj-kWFsgqhnxamSXClMNV74LcA6peHtaf9Ti3nPWV0cjiYSZalmOUEPWMjklayxUOX5pslLqNzVMLF89c-UafE6OZTJTqK1HFaX_0P2r7tZVVN2eR4PmRae-xtxfl8iuuJqeMUuh765DFAnyDPqrW8qw4BRB4aqxCzvVT9kHymVN9H2NzpwSy8DHc-cvw4tC4A5Rfht6sbc_2fHBsaExJGfe88lWs-g0McM9wWJ3Je7cD5oKqT17rtQtejnOQH2Mn68o3tm-1ZvX-YIDlhgjZDAvVqrnOfR0eDhjUfubPEt2IBdq4Yz1BZR7QaPkAqo6EO7o3fXtYRJq66lTdSXwztBcwcpEQR6QsyYacyjpdiSZ1uoeySLXu_BmtjptTX0OnKsjACfkNTJGZHFO6rtbkUj_zWdIUdo0R80Pke4nH4IpGMXlmZ_rcq62Rx9L1RXRII6prh-oWSxXG2WDdHRYG07CBS3Aqvy3hEn2z-3OSGBjppA4Y1okCBleFDALJUKJH_ElW0hhjx7eeeZRGf9g7h8VnVbf3n5ldlCGY05XmALmZnQ7ez4p-dz_uDY5c24h8Px8VpvuuBz-fUCOEutLiSSpk4fJkrhD_RAICSORJVtU-Q0u22sG9jOZ0isLX1ehDVFCSTpASW_18sKt0TWx8ppnZHCXJKwYNZxbLCLAlN_eVLHi1sV_oFeaqxvyDjl-h_VA47mEB7CCouW4_M-S30LE7Wt1MJhGD9HAMTYx5VocgqErsAyiURJJCvEiu8B981AFGmNd3VOesopQWeQIcmCbQ7hx6YYLovwW4K2XcQPvfzKJb8YClt9D9n2nu45jQJ6nIwNiQolGHPX31VL8D_FPfyoUe9ZBNsUdOZuZmKTUVnwy1Ghr2iGFmbqRgdr44rMBXRt7l5jT__xHx-ge5LBi8SbBQRgTFC-Udme5Z2rds_DLKKie1lVjgXDP8hP6y2lP_TRUW3P31dlBwbsSE8qQwhZp6PzOKE0kcT7byWvgk9rbtp_2pzsoZTbGja-0nAuq6isysZ_CtnrDhy_Qi7nvBYw0KJfKL8MaVnGysSHNdvoaG0BOe_OIix6GU87JlN1CEuM1SZ68dWLW_r6T5zKuuBWy7KSVPlAQRMqT6wOXucjq9xo9rDLWWWzNXIelM5q8iftJJKTCEzn4prqLytTKfvYCkCbHoH6bHI6mBvhT576SNg72y_wb_Zn7wvn8v48XJO9aL1QWAgXN-pzYIRT23gDZSbMhQsdkK1pY2LPB2VcJWNbNf-baqDK1AMZ90ZUd0F2w-Yqk_jcQJ_wYZJsOGU1WFJFlfD0C8gQvaytxMsO7yk8kvohxoMc0pu8b63RY9OkmbJn4iE3BjpIh5vnIp05gD6e8ybWGAPUPLImIOdu6SKuLngA2y3G2iXvLpkdctBthSzAdWvggarkOltFSwLU4PcfpNWdnHjoX3_UKBOsnUE4VgyBgxT_0XncqVn0mMKjQJHHtChRBMA5CGwTIPm3UsHaDwCE_I8UUf4a6jQb8lv3E4OjRvd9xQeJKQqnprze_WGCto_W3QTRs25RbR3r4QyA_hFdLn6so0sHET5guanOeSXpEbfXeHkxCPQPJbJW0lGQ_5aV9SS5UJ8F8qrimf45_T6PqEHJJ8n30KCSnGQpJmKytPIrhV-BPfByCqD6PkwwJ0fHuO6F8WtT_1sX8PhHV9Xmsi59HCGAUqFUIsmwoDVykKNRYaUp7QZ8upPxgp4b7zpkEtkf74XCt5FV1XzzVfsWGTsWgu0_Jb3mvutHvi03xQSRdDvnWTWyqWH5Lg2oUcbdtcI_qQITqI5U4NhRZj6LPcdbxwdowzDJODe-_XOLrJV9mPi28dKW4ioPXbHcP0gJt0RbhnGwtGtbD-QNY6_ubGbGbbg1NbUgROljCKrBkwVLhCyLIjtTNoIAj_P8VSJTRW3jIG8wt-3abxOeq-QLkkYLSzyLXG5Tq3V2S6PUjy4M1U610DZg5Pw48uRNB3DqFr1m0l1UbvV-ClH18iCRiSJy1562z121yApONu5oppfBmW1EAUzTQZQXHbSII7jo4P05uAhoW7GAgD-1Rm74-rkIk3a9K7fYTYkIqWFN4liRBEjvDPi-CY0cb6EePs3z6nUwX4X0z52NZ_UCd5L6lHzNdJCk7UsRLbB86MapRJg-ARyctB4YgrfdSe1Dl21GGXWXelmeKxbH-1XXW2rYZdF2256Ze6xTZkYxMBC9I_M3oul9mBGRLIbRkUQz6ARrycw2-IB1gk5-_GSqPSvQNTyAhQ8woPiAFj4nUcB6fahqa_ubumczE50IUVjtqxC5EvU8uAbNemjMndUrYrGJtW10mY0P57TKSjDAPaEQj8Qi1vsN0kZ6lRDc_19Y5dtgJVNVUCRK5FfPJ6PEnh2txcQ3eHxkUD9QJIOI9YHdFag5eZ5Df9MMqr39uMT1_zTiU08TBfk_Y0YZv-XxcPOSzVtd81etTzz98VpduWG1Ackp-kLgFD1JGBmx2bdf1QT2SvTnvHFQI90iU9DBiXMrpquIgO0Be6o8z_IyB71bImSR-VhEY7k9Ve8RCXIkCSy7KYD0rUXACpQDiTdqkf7wi3b0Mxu8e84NE1uFA1L_9kJpT0DpbVv3rWw2WuuQvvmO8nJPPMFHKjuVqZSf2DHFoZHYOGEMpD0TCFcX2Y5piE9F0oL9pgTNICGlUen_ZNQ3ghF4_A&cid=CAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 1DB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1DB5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.GwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1DB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e9c1610f-dd55-4844-a3e9-7fc9faf9644e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNX8J0EgRUTpv59ywAi3X9zGnXomzwooi1kp22BhQUFdq3isRtQbktnyoiC8Cu-3gaAgIQgBJLHNkmDHyzKXDBY98TQyAS6xpe2ul9OX27Uztn99wXSM1maeUdDGM-Qx4XPofDtlMyncAhmfu3iE3B0WURcABbQSNxZP2Ou2fyRufLMdodc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f512fbdf-1050-4718-9f3f-745d99409cbd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DDD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DDD6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.IQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DDD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f5e7db61-58c5-4023-ac91-da49234ba733
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DDD6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNUbKjLAfvXe9aeKlbO4nz0Jz4AzVUCZBzUWypY-iPmgLd4tjzP8qOmQ8nwf0RQW3RIjNHJlZhGtaQtNFxl5VH7dLqN2aU-Mg5tfotOXsURY3wkttLhrpXAWzfOLsqXLJucUBWpwEaW1m05RBTYlhGku7ZUc7Hhsve94_krGssTH1GZLu10
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6e0b5416-610e-41fd-a010-5817735a77f1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7A55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7A55
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.IQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7A55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1e66e04d-4078-4200-896f-ab945485fc34
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A55
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0MDkxODMzMjk2MTkzMDUyMQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0MDkxODMzMjk2MTkzMDUyMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNWYHm0bHPmyFpgSBmRruEATHvaYLahGlOg80mQaC80UQ-bkQd5MvAwYMpdmhYS3JlOUSFFBsRVsGpmzGznnfuZ5lRd9u_vPkQrpTqT9cQZ_VmHXcPCHxV3vlx4cBHnVrvbDz67tqw1C0pZoZB8Xlrk6MH3lFixD9vjvzHgzR-PXPxYHbjI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
228f948a-3e02-44bc-90c0-101251a0a7e0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ0MDkxODMzMjk2MTkzMDUyMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8F09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8F09
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.LgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8F09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dba6a85a-3c23-44ca-a8a3-23e01021a7c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F09
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj0tPCZATAB&v=APEucNVU5XPqXtcgsPnL_sRT-8zcYCvjUTkUWifMhkGjkTe4B4ljYbBhdJnraKVGDfabwTDr6OMSvdePTWL94pK5ysHmaMRfqEK9XhBUlzASCq1wPFQRB-NzPUs1-ZfVOPFFNismlorDS8yiDW0TWcXpkLPc8avZFjoqCt6Ug0t4-ca4oES0B8U
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c6003507-c2d5-4d90-97cf-87acca21249d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED3A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.KAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:07 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame ED3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
28b217f0-e06a-42e9-ba57-20d945f56a1e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXz5PxoNmlDQnLXuMNvf02tyCAPAaU1voqSp4Uzl7nRsUaZM1Q4geE4C_09bXm6EA5Md-yeWU_8L0S67Y0MHmEKZeD6rmq7brievEXv8h9NMbXw5XBbbnievq3ZUXc7d2f_K9TgkJXVmRpZcCv5mmeaofqa9GO4uY1uDxxAJ52xmv4sc5M
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fe6d9be2-a52b-4c44-9466-10f068074a04
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Nzk1OTQxNDM4MTg4NTU0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FF7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FF7C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSSN8XZ-HdHzp1TksCn.GwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 Aug 2021 06:13:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWsxPlBve_gSgavJGpc6kI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FF7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a686a449-534e-4e95-89ed-46c4e7841399
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeoK0KgUTR8wryryg6Q1CE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF7C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0OTEyMzE3Mzk1MDk0NDIxNg%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0OTEyMzE3Mzk1MDk0NDIxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNXB8QTLABGncLXrNO3CUnTkopgjgqklcaYyXPB9x60K1Z6G4GZNVhHuRi6vxKNuQDk7wYQyNWF_uX2QMwmiRG49AfppNIfZ82UFwZaUOxeCwlZF7Z-IAVDmSS8-c4Y40Xvk2lM0stZx6v3Rqr9iBMGlu175nnRaMhOr0Z6ZTN7_H22Nj3Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4656622b-9a67-4315-9ab9-d8f66e62f159
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM0OTEyMzE3Mzk1MDk0NDIxNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw_dynamic_view.html
static.affiliate.rakuten.co.jp/widget/html/ Frame 71F9
9 KB
3 KB
Document
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Requested by
Host: xml.affiliate.rakuten.co.jp
URL: https://xml.affiliate.rakuten.co.jp/widget/js/rakuten_widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4681e86d0d657a36639f067b3204438f68a575752ff12bbc57f3b607fa9fcff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
static.affiliate.rakuten.co.jp
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://internet.blogmura.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

Server
Apache
Last-Modified
Tue, 29 Jun 2021 02:30:28 GMT
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Length
2896
Connection
keep-alive
sd
us-u.openx.net/w/1.0/ Frame FCEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO6-px6BHGw9VUzlmM2zSKk&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO6-px6BHGw9VUzlmM2zSKk&google_cver=1
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO6-px6BHGw9VUzlmM2zSKk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEO6-px6BHGw9VUzlmM2zSKk&google_cver=1
date
Tue, 24 Aug 2021 06:13:05 GMT
via
1.1 google
server
OXGW/16.214.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame FCEE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDM4ZjZlYmQtODY5Zi0yNGUyLWZjYTEtMDcwNGNhMzkzZGY5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDM4ZjZlYmQtODY5Zi0yNGUyLWZjYTEtMDcwNGNhMzkzZGY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 24 Aug 2021 06:13:05 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDM4ZjZlYmQtODY5Zi0yNGUyLWZjYTEtMDcwNGNhMzkzZGY5
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame FCEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA878TMINZZSly-U6jHol7I&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA878TMINZZSly-U6jHol7I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 24 Aug 2021 06:13:05 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEA878TMINZZSly-U6jHol7I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame FCEE
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNUfJWSGR9Y24mREz9yt0UZVeuqKCC52UGj9_yMMzKi8N_AKqSftNfVFJfbSi2hulAl6v2M8b33FZxooq9eGeQU65BuQcZPikzpcv3dlMPOTX7dGZuQf19ESHH7EHzHA_k5rrtjJEiCgF3PLI8vBBu3oa5Z8IbZjKNN2mR7FF7jbCfaUKIA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 24 Aug 2021 06:13:05 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame C73D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpz_HErAyhrgjuyzmz4QYk&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpz_HErAyhrgjuyzmz4QYk&google_cver=1&__user_check__=1&sync_id=58beefe5-04a2-11ec-a597-190e06a80206
43 B
549 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpz_HErAyhrgjuyzmz4QYk&google_cver=1&__user_check__=1&sync_id=58beefe5-04a2-11ec-a597-190e06a80206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNU1YlJDYtYZHaVL-p03Z_kM6xdZ9tUsQ6GjTdUrodB-46HborP-cjx3_WMPzDzrzXC-OgCwu4IcekMw75MB_PGlloNsJYnuAhRfdNZeg1Zsy2JLFSACjwAOUugR3PmELynjd7eDOeDyX0FRYfpzCw2cWh17cuw4kT60RpowG5P1MXWWij8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEDpz_HErAyhrgjuyzmz4QYk&google_cver=1&__user_check__=1&sync_id=58beefe5-04a2-11ec-a597-190e06a80206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
17
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C73D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NThhOTcwNjktMDRhMi0xMWVjLWI4YjEtMWVlNWI5ZTEwNDA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NThhOTcwNjktMDRhMi0xMWVjLWI4YjEtMWVlNWI5ZTEwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNU1YlJDYtYZHaVL-p03Z_kM6xdZ9tUsQ6GjTdUrodB-46HborP-cjx3_WMPzDzrzXC-OgCwu4IcekMw75MB_PGlloNsJYnuAhRfdNZeg1Zsy2JLFSACjwAOUugR3PmELynjd7eDOeDyX0FRYfpzCw2cWh17cuw4kT60RpowG5P1MXWWij8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NThhOTcwNjktMDRhMi0xMWVjLWI4YjEtMWVlNWI5ZTEwNDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame C73D
0
446 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNU1YlJDYtYZHaVL-p03Z_kM6xdZ9tUsQ6GjTdUrodB-46HborP-cjx3_WMPzDzrzXC-OgCwu4IcekMw75MB_PGlloNsJYnuAhRfdNZeg1Zsy2JLFSACjwAOUugR3PmELynjd7eDOeDyX0FRYfpzCw2cWh17cuw4kT60RpowG5P1MXWWij8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:05 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame EC91
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CTm5jektCRTJ1Rl9LU3lncUFJcDhyZ1BfNEdVMjFfYn5B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CTm5jektCRTJ1Rl9LU3lncUFJcDhyZ1BfNEdVMjFfYn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWcXCSNn8PI9p89DLbFsMbDuT7r9BS09rrgTybYJaz3-K5QPG0cKDuhSS5a1Fc71KCEue7ILwC2EqrKfEhIne9-1vo2XGoq9WKK-VNQJA7e9QjvYyKDu2I6aw9WfigV6uPWXSbqV9T9qoBC5DTTh_aVJ0z-4ASTehGLylbagQQFPL_hHus
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CTm5jektCRTJ1Rl9LU3lncUFJcDhyZ1BfNEdVMjFfYn5B
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame EC91
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWcXCSNn8PI9p89DLbFsMbDuT7r9BS09rrgTybYJaz3-K5QPG0cKDuhSS5a1Fc71KCEue7ILwC2EqrKfEhIne9-1vo2XGoq9WKK-VNQJA7e9QjvYyKDu2I6aw9WfigV6uPWXSbqV9T9qoBC5DTTh_aVJ0z-4ASTehGLylbagQQFPL_hHus
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:05 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame EC91
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWcXCSNn8PI9p89DLbFsMbDuT7r9BS09rrgTybYJaz3-K5QPG0cKDuhSS5a1Fc71KCEue7ILwC2EqrKfEhIne9-1vo2XGoq9WKK-VNQJA7e9QjvYyKDu2I6aw9WfigV6uPWXSbqV9T9qoBC5DTTh_aVJ0z-4ASTehGLylbagQQFPL_hHus
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
transfer-encoding
chunked
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame FEB0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1hTFJZQ1NkRTJ1RUliTVRVVDBPUkdNakMwYnJkekRyeX5B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1hTFJZQ1NkRTJ1RUliTVRVVDBPUkdNakMwYnJkekRyeX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNW4BfQtOr_Pnp3GjwoNdISlMuHsKs2zOb39LR3HPXIKJ9gSaHVbyvLkocpRVi86wI0z1w3JV7m-qRKlRqxDT7QUbj5tUWoSGwevq5m7ZUWrrRt3pNB2xp-lnHwKTQxTMNDmZTBahJ531rinSc05IpDTjYdhbxmOY-p5IBDVguAEwVaTcf4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1hTFJZQ1NkRTJ1RUliTVRVVDBPUkdNakMwYnJkekRyeX5B
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame FEB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNW4BfQtOr_Pnp3GjwoNdISlMuHsKs2zOb39LR3HPXIKJ9gSaHVbyvLkocpRVi86wI0z1w3JV7m-qRKlRqxDT7QUbj5tUWoSGwevq5m7ZUWrrRt3pNB2xp-lnHwKTQxTMNDmZTBahJ531rinSc05IpDTjYdhbxmOY-p5IBDVguAEwVaTcf4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:05 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEIqcAkWxkdLIyZ72XudJxig&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame FEB0
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNW4BfQtOr_Pnp3GjwoNdISlMuHsKs2zOb39LR3HPXIKJ9gSaHVbyvLkocpRVi86wI0z1w3JV7m-qRKlRqxDT7QUbj5tUWoSGwevq5m7ZUWrrRt3pNB2xp-lnHwKTQxTMNDmZTBahJ531rinSc05IpDTjYdhbxmOY-p5IBDVguAEwVaTcf4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:04 GMT
transfer-encoding
chunked
content-type
image/gif
container.html
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5130
6 KB
3 KB
Document
General
Full URL
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 24 Aug 2021 06:13:03 GMT
expires
Wed, 24 Aug 2022 06:13:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7B27
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ED20
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D534
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3BAF
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame E30B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BiH338I0kYbyCMPKAjuwPjPW7wAgAAAAAOAHgBAI
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D11E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2EEB
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 84D5
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 594D
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6CD7
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=B4hHa8I0kYcrKM4Xj-ga40ZWICQAAAAA4AeAEAg
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E7BC
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame FCCD
61 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jQ7U9fKoSTNJvyRnpyj18d&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame F7C4
61 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0itn-y4fJEiEb2cf7hr065f&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 527B
61 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jAz83jdbU8m8in9aRRm25O&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
8udwcfe35vf5
hal9000.redintelligence.net/zone/ Frame E30B
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTA-U740kYeu6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9DUY2cO7BMZH3GZktpZemHsUJrSt3ccHuoc8CjeF5XfgXlctkvi3rSGVxPf9dnVKNxYZwaDM8tsUyM1YsiODaBWMMAEPodjt3ClhBQf6t-Bh6KIWVORGRTxvA8g0qFr6fS7eC5xXQ4Vkh3owiKfbJwt7TpnLsVgD42fVVxPcMIJklK38VZJrZgQQD4uctz-xtV1Ql3PjPFjqyLiYp5xwWlL21OMtkAG__WpFn3fq7oE5tZkIgBZN3a9_7jUcLDGz0yik1Bxg5nxbW6r9RULWdRzo57ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw%26sig%3DAOD64_0PUjY5lQzyCafjstNjIg8OA10rzw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-B_4kEehuZQCZcfn8EKP5NNCmCBvts7dmwu0Llek3TPj2ASdA2BFThD-ar_nrW5KzzM-AGrzyefTK2INeYv7eR56rf6eDe8lu96kKT6sKmJmO3TR2rn4qnyyfrANKaEZzcWSPD1WaEaMxIEcKgQcutqc7F8Zg%26cry%3D1%26dbm_d%3DAKAmf-CgY_JjB9bvC6wKd-7d83Gt_2DlXJKzYy2nlSn-5kfIrEir1HCrH_2X8pkJwzqecxYCqMYFqj-04uQtSQLqHKTyn-P6oY2wpV5tmGnDIbKCm8Xso01StZtXUlq2Z4R6L6LuMu6Tp-zsCKV4nZ11ZLnVHfELgWn474e4mFCxuKXMNmpIzijFm0fZmu3Ij51BsA5lbPXwHZJ6HpyZvkRbrGltjnE4cmOfnp8ZzlgH5vxRNQlMM--mhns8IMt2SwRE3DQ1IiD_QWYRdQZ_pDKdHZb88cjgtohUD4rTZ5XUvrRtBzWcurUt8u6NWioqa6PJqIk_TXJCEE4VkxUnDssLjcTvyuPVZJElv1b0Y3sBnggQ9_SszAsk60Kr4t6GoI54J8pPoXvPlRnQpbb0B0bRup3WFR2aaFNxptg6-6HtJ_Cw2ekYcAg060gUDhX-d4dfu8t0NqLH%26adurl%3D
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b2d80bb9b3f622af4256d59bc64e609352999e1a13080fb3d439986866a03f1e

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3882
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
8udwcfe35vf5
hal9000.redintelligence.net/zone/ Frame 42EE
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXC_a740kYeq6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9D9fUEGwSB-TOcJI9x83Sk2JIrr0QgNcgR7osS4LsSVZHPWwCg8sdu91aPRQunHq-2SoQsZuF_BEov1tAlyS95VPscnnyXG6XDLW1cZd8zsOON2TxsqKcNF3VCCtbwooj8l7_WWTSofxJreVJe9xDBKfOozRA3V70x-NJo8Yz1J-8J2ILYiGaR1fUk2kSN5-XF6kST5jAsBJotX-G15318-FIBm0wny-2YScVgSnHWITl4SAUrSNYe039oAnyhjIeP84prwn9x9Y47LCn0qpA0NYfnABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg%26sig%3DAOD64_1DOw9zCiT9GVQtruF5Bn4chLIZBw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CAkLioKU4wpwfSVVd9t-H7Z2mLncddHmVKNz4pcEIdy3so1mUnkmz3ozAWhXuFdAD6XcKbEinFd-qrPevV1_VUNz86EGeeY0lYABq6CZZ-bq7sD0BgyvEf7oApm7z5S8aZM8NgLECaKoRN96TrRdYkEucH2A%26cry%3D1%26dbm_d%3DAKAmf-DUetNRzXtB5wM55xfOWZXlTfS6FadtTZ_U1JZGx09mtAemZIdHwss1Rh9DM1w0XLsn1KlUezOeqcIb7EDFoEZ0UlsMl1j1RnOrv7eaf1MMSZusbMZmVEX3cse-KcDf435MRf-bW6LxeQlziGJbOR7hyeHacwZFHaSL39G_DWMQfIB4q-GT3loBrW-DSrusMK0YuhBkQMwWCHhd4WB3RQ-uaxnE4FBaWlxOj0KpdjGUuy1Rw4RHYK7bGesrweSW4J1yAM7AObnYtourBlKafUi0v1SBEAch2biytwszFpsNgRaQC3bKLfo3Q_41ppNrnSntD_93R-UZSSQpc4xLR5bz9HCCe3acMqpp_tr_oCp5xZn89oL9cD9BHOrb6TRHZdUNUwh1fKubQir96VHMeR-IEtpCpoiXe77s4DcAwDAnpvIz50HUR6i_tSy0svfdwoSP5P_z%26adurl%3D
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
343f37b2dbd276a57e77096a608b4aea79c73e3e31ae014459382b9aeacab784

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3883
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame A695
61 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232036&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j-PwduIj0Z536Hg1RmPp2p&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
8udwcfe35vf5
hal9000.redintelligence.net/zone/ Frame DEFB
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC--PW740kYey6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9A-FECgN1qm2PXz449NLp1lLjGB4-tbVY0zxTvN1k_PeDWyiI_QiNRFPwXDuhRsQFPDaiDT4xo9VZGpLRoFBEetloFkh5pfKh9eIhlJfkimJlKjM6A3e46wWg2esbixOMpLU8y38lAsH6Zgn9SVd-imCfEOtQRqBC_13cea7XpQaWuwVcaSbtGuJpoWTYuq8Fzx6aPS7pmeLa9mLm7wROeVDykpgoKHvOelofK7_4W-CvqRkaE6E8xr67X5fe-ORAd9And3QOLsNOFerJ3AtXUIipjABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ%26sig%3DAOD64_2Zk1rLXqHQ3nD8jlN8fxpiVpLfRA%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-BiwW5RG85bTSTNGZtPyHbAEhwlG0Fv41MJnCFLL9_oi4MEGtSrf_PDAMbCpT7OLk45sFyQZo0yT9IAl02pNVUCGC9IMyWoFqDVQMkCt_V3zIuwF2VKn8wenw10bTjsXV5ambc2a5R_k7goOQ7geTRpN0vNKg%26cry%3D1%26dbm_d%3DAKAmf-AE17x2K6osUouOOSIqK7zQN4AsZpQLX4SKyTAomS1DIqq6jx2HTiaFDuMNt9XvZ4nQGGJQ89E69oasL5FUl9uDmvK06E1HVbz7tkyGmV1UfvKyoCeYqHz7ff9XayVXtB79qAGiQTjMnjTihiPzzMzMFMKiFG8j5linYlGd_z02mgPjwMJbLfSpxQ4J58ZMF2QzUGOn4Om9gzx971DvPR4i_Xjnl_BP4LNyQf1OnWn5mGsyNwaSeFfuVgEbsso_Yc2fB2LTf8qsio3nZMZZpIQo46raYFB2uK-ojpxTSsIRj4B7bgxGFxyTi_2-uYLhZlOA1PaMxQf3TPXymiptoCnTHy0Vi-u1-SCrhXc5fYkIr5H4V3naXKQWWp5T2-FC3fcK8RETrLuVdy8h99IbijcnfRkP0q04xxUPeW9mWugFPFqgcqwKB5ahJPHMDF-Ob22IzyKl%26adurl%3D
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
26c332a1bc94f828fc6c652bb3e70ea00fd4a84a3b36635dd5f1d8f5a59e24c7

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3890
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
8udwcfe35vf5
hal9000.redintelligence.net/zone/ Frame 3AB2
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4xyi740kYe26Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9CWpZ40-OlMS0YOp4AsABpWQJ0YrB7V5eDgr0LM-if8H4J0O0967XGyA44S5WTsHZruBTzZrkWLwlgMZKNAA4T1cfyGDBExIiurw9gB2QECi-dxNggw1JUOvYsRdtdsYJaW1n-ub28VJSlyamdHRXOX4uPlvsYc76aBaR01buYJ0ByFm8_kPXTkTMl7BZxLk-eGZmupK6MWTEnWjDBjURV_GEZJf6oplXMpOu6Alz0xXQW5LCYnr_FTfn-WlT0wRZSWoLCIC_O0CFbkxnNGBaCALNHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg%26sig%3DAOD64_1MPGh3lvQ4z92txFZPiUx8NfIg7A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-D88zhHArREvEJ1RobgMQqYO-ZX4vVZVEpO4yRdN6QXLlxRHD3ZuVdpia-ALYgjuy0lcx1VWKaj90wfXPQryzCYESgHXLG_exAyXmvQOFC_rUYrWROtmS_kg3xLrVU_Q6xd8OoYi1aScWha2Kuz_5uKsVwHyQ%26cry%3D1%26dbm_d%3DAKAmf-CRzWceacm7Kyr_mF7vDbM8tH83M0Xona5Ad7lEdwx7-sAytAnCZBhJLETHj5XhZDjJKE399aYAS6Nz0mNYfXV6QPRlJ7mM0Lr46eKKa-cDfEiQ4NlZYKNowLwvldlp-_YpNwYqhcXwEeX5pEAUnd7vRdKMEUM38KSlskQfuo6siZB4tqXYmXU0kM1K_2REchfV5gpQ_Omu-rxSzlfryqJvSSS2wmbtCi1k_ci4H4Xvt4zuhePE8uFx2aK277QW2UNQuQaP8EvhdV_-ss0f9oNz83jwXl--zZb-yd31Tsc_eFYlaxqYBhxpAbA84ybB6Frp0WOqiAyeXdC5ush4pE0q5p-oCr4hZsa_klcf_7F1-6015f7eFKTWC1iP6r19_T6vB4xezuNnox9ktA6xcpNbDnS1axnYG0P9YIWDv6gXFuDH8oh20LFLL9rsnS760fleTFHl%26adurl%3D
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
297b2d8325eaf4eb1efeec54fe8c6d5ff64421b1115aa4c159f7804721b3361e

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3887
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ihaaer67pw2u
hal9000.redintelligence.net/zone/ Frame E5DF
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/ihaaer67pw2u?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNCr0740kYfG6Nqm3gAepqJbwB7v6hIpXn6bi9bcH8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNUBT9AD5Mn40YaZ6n1UGWdo3xIDqpqQtl6BDEV6TAlhV2V_pL4FyZFNp61uyN0dDY4qrrIYB4fEeWqBFId7TgDjqbPtFwpsiPgZ8bHupP_hqmfH6L8O7i_QTZSxLPmbXf6AmWF0i0QYLQSI8O00VvWz9oZTJsFsgPK6ymNBICcFpLQXmX7Pw9Zx7fy-9L7BkUXQfbpsBs6RgugJbjI-GmrtEYTcPK_erdLjD3TM2KiKaGkoSkX19G4e6Lftm2MqIshxxIcoASWw3lmEQz6rp4e8I6hGQ1XKwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg%26sig%3DAOD64_1406M_SuzgFZQEMM0tZr71GJYpvw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CNpPsbw30eVLea6cPOwC2iF6q96nOO12DAmK-a7ilXJIhKlpn5ZOJP2eDBebT2OWRLNu92YXgDBOT60sOZOFPsjUiLvBRxspds2DKHdtzcmGueae8zjpFmY3ep2Ag2xU0zy_SUds85g4JjrZvy9AWy6JUM7Q%26cry%3D1%26dbm_d%3DAKAmf-ChdCH1vWRWGsLalfX6Wyt2NvfjfWojG-va5xfr3X_6cDSwT9BmoJinZaRNAckas64YeGWl164SK1I2tPi9za4pDY4DeheerxfmqX9x8dYHrZzOMtgRzW6jSrc2C83rbC_Jsq9UkXK-Luvq0TeebEdUVG6I1H-kQ5V9x3liwQEQFoSoj7lWZWDJY9HEBfNGlGhFN3D_-6ChP4N5qaJ8RgLMOm5y4h-wy9eTguEnAiCHmhhY1f1F8zawr541bUXiED-Kzq8YKtygjE6ggTCOhGqqrFy2_2EHrtmQmIQt0z1TM6fEf19PsHxGb0fJ9nTPQdHQDnzh7jcLlHknx1BWu3sLyQhyE07hp6hwkIi6wTTmOb-c24MowpNRbwerXlduw2YYu4j_JDFq_sA3tNb2oDf_l671slMsfrw18QQDtOyIAXpccFK52MNZbE_8LpQc0SUrqWtr%26adurl%3D
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7529874225c015e49ad79ddfb2e6759e8dae7ec698ba82527437c3d815e95bf1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3889
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
8udwcfe35vf5
hal9000.redintelligence.net/zone/ Frame 2782
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIDLX740kYe66Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9AilePxBPSbC1B1TpV5n36DpPb-u4SfbOHB8-ePk79L3e3A9IH7PX1E9T-lzxMogFUHteYcJ_DcTNIkIcM0Tcql9taSxnkPJuu0WO3-tOOfGnIXJJfZr2segReAn_kRgPm42u-mswrT_vlvlpU0C7fTBKm7bLhVsyX42ieWdnUJSyF5K86jgDhO8BIdsMP2Cw6RHUhkgS4A-yp_h3ertECW6iIkvZmwevfPlcGZTwt2lpO_pqywrpzW2hRUQG_zywtFPDLhvIUIFSWW8MAqT-Kbi4_ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ%26sig%3DAOD64_3gc62Fxkv4vwIzRyOva_qnvDRq-A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-DY9Zvru3Q--56Cmg0ijEbEDJLx6EbA_ttYlSDV2M3fm7pS1s4hF9CzZzEgi-EgAjJ3vCkOoS11aHorpLvDOBKhaRP6EXKxGfWfCCSrINs8w02I8nuC4Y8P-E51krP4v9IAnumvzxfqd3hpPzkUkOxqIA-4Yg%26cry%3D1%26dbm_d%3DAKAmf-DgT8DfOHv3ZhFaRNNpPI2MAMLkqLa3vMZpTh1nzpCV6tITAZwDQKK9RrspjzLSK3uoA7xEZQJsCRN7NWK3R_Pl5Vk3sfZG0KEfiX5fFQMwNvGYDxgWfmLozwxgM9mAlzFWuomYB4er5R-9VFT0I24fSxZjEGPd3yFOpF_u3mvHZKFTdAfM1pWTIJjaVxereCbEjkDM-IYU1A5wCBkVrrhFR65TOeRaMlrdOBWzXvza7OF7ZGc13a0DwwNnQOaND7jEAOjnRyRcMfXAttjDjeewWNFQcz-ujfF69Im5t-consWhRrOCIQXU1-FQbHgXrIf6UwER8JCWhhXhxuE3DEKBj4vlqklPV172_cqPYNSNYRg1ixOT0Ek7sqjsVJFkQ5WF-mzrbNhCK4Fj61ckyNX-N2Nj9HsDzQ9Yi7Boi5pLu8K5Xqn2xV_D2d4EYqy37j-eDxry%26adurl%3D
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
12fbc4e2cb6dae7985b0ca415c414ac8d7541cf7b83e5d17a29e579659d53363

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3888
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
bst2tv3.html
cdn3.doubleverify.com/ Frame 8340
1 KB
1 KB
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=12908
Date
Tue, 24 Aug 2021 06:13:05 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame FCCD
3 KB
2 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_407159323558&jsTagObjCallback=__tagObject_callback_407159323558&num=6&ctx=1828362&cmp=115845&plc=4232036&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=407159323558&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=0&brver=&bridua=3&dup=null&turl=https://internet.blogmura.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jQ7U9fKoSTNJvyRnpyj18d&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=9.00&callbackName=__verify_callback_407159323558
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
bdeea6db6e880bf81ed0ac83f5ebf40a81c22ab655e35756303d314df21e10df

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:05 AM
dv-match6.js
cdn.doubleverify.com/ Frame 96D2
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=55591
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame AD2C
1 KB
1 KB
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=12908
Date
Tue, 24 Aug 2021 06:13:05 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 527B
2 KB
1 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_672222535375&jsTagObjCallback=__tagObject_callback_672222535375&num=6&ctx=1828362&cmp=115845&plc=4232036&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=672222535375&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=0&brver=&bridua=3&dup=null&turl=https://internet.blogmura.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jAz83jdbU8m8in9aRRm25O&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.70&callbackName=__verify_callback_672222535375
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ca86a98bcfe3b16661693c8f36b7d6dbdef602d93685f149edd903aa655b8629

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:05 AM
dv-match6.js
cdn.doubleverify.com/ Frame 71BF
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=55591
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame CEDB
1 KB
1 KB
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=12908
Date
Tue, 24 Aug 2021 06:13:05 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame F7C4
2 KB
1 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_109738902135&jsTagObjCallback=__tagObject_callback_109738902135&num=6&ctx=1828362&cmp=115845&plc=4232036&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=109738902135&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=0&brver=&bridua=3&dup=null&turl=https://internet.blogmura.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0itn-y4fJEiEb2cf7hr065f&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.30&callbackName=__verify_callback_109738902135
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
536dc70fc794489d809e2d9f9f8a686169096c539c16517f643c407a5ba943dc

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:06 AM
dv-match6.js
cdn.doubleverify.com/ Frame 4212
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=55591
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame 9B31
1 KB
1 KB
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=12908
Date
Tue, 24 Aug 2021 06:13:05 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame A695
2 KB
1 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_49199682763&jsTagObjCallback=__tagObject_callback_49199682763&num=6&ctx=1828362&cmp=115845&plc=4232036&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=49199682763&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.10&dvpx_strhd=0.10&brid=0&brver=&bridua=3&dup=null&turl=https://internet.blogmura.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j-PwduIj0Z536Hg1RmPp2p&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.10&callbackName=__verify_callback_49199682763
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
4a9dd2b607a461613431106d5d6385d4856b2de7b982c294c5ad288b034d6222

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:06 AM
dv-match6.js
cdn.doubleverify.com/ Frame 3C69
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=55591
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0ED5
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNURoZNa_Fwf5JgkyvanfdDe6glfgxpWuLUV7aVJsHOSWD-C2ToQq22kHRGY6Co0su8SR-Lseel2p21icyKBRX9zsL_IcST_UamboQIEeh1r3n4-FS6SG1GpxnTFb6Y__-uoYEOf34HfbmMkomR-LQVdlwLlKJK1OaylAfmfIFockPqlZb8
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNURoZNa_Fwf5JgkyvanfdDe6glfgxpWuLUV7aVJsHOSWD-C2ToQq22kHRGY6Co0su8SR-Lseel2p21icyKBRX9zsL_IcST_UamboQIEeh1r3n4-FS6SG1GpxnTFb6Y__-uoYEOf34HfbmMkomR-LQVdlwLlKJK1OaylAfmfIFockPqlZb8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnK_DgSN0jKef5GerG5v6GWTXxHiLdQJ7I1875bT6bW2YhBCo9SiV6eVxdgD7s; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 24 Aug 2021 06:13:05 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5130
25 KB
13 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHKRuhSfCHFva-ecV2nlD8NQ0l12TdLE04es_NV_2aEm69KnIsvOyKsNsFp55yG4QqAqkBLfAoYOa_S-5Fl0Fpjn4M1gyMWVYREJ1bDpN9taDRht5vjI8CFF7KfDjt6UqvPr88UfisG0ddSsG8f3tvurTnvQ&cry=1&dbm_d=AKAmf-BC8XRHiBM8BDiwJK45oQVvfbzvZsCFvhCweaADXths5s3vb2ov2dB1MWT_jCfs3NKZAP5H5GnAq3xeQF9N4ySREtTNoC2CJWxM4N-RzqUG8W1BOPqxjCrtQz1uZVJ0DFfzRfqfts340sn2WnxFo3JCxBNVYTUAtOkBs35hoB7Ez42C933cmFgYMc2Ecf-xMq8nLE6-YXI_A_K1YioEAH0UaV2itELJM5m4Wqjz5lEgR27XYgNJL994m-bXB0e_67aRgD3P0dBIHA9votYWDEwhcyrPGB9y1Ys98EsrErUCrIBdzwrSgNtRGAS-MVvv60-O4R0ETMNW_eWW_0TZVQtKiEPWutE8ZCzL7dsvgpSORgNa4mmNWOj_LksF7oNgUv_B_TwsdZkStwmeZw3Amw1PAo0GRY3v-2v61MwqjmaXRWl-hTpTzSj5KKsQqCFEo2Z7e9JQf82mMZcZf9C19wWXKwbWTPZfoXgzD63uDQ9O_t_hlsdVLR-UAqP41TqSj-SFrgOZ21TYOtZdyu5FGk0K94NxCNrtqtnwC0BGc3ePIEhuRQfomNUS53MYvFX7LTNVEn-qI3f0V-qmlLP3Vg55I5aJ0WyF_5zVj9q4ralTfGrhp87rVi0nmk-koGLN5_uvpInEYj8SrdkFajsHJTISUkXVoZ3Wvzonvwv3qJe39JccJH49hn_pTrCvwqSiwJKmhys5MUU1h1NsFmCeKZRKLXsImjhBs9Yi-nVEsOI1S-YFsSmvgX5625w_chH2F9TAxlyf1qxL3xHPM3OtTKS8w2PyG2Ly8g2h3TeeaHABRZIhZk-dsjAvBpkD1zgo6Sf7AtdIvk2B3x8eq6i7ryRSkMxtT1bTl4MXHjikke_di7rpnRJIktYa22qZSmBM3Sg4Ef54gJZSebpsd-Z1Irqz-nzbIgaMrMaW34lhcDOuzhiV5f6-CkBt8Zvhu5-Miy5gIi_XJc9nGlkTe6llGKWHo1E5QJipPRnpghA4NaPCr_vlfVroOsJTjCkDTnwzZmKj38SnHN6g0a8NIdtwte6iztrUcAqFDoFfqv7xFBQG3RcPCdmyVtJVOZZ-D9qsH9VUJuVt3MuXRGnGvUehcvVMiUMb01EqrgdkH0-F4ISMk8WFz_Mv8eWurYyQPmz4TDMzd472XU8_ahqqfGgqllIpa2rDgTw2kXh2h2jj_lUaGzGGsBnsbHXUomBU17Uevfssm_KKxsIHgAUB0NYLqoYzJJbD9MEs93UBEgJbJ2guFn83V7XQj6hAzAid5-ZcekKM1WqD2RmwglzNNAo-_etHpPbFP6Su3X0U0mGvYh8N0TzjpZHMMLTHBn8xE3L13mcmQnI8DMiL7KLZAkHraZ0Yuj-ZP_07V7BDf5kE2wVHzfh27olDXbsLAVmJayg6TWOL4v5WLwk1yEd3vEFRthgGQupUhy48O2VT_n4yD_tW3L9z-cPTqTkFqpO0SLJPuLICD8t0Vt5ObVR5cYPrnvEnZ-LiYSSPCLk1LywHyGrGc6jwCidwOVbJ9XbDijNGi4ImmlfHZndhBbp6c1xdL5qA6Ifecqlwluw76y3_kqvrUv3QzcUWeuiBgxxi7ff1_Sxo37qWFzzASEM2Nb1gMT38a9zSfB99Fjvqsa4kG5ORBa1l_oroeEKMejU7_M5yP0P0509BOQfHVgD-l3468BbDkH0JSwDA8f20uAXbOI2deLv7ywFDQHp7ol0M50xZXjYxThR17oUg4Lffxmzo30GPXoBvgqZ2H7IvrXIlIM0Q3b2RTbLwRgSo_wBPBqEf80HC2SqQq4OaH2jyu_lNgrpJMAzvBgGz6cBN8zyvh9xdElLdkzl_LRv-gZoEjUngJpgl4953CpoTFrR0cjPs4FtwyXAl9RGW-lbnP-4p5CDbNXAqbkvIMZkitWvDX6O8TBoVpg2hwKE_UpHhJu4YepNS2ba3QkDtX92QSepgVGbOS7a8IdZsbQxpx-AC7gq3S4oFTiJu8-QWfg7UMPx_pUtDgLv1SdSnGUvp-o-ZR-EjXm3ZQd8v4B46SlbRKFjaO8jU1P-whAv-ruJgyg6FWMoFg_lXbq8VgQYIoUEu14KEd54jUXjSC8-OpQXASY-bpfcU4cs2Pr7cQWB_Xt2W4hcb2TifsLenfjM0yiHtjy1_3cCrfr1iUYK5ZJ-KEhmTEdn9c5CP-t8-q87pqzavWNy66n7IrR_F72UHWY8U4VnGwrbzB0qswxS9LXMhVARUJ8HxO0Pv7z176nZdinRKkqUldVp4DJi97Nls0PF3mpLhWV2F1-fTRNa2t6m536_gymPvrm6ru8ZX0nrg33hPWxMS3nAJbl8WSLXKcRhmCbrMMRlpDMeZOEd7MTTAiz8yp5YVNytHJ6unCHvtJa1_-_tCDErFQC2_LCVhG0tnkLob7Z7oHJfFgdAjXLMWKRYdLar5p9_zXbZD6pHc3xIIQavjl2kxwbONd0m2ScUPSB1hjup45je2eyMZyI0v1VIFBlz3XcxnA-9aCNnrbASUPS-0xpPWXHzFcIO2S0MePb-Mk9kef8ESDXzuAvd436Qt8tKgR8zXmFEOo43BdvUdw_M7nmOUVIV4jxPifwr96OC5ti2TXO7UV3Vd8FvgHQn_fXw2MfeHX_hQwSPOp9CTaLW291JOFi0X87TDeeoWczJColxofVIlKbMhicKJR5futWEplgM1SpG9BaMmm5oOdNYLS68XPmzbO_H5D-3NoxRMCo6OvWdufWTIIlKyigXcTzy-oDwmnl6tM0UM2r_m3YazeAY0s3F6SBUdaWR85WFfwAQBfQPwOBZr2NJDIJCyQusuKf2BxoYUEkx4yQO5GtmHWz-PHHeHK2nCumy8LKq8OB2iC6JluFYFpZyqvv_RLVjiJdOGVzgEYG7f5gVKsqncIJlK3GGDm0IYvnzm_JDALJuv8JSnZwctIa3Q6-t5tcSZqKdQeWLEYhR3HRp83lSKj1Flx1U17hjmrjCI8qXM3ZVPJIfbT1OCp-m4i855AXOdJ9DLxqVGuJ2KPZXSRF1i_PJ0x_gh2pAmrQCgiwjmsS-kM_VLGQEBzWmr00Ol9Vx7ppruWE07caw1ixFbztkruDpHNXSuiwVh7UOq2Qm_-te65XyVTm74iKLd-lGfl38kvlmf9zUjENx2WZm1pL8L52288sC18e0nCJp7nljVuACJRLMK_CU5C6ch0zQDV_JSHCwj6__dmYdIvCTxe1MhFGomYsOmh9xJ6YQJNHG1xt_Is8qWMohPvkoZ3JtyBob-I34kiulWJ04bo2iDfQksVHZN2ZglZKfYWjXwUBNqAbiCRdg&cid=CAASFeRoJQbbVNL_Qt0mkpsd4sl-tQEiLA&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2358476a97ece5cc4b117235d96129085663d8dd6269a27cd543463b1d9b6ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5130
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cms8-W57RPkxEsK6f6MhijF0YGxceD5vAWP3kE0IzPvdGQWvsAp08K2mPCZS_YOfBSASQZpdSJjeJD4ctRZQqpOqZ2KsvAt93yXLKo9N0DsAh8KTw
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 5130
2 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232038&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gYY84uVgp1vidYDBkNZWna&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:25 GMT
Server
Microsoft-IIS/10.0
ETag
"e6262781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 5130
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gYY84uVgp1vidYDBkNZWna&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 5130
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5130
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 5130
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:08:20 GMT
request.php
hal900017.redintelligence.net/ Frame DEFB
Redirect Chain
  • https://hal900017.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900017.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
939 B
Script
General
Full URL
https://hal900017.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC--PW740kYey6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9A-FECgN1qm2PXz449NLp1lLjGB4-tbVY0zxTvN1k_PeDWyiI_QiNRFPwXDuhRsQFPDaiDT4xo9VZGpLRoFBEetloFkh5pfKh9eIhlJfkimJlKjM6A3e46wWg2esbixOMpLU8y38lAsH6Zgn9SVd-imCfEOtQRqBC_13cea7XpQaWuwVcaSbtGuJpoWTYuq8Fzx6aPS7pmeLa9mLm7wROeVDykpgoKHvOelofK7_4W-CvqRkaE6E8xr67X5fe-ORAd9And3QOLsNOFerJ3AtXUIipjABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ%26sig%3DAOD64_2Zk1rLXqHQ3nD8jlN8fxpiVpLfRA%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-BiwW5RG85bTSTNGZtPyHbAEhwlG0Fv41MJnCFLL9_oi4MEGtSrf_PDAMbCpT7OLk45sFyQZo0yT9IAl02pNVUCGC9IMyWoFqDVQMkCt_V3zIuwF2VKn8wenw10bTjsXV5ambc2a5R_k7goOQ7geTRpN0vNKg%26cry%3D1%26dbm_d%3DAKAmf-AE17x2K6osUouOOSIqK7zQN4AsZpQLX4SKyTAomS1DIqq6jx2HTiaFDuMNt9XvZ4nQGGJQ89E69oasL5FUl9uDmvK06E1HVbz7tkyGmV1UfvKyoCeYqHz7ff9XayVXtB79qAGiQTjMnjTihiPzzMzMFMKiFG8j5linYlGd_z02mgPjwMJbLfSpxQ4J58ZMF2QzUGOn4Om9gzx971DvPR4i_Xjnl_BP4LNyQf1OnWn5mGsyNwaSeFfuVgEbsso_Yc2fB2LTf8qsio3nZMZZpIQo46raYFB2uK-ojpxTSsIRj4B7bgxGFxyTi_2-uYLhZlOA1PaMxQf3TPXymiptoCnTHy0Vi-u1-SCrhXc5fYkIr5H4V3naXKQWWp5T2-FC3fcK8RETrLuVdy8h99IbijcnfRkP0q04xxUPeW9mWugFPFqgcqwKB5ahJPHMDF-Ob22IzyKl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6151495759469&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
6c716e70817b3740e7353b1256193812cba17d2a9a4b0e4040efdf0f1642fe67

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
85077600032144800628852011696017
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
333
Expires
Tue, 24 Aug 2021 07:13:06 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC--PW740kYey6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9A-FECgN1qm2PXz449NLp1lLjGB4-tbVY0zxTvN1k_PeDWyiI_QiNRFPwXDuhRsQFPDaiDT4xo9VZGpLRoFBEetloFkh5pfKh9eIhlJfkimJlKjM6A3e46wWg2esbixOMpLU8y38lAsH6Zgn9SVd-imCfEOtQRqBC_13cea7XpQaWuwVcaSbtGuJpoWTYuq8Fzx6aPS7pmeLa9mLm7wROeVDykpgoKHvOelofK7_4W-CvqRkaE6E8xr67X5fe-ORAd9And3QOLsNOFerJ3AtXUIipjABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ%26sig%3DAOD64_2Zk1rLXqHQ3nD8jlN8fxpiVpLfRA%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-BiwW5RG85bTSTNGZtPyHbAEhwlG0Fv41MJnCFLL9_oi4MEGtSrf_PDAMbCpT7OLk45sFyQZo0yT9IAl02pNVUCGC9IMyWoFqDVQMkCt_V3zIuwF2VKn8wenw10bTjsXV5ambc2a5R_k7goOQ7geTRpN0vNKg%26cry%3D1%26dbm_d%3DAKAmf-AE17x2K6osUouOOSIqK7zQN4AsZpQLX4SKyTAomS1DIqq6jx2HTiaFDuMNt9XvZ4nQGGJQ89E69oasL5FUl9uDmvK06E1HVbz7tkyGmV1UfvKyoCeYqHz7ff9XayVXtB79qAGiQTjMnjTihiPzzMzMFMKiFG8j5linYlGd_z02mgPjwMJbLfSpxQ4J58ZMF2QzUGOn4Om9gzx971DvPR4i_Xjnl_BP4LNyQf1OnWn5mGsyNwaSeFfuVgEbsso_Yc2fB2LTf8qsio3nZMZZpIQo46raYFB2uK-ojpxTSsIRj4B7bgxGFxyTi_2-uYLhZlOA1PaMxQf3TPXymiptoCnTHy0Vi-u1-SCrhXc5fYkIr5H4V3naXKQWWp5T2-FC3fcK8RETrLuVdy8h99IbijcnfRkP0q04xxUPeW9mWugFPFqgcqwKB5ahJPHMDF-Ob22IzyKl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6151495759469&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 24 Aug 2021 07:13:06 +0200
request.php
hal900012.redintelligence.net/ Frame 42EE
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
937 B
Script
General
Full URL
https://hal900012.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXC_a740kYeq6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9D9fUEGwSB-TOcJI9x83Sk2JIrr0QgNcgR7osS4LsSVZHPWwCg8sdu91aPRQunHq-2SoQsZuF_BEov1tAlyS95VPscnnyXG6XDLW1cZd8zsOON2TxsqKcNF3VCCtbwooj8l7_WWTSofxJreVJe9xDBKfOozRA3V70x-NJo8Yz1J-8J2ILYiGaR1fUk2kSN5-XF6kST5jAsBJotX-G15318-FIBm0wny-2YScVgSnHWITl4SAUrSNYe039oAnyhjIeP84prwn9x9Y47LCn0qpA0NYfnABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg%26sig%3DAOD64_1DOw9zCiT9GVQtruF5Bn4chLIZBw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CAkLioKU4wpwfSVVd9t-H7Z2mLncddHmVKNz4pcEIdy3so1mUnkmz3ozAWhXuFdAD6XcKbEinFd-qrPevV1_VUNz86EGeeY0lYABq6CZZ-bq7sD0BgyvEf7oApm7z5S8aZM8NgLECaKoRN96TrRdYkEucH2A%26cry%3D1%26dbm_d%3DAKAmf-DUetNRzXtB5wM55xfOWZXlTfS6FadtTZ_U1JZGx09mtAemZIdHwss1Rh9DM1w0XLsn1KlUezOeqcIb7EDFoEZ0UlsMl1j1RnOrv7eaf1MMSZusbMZmVEX3cse-KcDf435MRf-bW6LxeQlziGJbOR7hyeHacwZFHaSL39G_DWMQfIB4q-GT3loBrW-DSrusMK0YuhBkQMwWCHhd4WB3RQ-uaxnE4FBaWlxOj0KpdjGUuy1Rw4RHYK7bGesrweSW4J1yAM7AObnYtourBlKafUi0v1SBEAch2biytwszFpsNgRaQC3bKLfo3Q_41ppNrnSntD_93R-UZSSQpc4xLR5bz9HCCe3acMqpp_tr_oCp5xZn89oL9cD9BHOrb6TRHZdUNUwh1fKubQir96VHMeR-IEtpCpoiXe77s4DcAwDAnpvIz50HUR6i_tSy0svfdwoSP5P_z%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7927225924977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
c8e0a982ecceaae8b241575d2b63078fa06e2cba640f9b103fef8b8967697349

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
93039000027525100628852011696012
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
331
Expires
Tue, 24 Aug 2021 07:13:05 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXC_a740kYeq6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9D9fUEGwSB-TOcJI9x83Sk2JIrr0QgNcgR7osS4LsSVZHPWwCg8sdu91aPRQunHq-2SoQsZuF_BEov1tAlyS95VPscnnyXG6XDLW1cZd8zsOON2TxsqKcNF3VCCtbwooj8l7_WWTSofxJreVJe9xDBKfOozRA3V70x-NJo8Yz1J-8J2ILYiGaR1fUk2kSN5-XF6kST5jAsBJotX-G15318-FIBm0wny-2YScVgSnHWITl4SAUrSNYe039oAnyhjIeP84prwn9x9Y47LCn0qpA0NYfnABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg%26sig%3DAOD64_1DOw9zCiT9GVQtruF5Bn4chLIZBw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CAkLioKU4wpwfSVVd9t-H7Z2mLncddHmVKNz4pcEIdy3so1mUnkmz3ozAWhXuFdAD6XcKbEinFd-qrPevV1_VUNz86EGeeY0lYABq6CZZ-bq7sD0BgyvEf7oApm7z5S8aZM8NgLECaKoRN96TrRdYkEucH2A%26cry%3D1%26dbm_d%3DAKAmf-DUetNRzXtB5wM55xfOWZXlTfS6FadtTZ_U1JZGx09mtAemZIdHwss1Rh9DM1w0XLsn1KlUezOeqcIb7EDFoEZ0UlsMl1j1RnOrv7eaf1MMSZusbMZmVEX3cse-KcDf435MRf-bW6LxeQlziGJbOR7hyeHacwZFHaSL39G_DWMQfIB4q-GT3loBrW-DSrusMK0YuhBkQMwWCHhd4WB3RQ-uaxnE4FBaWlxOj0KpdjGUuy1Rw4RHYK7bGesrweSW4J1yAM7AObnYtourBlKafUi0v1SBEAch2biytwszFpsNgRaQC3bKLfo3Q_41ppNrnSntD_93R-UZSSQpc4xLR5bz9HCCe3acMqpp_tr_oCp5xZn89oL9cD9BHOrb6TRHZdUNUwh1fKubQir96VHMeR-IEtpCpoiXe77s4DcAwDAnpvIz50HUR6i_tSy0svfdwoSP5P_z%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7927225924977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 24 Aug 2021 07:13:05 +0200
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 7B27
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame ED20
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame D534
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 3BAF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame D11E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 2EEB
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 84D5
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 594D
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 6CD7
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame E7BC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 5130
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHKRuhSfCHFva-ecV2nlD8NQ0l12TdLE04es_NV_2aEm69KnIsvOyKsNsFp55yG4QqAqkBLfAoYOa_S-5Fl0Fpjn4M1gyMWVYREJ1bDpN9taDRht5vjI8CFF7KfDjt6UqvPr88UfisG0ddSsG8f3tvurTnvQ&cry=1&dbm_d=AKAmf-BC8XRHiBM8BDiwJK45oQVvfbzvZsCFvhCweaADXths5s3vb2ov2dB1MWT_jCfs3NKZAP5H5GnAq3xeQF9N4ySREtTNoC2CJWxM4N-RzqUG8W1BOPqxjCrtQz1uZVJ0DFfzRfqfts340sn2WnxFo3JCxBNVYTUAtOkBs35hoB7Ez42C933cmFgYMc2Ecf-xMq8nLE6-YXI_A_K1YioEAH0UaV2itELJM5m4Wqjz5lEgR27XYgNJL994m-bXB0e_67aRgD3P0dBIHA9votYWDEwhcyrPGB9y1Ys98EsrErUCrIBdzwrSgNtRGAS-MVvv60-O4R0ETMNW_eWW_0TZVQtKiEPWutE8ZCzL7dsvgpSORgNa4mmNWOj_LksF7oNgUv_B_TwsdZkStwmeZw3Amw1PAo0GRY3v-2v61MwqjmaXRWl-hTpTzSj5KKsQqCFEo2Z7e9JQf82mMZcZf9C19wWXKwbWTPZfoXgzD63uDQ9O_t_hlsdVLR-UAqP41TqSj-SFrgOZ21TYOtZdyu5FGk0K94NxCNrtqtnwC0BGc3ePIEhuRQfomNUS53MYvFX7LTNVEn-qI3f0V-qmlLP3Vg55I5aJ0WyF_5zVj9q4ralTfGrhp87rVi0nmk-koGLN5_uvpInEYj8SrdkFajsHJTISUkXVoZ3Wvzonvwv3qJe39JccJH49hn_pTrCvwqSiwJKmhys5MUU1h1NsFmCeKZRKLXsImjhBs9Yi-nVEsOI1S-YFsSmvgX5625w_chH2F9TAxlyf1qxL3xHPM3OtTKS8w2PyG2Ly8g2h3TeeaHABRZIhZk-dsjAvBpkD1zgo6Sf7AtdIvk2B3x8eq6i7ryRSkMxtT1bTl4MXHjikke_di7rpnRJIktYa22qZSmBM3Sg4Ef54gJZSebpsd-Z1Irqz-nzbIgaMrMaW34lhcDOuzhiV5f6-CkBt8Zvhu5-Miy5gIi_XJc9nGlkTe6llGKWHo1E5QJipPRnpghA4NaPCr_vlfVroOsJTjCkDTnwzZmKj38SnHN6g0a8NIdtwte6iztrUcAqFDoFfqv7xFBQG3RcPCdmyVtJVOZZ-D9qsH9VUJuVt3MuXRGnGvUehcvVMiUMb01EqrgdkH0-F4ISMk8WFz_Mv8eWurYyQPmz4TDMzd472XU8_ahqqfGgqllIpa2rDgTw2kXh2h2jj_lUaGzGGsBnsbHXUomBU17Uevfssm_KKxsIHgAUB0NYLqoYzJJbD9MEs93UBEgJbJ2guFn83V7XQj6hAzAid5-ZcekKM1WqD2RmwglzNNAo-_etHpPbFP6Su3X0U0mGvYh8N0TzjpZHMMLTHBn8xE3L13mcmQnI8DMiL7KLZAkHraZ0Yuj-ZP_07V7BDf5kE2wVHzfh27olDXbsLAVmJayg6TWOL4v5WLwk1yEd3vEFRthgGQupUhy48O2VT_n4yD_tW3L9z-cPTqTkFqpO0SLJPuLICD8t0Vt5ObVR5cYPrnvEnZ-LiYSSPCLk1LywHyGrGc6jwCidwOVbJ9XbDijNGi4ImmlfHZndhBbp6c1xdL5qA6Ifecqlwluw76y3_kqvrUv3QzcUWeuiBgxxi7ff1_Sxo37qWFzzASEM2Nb1gMT38a9zSfB99Fjvqsa4kG5ORBa1l_oroeEKMejU7_M5yP0P0509BOQfHVgD-l3468BbDkH0JSwDA8f20uAXbOI2deLv7ywFDQHp7ol0M50xZXjYxThR17oUg4Lffxmzo30GPXoBvgqZ2H7IvrXIlIM0Q3b2RTbLwRgSo_wBPBqEf80HC2SqQq4OaH2jyu_lNgrpJMAzvBgGz6cBN8zyvh9xdElLdkzl_LRv-gZoEjUngJpgl4953CpoTFrR0cjPs4FtwyXAl9RGW-lbnP-4p5CDbNXAqbkvIMZkitWvDX6O8TBoVpg2hwKE_UpHhJu4YepNS2ba3QkDtX92QSepgVGbOS7a8IdZsbQxpx-AC7gq3S4oFTiJu8-QWfg7UMPx_pUtDgLv1SdSnGUvp-o-ZR-EjXm3ZQd8v4B46SlbRKFjaO8jU1P-whAv-ruJgyg6FWMoFg_lXbq8VgQYIoUEu14KEd54jUXjSC8-OpQXASY-bpfcU4cs2Pr7cQWB_Xt2W4hcb2TifsLenfjM0yiHtjy1_3cCrfr1iUYK5ZJ-KEhmTEdn9c5CP-t8-q87pqzavWNy66n7IrR_F72UHWY8U4VnGwrbzB0qswxS9LXMhVARUJ8HxO0Pv7z176nZdinRKkqUldVp4DJi97Nls0PF3mpLhWV2F1-fTRNa2t6m536_gymPvrm6ru8ZX0nrg33hPWxMS3nAJbl8WSLXKcRhmCbrMMRlpDMeZOEd7MTTAiz8yp5YVNytHJ6unCHvtJa1_-_tCDErFQC2_LCVhG0tnkLob7Z7oHJfFgdAjXLMWKRYdLar5p9_zXbZD6pHc3xIIQavjl2kxwbONd0m2ScUPSB1hjup45je2eyMZyI0v1VIFBlz3XcxnA-9aCNnrbASUPS-0xpPWXHzFcIO2S0MePb-Mk9kef8ESDXzuAvd436Qt8tKgR8zXmFEOo43BdvUdw_M7nmOUVIV4jxPifwr96OC5ti2TXO7UV3Vd8FvgHQn_fXw2MfeHX_hQwSPOp9CTaLW291JOFi0X87TDeeoWczJColxofVIlKbMhicKJR5futWEplgM1SpG9BaMmm5oOdNYLS68XPmzbO_H5D-3NoxRMCo6OvWdufWTIIlKyigXcTzy-oDwmnl6tM0UM2r_m3YazeAY0s3F6SBUdaWR85WFfwAQBfQPwOBZr2NJDIJCyQusuKf2BxoYUEkx4yQO5GtmHWz-PHHeHK2nCumy8LKq8OB2iC6JluFYFpZyqvv_RLVjiJdOGVzgEYG7f5gVKsqncIJlK3GGDm0IYvnzm_JDALJuv8JSnZwctIa3Q6-t5tcSZqKdQeWLEYhR3HRp83lSKj1Flx1U17hjmrjCI8qXM3ZVPJIfbT1OCp-m4i855AXOdJ9DLxqVGuJ2KPZXSRF1i_PJ0x_gh2pAmrQCgiwjmsS-kM_VLGQEBzWmr00Ol9Vx7ppruWE07caw1ixFbztkruDpHNXSuiwVh7UOq2Qm_-te65XyVTm74iKLd-lGfl38kvlmf9zUjENx2WZm1pL8L52288sC18e0nCJp7nljVuACJRLMK_CU5C6ch0zQDV_JSHCwj6__dmYdIvCTxe1MhFGomYsOmh9xJ6YQJNHG1xt_Is8qWMohPvkoZ3JtyBob-I34kiulWJ04bo2iDfQksVHZN2ZglZKfYWjXwUBNqAbiCRdg&cid=CAASFeRoJQbbVNL_Qt0mkpsd4sl-tQEiLA&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9352
x-xss-protection
0
server
cafe
etag
6805750149074617601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5130
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHKRuhSfCHFva-ecV2nlD8NQ0l12TdLE04es_NV_2aEm69KnIsvOyKsNsFp55yG4QqAqkBLfAoYOa_S-5Fl0Fpjn4M1gyMWVYREJ1bDpN9taDRht5vjI8CFF7KfDjt6UqvPr88UfisG0ddSsG8f3tvurTnvQ&cry=1&dbm_d=AKAmf-BC8XRHiBM8BDiwJK45oQVvfbzvZsCFvhCweaADXths5s3vb2ov2dB1MWT_jCfs3NKZAP5H5GnAq3xeQF9N4ySREtTNoC2CJWxM4N-RzqUG8W1BOPqxjCrtQz1uZVJ0DFfzRfqfts340sn2WnxFo3JCxBNVYTUAtOkBs35hoB7Ez42C933cmFgYMc2Ecf-xMq8nLE6-YXI_A_K1YioEAH0UaV2itELJM5m4Wqjz5lEgR27XYgNJL994m-bXB0e_67aRgD3P0dBIHA9votYWDEwhcyrPGB9y1Ys98EsrErUCrIBdzwrSgNtRGAS-MVvv60-O4R0ETMNW_eWW_0TZVQtKiEPWutE8ZCzL7dsvgpSORgNa4mmNWOj_LksF7oNgUv_B_TwsdZkStwmeZw3Amw1PAo0GRY3v-2v61MwqjmaXRWl-hTpTzSj5KKsQqCFEo2Z7e9JQf82mMZcZf9C19wWXKwbWTPZfoXgzD63uDQ9O_t_hlsdVLR-UAqP41TqSj-SFrgOZ21TYOtZdyu5FGk0K94NxCNrtqtnwC0BGc3ePIEhuRQfomNUS53MYvFX7LTNVEn-qI3f0V-qmlLP3Vg55I5aJ0WyF_5zVj9q4ralTfGrhp87rVi0nmk-koGLN5_uvpInEYj8SrdkFajsHJTISUkXVoZ3Wvzonvwv3qJe39JccJH49hn_pTrCvwqSiwJKmhys5MUU1h1NsFmCeKZRKLXsImjhBs9Yi-nVEsOI1S-YFsSmvgX5625w_chH2F9TAxlyf1qxL3xHPM3OtTKS8w2PyG2Ly8g2h3TeeaHABRZIhZk-dsjAvBpkD1zgo6Sf7AtdIvk2B3x8eq6i7ryRSkMxtT1bTl4MXHjikke_di7rpnRJIktYa22qZSmBM3Sg4Ef54gJZSebpsd-Z1Irqz-nzbIgaMrMaW34lhcDOuzhiV5f6-CkBt8Zvhu5-Miy5gIi_XJc9nGlkTe6llGKWHo1E5QJipPRnpghA4NaPCr_vlfVroOsJTjCkDTnwzZmKj38SnHN6g0a8NIdtwte6iztrUcAqFDoFfqv7xFBQG3RcPCdmyVtJVOZZ-D9qsH9VUJuVt3MuXRGnGvUehcvVMiUMb01EqrgdkH0-F4ISMk8WFz_Mv8eWurYyQPmz4TDMzd472XU8_ahqqfGgqllIpa2rDgTw2kXh2h2jj_lUaGzGGsBnsbHXUomBU17Uevfssm_KKxsIHgAUB0NYLqoYzJJbD9MEs93UBEgJbJ2guFn83V7XQj6hAzAid5-ZcekKM1WqD2RmwglzNNAo-_etHpPbFP6Su3X0U0mGvYh8N0TzjpZHMMLTHBn8xE3L13mcmQnI8DMiL7KLZAkHraZ0Yuj-ZP_07V7BDf5kE2wVHzfh27olDXbsLAVmJayg6TWOL4v5WLwk1yEd3vEFRthgGQupUhy48O2VT_n4yD_tW3L9z-cPTqTkFqpO0SLJPuLICD8t0Vt5ObVR5cYPrnvEnZ-LiYSSPCLk1LywHyGrGc6jwCidwOVbJ9XbDijNGi4ImmlfHZndhBbp6c1xdL5qA6Ifecqlwluw76y3_kqvrUv3QzcUWeuiBgxxi7ff1_Sxo37qWFzzASEM2Nb1gMT38a9zSfB99Fjvqsa4kG5ORBa1l_oroeEKMejU7_M5yP0P0509BOQfHVgD-l3468BbDkH0JSwDA8f20uAXbOI2deLv7ywFDQHp7ol0M50xZXjYxThR17oUg4Lffxmzo30GPXoBvgqZ2H7IvrXIlIM0Q3b2RTbLwRgSo_wBPBqEf80HC2SqQq4OaH2jyu_lNgrpJMAzvBgGz6cBN8zyvh9xdElLdkzl_LRv-gZoEjUngJpgl4953CpoTFrR0cjPs4FtwyXAl9RGW-lbnP-4p5CDbNXAqbkvIMZkitWvDX6O8TBoVpg2hwKE_UpHhJu4YepNS2ba3QkDtX92QSepgVGbOS7a8IdZsbQxpx-AC7gq3S4oFTiJu8-QWfg7UMPx_pUtDgLv1SdSnGUvp-o-ZR-EjXm3ZQd8v4B46SlbRKFjaO8jU1P-whAv-ruJgyg6FWMoFg_lXbq8VgQYIoUEu14KEd54jUXjSC8-OpQXASY-bpfcU4cs2Pr7cQWB_Xt2W4hcb2TifsLenfjM0yiHtjy1_3cCrfr1iUYK5ZJ-KEhmTEdn9c5CP-t8-q87pqzavWNy66n7IrR_F72UHWY8U4VnGwrbzB0qswxS9LXMhVARUJ8HxO0Pv7z176nZdinRKkqUldVp4DJi97Nls0PF3mpLhWV2F1-fTRNa2t6m536_gymPvrm6ru8ZX0nrg33hPWxMS3nAJbl8WSLXKcRhmCbrMMRlpDMeZOEd7MTTAiz8yp5YVNytHJ6unCHvtJa1_-_tCDErFQC2_LCVhG0tnkLob7Z7oHJfFgdAjXLMWKRYdLar5p9_zXbZD6pHc3xIIQavjl2kxwbONd0m2ScUPSB1hjup45je2eyMZyI0v1VIFBlz3XcxnA-9aCNnrbASUPS-0xpPWXHzFcIO2S0MePb-Mk9kef8ESDXzuAvd436Qt8tKgR8zXmFEOo43BdvUdw_M7nmOUVIV4jxPifwr96OC5ti2TXO7UV3Vd8FvgHQn_fXw2MfeHX_hQwSPOp9CTaLW291JOFi0X87TDeeoWczJColxofVIlKbMhicKJR5futWEplgM1SpG9BaMmm5oOdNYLS68XPmzbO_H5D-3NoxRMCo6OvWdufWTIIlKyigXcTzy-oDwmnl6tM0UM2r_m3YazeAY0s3F6SBUdaWR85WFfwAQBfQPwOBZr2NJDIJCyQusuKf2BxoYUEkx4yQO5GtmHWz-PHHeHK2nCumy8LKq8OB2iC6JluFYFpZyqvv_RLVjiJdOGVzgEYG7f5gVKsqncIJlK3GGDm0IYvnzm_JDALJuv8JSnZwctIa3Q6-t5tcSZqKdQeWLEYhR3HRp83lSKj1Flx1U17hjmrjCI8qXM3ZVPJIfbT1OCp-m4i855AXOdJ9DLxqVGuJ2KPZXSRF1i_PJ0x_gh2pAmrQCgiwjmsS-kM_VLGQEBzWmr00Ol9Vx7ppruWE07caw1ixFbztkruDpHNXSuiwVh7UOq2Qm_-te65XyVTm74iKLd-lGfl38kvlmf9zUjENx2WZm1pL8L52288sC18e0nCJp7nljVuACJRLMK_CU5C6ch0zQDV_JSHCwj6__dmYdIvCTxe1MhFGomYsOmh9xJ6YQJNHG1xt_Is8qWMohPvkoZ3JtyBob-I34kiulWJ04bo2iDfQksVHZN2ZglZKfYWjXwUBNqAbiCRdg&cid=CAASFeRoJQbbVNL_Qt0mkpsd4sl-tQEiLA&rfl=1%2Chttps%253A%252F%252Finternet.blogmura.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DD8F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 5130
61 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232038&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gYY84uVgp1vidYDBkNZWna&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&turl=https://internet.blogmura.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
request.php
hal90003.redintelligence.net/ Frame E30B
612 B
938 B
Script
General
Full URL
https://hal90003.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=67ad10eab7&subid=&uid=15dfe9c1ebc7ff0b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTA-U740kYeu6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9DUY2cO7BMZH3GZktpZemHsUJrSt3ccHuoc8CjeF5XfgXlctkvi3rSGVxPf9dnVKNxYZwaDM8tsUyM1YsiODaBWMMAEPodjt3ClhBQf6t-Bh6KIWVORGRTxvA8g0qFr6fS7eC5xXQ4Vkh3owiKfbJwt7TpnLsVgD42fVVxPcMIJklK38VZJrZgQQD4uctz-xtV1Ql3PjPFjqyLiYp5xwWlL21OMtkAG__WpFn3fq7oE5tZkIgBZN3a9_7jUcLDGz0yik1Bxg5nxbW6r9RULWdRzo57ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw%26sig%3DAOD64_0PUjY5lQzyCafjstNjIg8OA10rzw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-B_4kEehuZQCZcfn8EKP5NNCmCBvts7dmwu0Llek3TPj2ASdA2BFThD-ar_nrW5KzzM-AGrzyefTK2INeYv7eR56rf6eDe8lu96kKT6sKmJmO3TR2rn4qnyyfrANKaEZzcWSPD1WaEaMxIEcKgQcutqc7F8Zg%26cry%3D1%26dbm_d%3DAKAmf-CgY_JjB9bvC6wKd-7d83Gt_2DlXJKzYy2nlSn-5kfIrEir1HCrH_2X8pkJwzqecxYCqMYFqj-04uQtSQLqHKTyn-P6oY2wpV5tmGnDIbKCm8Xso01StZtXUlq2Z4R6L6LuMu6Tp-zsCKV4nZ11ZLnVHfELgWn474e4mFCxuKXMNmpIzijFm0fZmu3Ij51BsA5lbPXwHZJ6HpyZvkRbrGltjnE4cmOfnp8ZzlgH5vxRNQlMM--mhns8IMt2SwRE3DQ1IiD_QWYRdQZ_pDKdHZb88cjgtohUD4rTZ5XUvrRtBzWcurUt8u6NWioqa6PJqIk_TXJCEE4VkxUnDssLjcTvyuPVZJElv1b0Y3sBnggQ9_SszAsk60Kr4t6GoI54J8pPoXvPlRnQpbb0B0bRup3WFR2aaFNxptg6-6HtJ_Cw2ekYcAg060gUDhX-d4dfu8t0NqLH%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6460592881874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTA-U740kYeu6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9DUY2cO7BMZH3GZktpZemHsUJrSt3ccHuoc8CjeF5XfgXlctkvi3rSGVxPf9dnVKNxYZwaDM8tsUyM1YsiODaBWMMAEPodjt3ClhBQf6t-Bh6KIWVORGRTxvA8g0qFr6fS7eC5xXQ4Vkh3owiKfbJwt7TpnLsVgD42fVVxPcMIJklK38VZJrZgQQD4uctz-xtV1Ql3PjPFjqyLiYp5xwWlL21OMtkAG__WpFn3fq7oE5tZkIgBZN3a9_7jUcLDGz0yik1Bxg5nxbW6r9RULWdRzo57ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw%26sig%3DAOD64_0PUjY5lQzyCafjstNjIg8OA10rzw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-B_4kEehuZQCZcfn8EKP5NNCmCBvts7dmwu0Llek3TPj2ASdA2BFThD-ar_nrW5KzzM-AGrzyefTK2INeYv7eR56rf6eDe8lu96kKT6sKmJmO3TR2rn4qnyyfrANKaEZzcWSPD1WaEaMxIEcKgQcutqc7F8Zg%26cry%3D1%26dbm_d%3DAKAmf-CgY_JjB9bvC6wKd-7d83Gt_2DlXJKzYy2nlSn-5kfIrEir1HCrH_2X8pkJwzqecxYCqMYFqj-04uQtSQLqHKTyn-P6oY2wpV5tmGnDIbKCm8Xso01StZtXUlq2Z4R6L6LuMu6Tp-zsCKV4nZ11ZLnVHfELgWn474e4mFCxuKXMNmpIzijFm0fZmu3Ij51BsA5lbPXwHZJ6HpyZvkRbrGltjnE4cmOfnp8ZzlgH5vxRNQlMM--mhns8IMt2SwRE3DQ1IiD_QWYRdQZ_pDKdHZb88cjgtohUD4rTZ5XUvrRtBzWcurUt8u6NWioqa6PJqIk_TXJCEE4VkxUnDssLjcTvyuPVZJElv1b0Y3sBnggQ9_SszAsk60Kr4t6GoI54J8pPoXvPlRnQpbb0B0bRup3WFR2aaFNxptg6-6HtJ_Cw2ekYcAg060gUDhX-d4dfu8t0NqLH%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0d32a8d443a69cb25ddf3469610d08562a4e7a2578c5aa374cc4d2e375090e43

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
61263800027476600628852011696003
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
332
Expires
Tue, 24 Aug 2021 07:13:06 +0200
bst2tv3.html
cdn3.doubleverify.com/ Frame 2661
1 KB
1 KB
Document
General
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=12907
Date
Tue, 24 Aug 2021 06:13:06 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 5130
2 KB
1 KB
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_888959567393&jsTagObjCallback=__tagObject_callback_888959567393&num=6&ctx=1828362&cmp=115845&plc=4232038&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=888959567393&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=0&brver=&bridua=3&dup=null&turl=https://internet.blogmura.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gYY84uVgp1vidYDBkNZWna&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.20&callbackName=__verify_callback_888959567393
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
e683d4ae93972fa568e73f312becd59c3d2232a3a52a83e96eec833ffe0ebcd4

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:06 AM
dv-match6.js
cdn.doubleverify.com/ Frame 1F21
4 KB
2 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=55590
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
request_content.php
hal900012.redintelligence.net/ Frame 8720
4 KB
2 KB
Document
General
Full URL
https://hal900012.redintelligence.net/request_content.php?s=93039000027525100628852011696012&a=eef75cb6
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=3f3431ab5e&subid=&uid=d5edbdd8d10b4f0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXC_a740kYeq6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9D9fUEGwSB-TOcJI9x83Sk2JIrr0QgNcgR7osS4LsSVZHPWwCg8sdu91aPRQunHq-2SoQsZuF_BEov1tAlyS95VPscnnyXG6XDLW1cZd8zsOON2TxsqKcNF3VCCtbwooj8l7_WWTSofxJreVJe9xDBKfOozRA3V70x-NJo8Yz1J-8J2ILYiGaR1fUk2kSN5-XF6kST5jAsBJotX-G15318-FIBm0wny-2YScVgSnHWITl4SAUrSNYe039oAnyhjIeP84prwn9x9Y47LCn0qpA0NYfnABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoVhOjwlfBk5mZF79KWb8UGA_Myg%26sig%3DAOD64_1DOw9zCiT9GVQtruF5Bn4chLIZBw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CAkLioKU4wpwfSVVd9t-H7Z2mLncddHmVKNz4pcEIdy3so1mUnkmz3ozAWhXuFdAD6XcKbEinFd-qrPevV1_VUNz86EGeeY0lYABq6CZZ-bq7sD0BgyvEf7oApm7z5S8aZM8NgLECaKoRN96TrRdYkEucH2A%26cry%3D1%26dbm_d%3DAKAmf-DUetNRzXtB5wM55xfOWZXlTfS6FadtTZ_U1JZGx09mtAemZIdHwss1Rh9DM1w0XLsn1KlUezOeqcIb7EDFoEZ0UlsMl1j1RnOrv7eaf1MMSZusbMZmVEX3cse-KcDf435MRf-bW6LxeQlziGJbOR7hyeHacwZFHaSL39G_DWMQfIB4q-GT3loBrW-DSrusMK0YuhBkQMwWCHhd4WB3RQ-uaxnE4FBaWlxOj0KpdjGUuy1Rw4RHYK7bGesrweSW4J1yAM7AObnYtourBlKafUi0v1SBEAch2biytwszFpsNgRaQC3bKLfo3Q_41ppNrnSntD_93R-UZSSQpc4xLR5bz9HCCe3acMqpp_tr_oCp5xZn89oL9cD9BHOrb6TRHZdUNUwh1fKubQir96VHMeR-IEtpCpoiXe77s4DcAwDAnpvIz50HUR6i_tSy0svfdwoSP5P_z%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7927225924977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
9712e0f7f3d3f0ec8ce36693d32eb88098ef3ed14f722f5620489c4909dd71f1

Request headers

Host
hal900012.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=cd512aac7107235f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 24 Aug 2021 07:13:06 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1425
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 42EE
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e53327cf8bd92bed041d68ce17fe426296f3c1b76a3c4302e021f73ba61dbdd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
bsevent.gif
tps20517.doubleverify.com/ Frame FCCD
807 B
1 KB
Ping
General
Full URL
https://tps20517.doubleverify.com/bsevent.gif?impid=04aadf08ad9643e3bede6c0db7960600&dvp_or2=1&cbust=1629785586140689
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:07 AM
dcmads.js
www.googletagservices.com/dcm/ Frame FCCD
9 KB
4 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4105
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 13:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:59:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BDD7
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLL4mZnU7_cIbDG9HCAjxoDfQtSChjGhdpotmJ8o9HsBbMLcXZfd2Fkuj8H8d9VTUble2nsEo4l9eN-75OSwtmJhmmVsq19P6ZhSjLRFPtVe3OBNvQ9MzjAomWmk5HeWwJcFT-SeHDbKoyke_-RjZ4&sai=AMfl-YTq1R89fuEURvi19H0m3mc5NReAErttgHg4FQzKcJ-I0jxJtPLHHDr2KHWIoeVii5_oTPBrfXvAA2gfh-dL-RrtU2jpBD50YowIGTVNMMlM54qu8sPIbx1Ukyj8kWc&sig=Cg0ArKJSzANLe_EffWXGEAE&id=ampim&o=315,196&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1118&mtos=0,0,0,1118,1118&tos=0,0,0,1118,0&tfs=395&tls=1513&g=100&h=100&tt=1513&r=v&avms=ampa&adk=3140484414
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6BB2
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjxqmhWHK9mMQ8-SR615vgUUa9ugtvnrmzRAY-dXrJPruHonjcaZvUH9vigrzuGki32stFELQQ1B52sFHyZDMi0rddtakOx48j189V3pPCqv6HGxnbSyHhKJ1FmJKZMqv057y0VKDS_yDFup9NBuhh&sai=AMfl-YQpSmKeSW_MF606XvCIiH6vcBlvVjFvFuuc5-ZtENUryvE84Npab-Yn5O-n9H9WpaSwih50GHRCv-JjkbKYViuJa4ltwXHvFG2qs1GENrADhROq3vaJyX9j_Q03caw&sig=Cg0ArKJSzLpANQCh3ZixEAE&id=ampim&o=1280,567&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1065&mtos=0,0,1065,1065,1065&tos=0,0,1065,0,0&tfs=398&tls=1463&g=100&h=100&tt=1463&r=v&avms=ampa&adk=1598733420
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20511.doubleverify.com/ Frame 527B
807 B
1 KB
Ping
General
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=461b883532b44708bc2f9a6b862d17ae&dvp_or2=1&cbust=1629785586179148
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:06 AM
dcmads.js
www.googletagservices.com/dcm/ Frame 527B
9 KB
4 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4105
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 13:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:59:02 GMT
bsevent.gif
tps20513.doubleverify.com/ Frame F7C4
807 B
1 KB
Ping
General
Full URL
https://tps20513.doubleverify.com/bsevent.gif?impid=6727975459ab446a8660c32b3142ba83&dvp_or2=1&cbust=1629785586217134
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.16 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:07 AM
dcmads.js
www.googletagservices.com/dcm/ Frame F7C4
9 KB
4 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4105
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 13:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:59:02 GMT
bsevent.gif
tps20520.doubleverify.com/ Frame A695
807 B
1 KB
Ping
General
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=2a895af4bed148658e94c99b690f0af3&dvp_or2=1&cbust=1629785586244306
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:07 AM
dcmads.js
www.googletagservices.com/dcm/ Frame A695
9 KB
4 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4105
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 13:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:59:02 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 5130
9 KB
4 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4105
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 13:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 24 Aug 2021 06:59:02 GMT
impl_v78.js
www.googletagservices.com/dcm/ Frame FCCD
37 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v78.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15595
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 17:50:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:02 GMT
bsevent.gif
tps20516.doubleverify.com/ Frame 5130
807 B
1 KB
Ping
General
Full URL
https://tps20516.doubleverify.com/bsevent.gif?impid=279d8cce767846d99d47853fad06ee20&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1629785586323490
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:06 AM
bsevent.gif
tps20516.doubleverify.com/ Frame 5130
807 B
1 KB
Ping
General
Full URL
https://tps20516.doubleverify.com/bsevent.gif?impid=279d8cce767846d99d47853fad06ee20&dvp_or2=1&cbust=1629785586324977
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:07 AM
impl_v78.js
www.googletagservices.com/dcm/ Frame 527B
37 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v78.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15595
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 17:50:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:02 GMT
impl_v78.js
www.googletagservices.com/dcm/ Frame F7C4
37 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v78.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15595
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 17:50:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:02 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame DD8F
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
56
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
impl_v78.js
www.googletagservices.com/dcm/ Frame A695
37 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v78.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15595
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 17:50:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:02 GMT
impl_v78.js
www.googletagservices.com/dcm/ Frame 5130
37 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v78.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15595
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 17:50:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:02 GMT
B9689862.280410797;dc_ver=78.226;sz=300x250;u_sd=1;dc_adk=3013400691;ord=l6q6ad;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.b...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame FCCD
54 KB
23 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;sz=300x250;u_sd=1;dc_adk=3013400691;ord=l6q6ad;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=241;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
bf1d16578c9a8e7803e8cdbbfbac06f54511217eee8c25d2f792e39cf859c88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22962
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900024.redintelligence.net/ Frame 3AB2
613 B
937 B
Script
General
Full URL
https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=428ec6d872&subid=&uid=3ef70ecc4a13a4e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4xyi740kYe26Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9CWpZ40-OlMS0YOp4AsABpWQJ0YrB7V5eDgr0LM-if8H4J0O0967XGyA44S5WTsHZruBTzZrkWLwlgMZKNAA4T1cfyGDBExIiurw9gB2QECi-dxNggw1JUOvYsRdtdsYJaW1n-ub28VJSlyamdHRXOX4uPlvsYc76aBaR01buYJ0ByFm8_kPXTkTMl7BZxLk-eGZmupK6MWTEnWjDBjURV_GEZJf6oplXMpOu6Alz0xXQW5LCYnr_FTfn-WlT0wRZSWoLCIC_O0CFbkxnNGBaCALNHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg%26sig%3DAOD64_1MPGh3lvQ4z92txFZPiUx8NfIg7A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-D88zhHArREvEJ1RobgMQqYO-ZX4vVZVEpO4yRdN6QXLlxRHD3ZuVdpia-ALYgjuy0lcx1VWKaj90wfXPQryzCYESgHXLG_exAyXmvQOFC_rUYrWROtmS_kg3xLrVU_Q6xd8OoYi1aScWha2Kuz_5uKsVwHyQ%26cry%3D1%26dbm_d%3DAKAmf-CRzWceacm7Kyr_mF7vDbM8tH83M0Xona5Ad7lEdwx7-sAytAnCZBhJLETHj5XhZDjJKE399aYAS6Nz0mNYfXV6QPRlJ7mM0Lr46eKKa-cDfEiQ4NlZYKNowLwvldlp-_YpNwYqhcXwEeX5pEAUnd7vRdKMEUM38KSlskQfuo6siZB4tqXYmXU0kM1K_2REchfV5gpQ_Omu-rxSzlfryqJvSSS2wmbtCi1k_ci4H4Xvt4zuhePE8uFx2aK277QW2UNQuQaP8EvhdV_-ss0f9oNz83jwXl--zZb-yd31Tsc_eFYlaxqYBhxpAbA84ybB6Frp0WOqiAyeXdC5ush4pE0q5p-oCr4hZsa_klcf_7F1-6015f7eFKTWC1iP6r19_T6vB4xezuNnox9ktA6xcpNbDnS1axnYG0P9YIWDv6gXFuDH8oh20LFLL9rsnS760fleTFHl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6356084418279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4xyi740kYe26Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9CWpZ40-OlMS0YOp4AsABpWQJ0YrB7V5eDgr0LM-if8H4J0O0967XGyA44S5WTsHZruBTzZrkWLwlgMZKNAA4T1cfyGDBExIiurw9gB2QECi-dxNggw1JUOvYsRdtdsYJaW1n-ub28VJSlyamdHRXOX4uPlvsYc76aBaR01buYJ0ByFm8_kPXTkTMl7BZxLk-eGZmupK6MWTEnWjDBjURV_GEZJf6oplXMpOu6Alz0xXQW5LCYnr_FTfn-WlT0wRZSWoLCIC_O0CFbkxnNGBaCALNHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg%26sig%3DAOD64_1MPGh3lvQ4z92txFZPiUx8NfIg7A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-D88zhHArREvEJ1RobgMQqYO-ZX4vVZVEpO4yRdN6QXLlxRHD3ZuVdpia-ALYgjuy0lcx1VWKaj90wfXPQryzCYESgHXLG_exAyXmvQOFC_rUYrWROtmS_kg3xLrVU_Q6xd8OoYi1aScWha2Kuz_5uKsVwHyQ%26cry%3D1%26dbm_d%3DAKAmf-CRzWceacm7Kyr_mF7vDbM8tH83M0Xona5Ad7lEdwx7-sAytAnCZBhJLETHj5XhZDjJKE399aYAS6Nz0mNYfXV6QPRlJ7mM0Lr46eKKa-cDfEiQ4NlZYKNowLwvldlp-_YpNwYqhcXwEeX5pEAUnd7vRdKMEUM38KSlskQfuo6siZB4tqXYmXU0kM1K_2REchfV5gpQ_Omu-rxSzlfryqJvSSS2wmbtCi1k_ci4H4Xvt4zuhePE8uFx2aK277QW2UNQuQaP8EvhdV_-ss0f9oNz83jwXl--zZb-yd31Tsc_eFYlaxqYBhxpAbA84ybB6Frp0WOqiAyeXdC5ush4pE0q5p-oCr4hZsa_klcf_7F1-6015f7eFKTWC1iP6r19_T6vB4xezuNnox9ktA6xcpNbDnS1axnYG0P9YIWDv6gXFuDH8oh20LFLL9rsnS760fleTFHl%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b5cf91febe4dec1d83d082897ac5e96c7baced85eb937fcdbdf57a210686f096

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
61082200025833800628852011696024
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
331
Expires
Tue, 24 Aug 2021 07:13:06 +0200
B9689862.280410797;dc_ver=78.226;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3346616624;ord=n2t542;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 527B
54 KB
23 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3346616624;ord=n2t542;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=228;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
7f684437da2c61935cd716e56ace7a3c8e3569ef24d435e52f73700ab315e245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23076
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
office-be-336.jpg
cdn.contentspread.net/24i/advertiser/33027/creativesup/ Frame 8720
44 KB
44 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/33027/creativesup/office-be-336.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=93039000027525100628852011696012&a=eef75cb6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.235 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21039.dus4.fastwebserver.de
Software
nginx /
Resource Hash
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb

Request headers

Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Last-Modified
Mon, 04 Jul 2016 10:01:04 GMT
Server
nginx
ETag
"577a33e0-afe3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
45027
viewability
hal900012.redintelligence.net/ Frame 8720
0
150 B
Script
General
Full URL
https://hal900012.redintelligence.net/viewability?s=93039000027525100628852011696012&a=6c570a2a&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=93039000027525100628852011696012&a=eef75cb6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900012.redintelligence.net/request_content.php?s=93039000027525100628852011696012&a=eef75cb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 8720
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
B9689862.280410797;dc_ver=78.226;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2753247175;ord=bhjin4;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame F7C4
54 KB
22 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2753247175;ord=bhjin4;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=212;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
1156f20ef7e5fd197ab31c1b5180e032a3a7aba395872981ec7e67f803bac6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22937
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal90003.redintelligence.net/ Frame 0210
4 KB
2 KB
Document
General
Full URL
https://hal90003.redintelligence.net/request_content.php?s=61263800027476600628852011696003&a=acf3f8b0
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=67ad10eab7&subid=&uid=15dfe9c1ebc7ff0b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTA-U740kYeu6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9DUY2cO7BMZH3GZktpZemHsUJrSt3ccHuoc8CjeF5XfgXlctkvi3rSGVxPf9dnVKNxYZwaDM8tsUyM1YsiODaBWMMAEPodjt3ClhBQf6t-Bh6KIWVORGRTxvA8g0qFr6fS7eC5xXQ4Vkh3owiKfbJwt7TpnLsVgD42fVVxPcMIJklK38VZJrZgQQD4uctz-xtV1Ql3PjPFjqyLiYp5xwWlL21OMtkAG__WpFn3fq7oE5tZkIgBZN3a9_7jUcLDGz0yik1Bxg5nxbW6r9RULWdRzo57ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoV8K2AdOFdUtawbtBrdYZdRLUcw%26sig%3DAOD64_0PUjY5lQzyCafjstNjIg8OA10rzw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-B_4kEehuZQCZcfn8EKP5NNCmCBvts7dmwu0Llek3TPj2ASdA2BFThD-ar_nrW5KzzM-AGrzyefTK2INeYv7eR56rf6eDe8lu96kKT6sKmJmO3TR2rn4qnyyfrANKaEZzcWSPD1WaEaMxIEcKgQcutqc7F8Zg%26cry%3D1%26dbm_d%3DAKAmf-CgY_JjB9bvC6wKd-7d83Gt_2DlXJKzYy2nlSn-5kfIrEir1HCrH_2X8pkJwzqecxYCqMYFqj-04uQtSQLqHKTyn-P6oY2wpV5tmGnDIbKCm8Xso01StZtXUlq2Z4R6L6LuMu6Tp-zsCKV4nZ11ZLnVHfELgWn474e4mFCxuKXMNmpIzijFm0fZmu3Ij51BsA5lbPXwHZJ6HpyZvkRbrGltjnE4cmOfnp8ZzlgH5vxRNQlMM--mhns8IMt2SwRE3DQ1IiD_QWYRdQZ_pDKdHZb88cjgtohUD4rTZ5XUvrRtBzWcurUt8u6NWioqa6PJqIk_TXJCEE4VkxUnDssLjcTvyuPVZJElv1b0Y3sBnggQ9_SszAsk60Kr4t6GoI54J8pPoXvPlRnQpbb0B0bRup3WFR2aaFNxptg6-6HtJ_Cw2ekYcAg060gUDhX-d4dfu8t0NqLH%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6460592881874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4666c6c2067e71b1163469fa27ce236307a5d88553e7e04aa29404c2b86640b4

Request headers

Host
hal90003.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=cd512aac7107235f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 24 Aug 2021 07:13:06 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1426
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame E30B
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5f1853aa8e0803edc0d64a3ac016ace46b4cda27f32d64c1f72c6dbf7d20c9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
B9689862.280630144;dc_ver=78.226;sz=728x90;u_sd=1;dc_adk=2970904440;ord=95plbk;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.bl...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5130
54 KB
23 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=78.226;sz=728x90;u_sd=1;dc_adk=2970904440;ord=95plbk;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=221;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
1b5b66991214be65bbc2eb8cc232624fb727234e533a4eb69f45f1082e534a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=78.226;sz=300x250;u_sd=1;dc_adk=3087818425;ord=oxcgm0;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.b...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame A695
54 KB
22 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;sz=300x250;u_sd=1;dc_adk=3087818425;ord=oxcgm0;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=223;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
cad70f03fa4e9c5fa43d7f53784022c702099eb5e1e36b110ba9b49736304b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22947
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal900017.redintelligence.net/ Frame 7C34
4 KB
2 KB
Document
General
Full URL
https://hal900017.redintelligence.net/request_content.php?s=85077600032144800628852011696017&a=16c634f7
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=804679f0b4&subid=&uid=de8bbe4509badc30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC--PW740kYey6Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9A-FECgN1qm2PXz449NLp1lLjGB4-tbVY0zxTvN1k_PeDWyiI_QiNRFPwXDuhRsQFPDaiDT4xo9VZGpLRoFBEetloFkh5pfKh9eIhlJfkimJlKjM6A3e46wWg2esbixOMpLU8y38lAsH6Zgn9SVd-imCfEOtQRqBC_13cea7XpQaWuwVcaSbtGuJpoWTYuq8Fzx6aPS7pmeLa9mLm7wROeVDykpgoKHvOelofK7_4W-CvqRkaE6E8xr67X5fe-ORAd9And3QOLsNOFerJ3AtXUIipjABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoChi_g9TZRQIyxHenJ6mM4sQatQ%26sig%3DAOD64_2Zk1rLXqHQ3nD8jlN8fxpiVpLfRA%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-BiwW5RG85bTSTNGZtPyHbAEhwlG0Fv41MJnCFLL9_oi4MEGtSrf_PDAMbCpT7OLk45sFyQZo0yT9IAl02pNVUCGC9IMyWoFqDVQMkCt_V3zIuwF2VKn8wenw10bTjsXV5ambc2a5R_k7goOQ7geTRpN0vNKg%26cry%3D1%26dbm_d%3DAKAmf-AE17x2K6osUouOOSIqK7zQN4AsZpQLX4SKyTAomS1DIqq6jx2HTiaFDuMNt9XvZ4nQGGJQ89E69oasL5FUl9uDmvK06E1HVbz7tkyGmV1UfvKyoCeYqHz7ff9XayVXtB79qAGiQTjMnjTihiPzzMzMFMKiFG8j5linYlGd_z02mgPjwMJbLfSpxQ4J58ZMF2QzUGOn4Om9gzx971DvPR4i_Xjnl_BP4LNyQf1OnWn5mGsyNwaSeFfuVgEbsso_Yc2fB2LTf8qsio3nZMZZpIQo46raYFB2uK-ojpxTSsIRj4B7bgxGFxyTi_2-uYLhZlOA1PaMxQf3TPXymiptoCnTHy0Vi-u1-SCrhXc5fYkIr5H4V3naXKQWWp5T2-FC3fcK8RETrLuVdy8h99IbijcnfRkP0q04xxUPeW9mWugFPFqgcqwKB5ahJPHMDF-Ob22IzyKl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6151495759469&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
bc053e79aad3b35c7454e3163c4a62c9da4358087cb84fe5155ddf5626751428

Request headers

Host
hal900017.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=cd512aac7107235f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 24 Aug 2021 07:13:07 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1429
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame DEFB
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b193aa21956541e9e242cb087f658cfdd47e55382342d10fe24955e49d68ff06

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame FCCD
114 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 23:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/ Frame FCCD
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;sz=300x250;u_sd=1;dc_adk=3013400691;ord=l6q6ad;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=241;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 05:58:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FCCD
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
pc_pcview_all.css
static.affiliate.rakuten.co.jp/widget/html/stylesheets/ Frame 71F9
111 KB
8 KB
Stylesheet
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84dbb2e17cdca526a253123a8b6ab0c734db2ffaafe8acc091e63c4aa07122ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Jun 2014 04:51:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8155
X-XSS-Protection
1; mode=block
front_merged.js
static.affiliate.rakuten.co.jp/widget/html/javascripts/ Frame 71F9
135 KB
44 KB
Script
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/javascripts/front_merged.js?20140911
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e08978792f1773719a3676a24d7d6527917bd44c2dc6665d0ed894fd9aa8b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Aug 2017 01:46:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
/
mtwidget04.affiliate.rakuten.co.jp/ Frame 71F9
2 KB
2 KB
XHR
General
Full URL
https://mtwidget04.affiliate.rakuten.co.jp/?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.61.100 Suginami-ku, Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
any.pub.jpe2.rpaas.net
Software
/ Express
Resource Hash
78eec686dd271a3bfd4f8511a8591f1086bc9a12ad650f6c04c3565f510d12c3

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:09 GMT
X-Powered-By
Express
Vary
Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://static.affiliate.rakuten.co.jp
X-Vcap-Request-Id
2803a2df-086c-4f6b-5fdb-07a4ffd95a83
Connection
keep-alive
Content-Length
1746
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B27
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGO_P8I0kYbatL4Gj7_UPzpqaqA4AAAAAOAHgBAI&bg=!xcalxoLNAAZvV8FTb1c7ACkAdvg8Wj89OFQcRId5_LbEUHcCVPmPAg0ENe6fqvD4Ybs8rnYRkp2WyAIAAAP5UgAAANhoAQcKALUL9bexqCOQRM_fwBs2tIcvreqR6iqWB-QXclt2mzvFGHUWPxtAlpyIAUayi2rcw7XRmvXtUuADimxA84ycf0AiBIKQMMNsWCl2S1RP3JgxcBbk5CtbuOGjQdGDRBEONhbubKbeQwWLi2OqCQ1UJPAsC3T-zMFRkHbN1XU6SVy18yzU2-yu2y3e2hZxqgDCIdDMYgL-byrITcKD97yFUeSLj66PatZ76o_tnV35FxVwtuQC3xUomQLOUbdQLTqMokh4AqgSPYn6WAj_79YZRySwNFxdW-96WZ8tcyKSZpDavY1fV7GiVjnQcKY_ZpAZKeKn3lrHNfjW_y47cXcQxVWLvBBeuu6YvNg2JD9_hvpL07myEEXCX7ADapbcq2Z_Oa5vREtePqa-GTDSPgMw9bt92NK-fwiAEKwPvddSmMcN51vSX5vq08xGBAXjghbFN6-2QJbBGoEr2sI-Ugcp3O4L4x3FGEIKrf7UeMSjj6RN-eiZGU2EegQh3T-BzpIQVicyIh27eq1rNqpuV5pNHr_ZXxkYT-yywOGPVH0K3E7EcEw2z2LkALSnzUC_jTacdMD-utPwreE71BI_yZ4ASs_IBPYhd-Fl9rnp965uuoXlKCHMfy4unNxqsq6xQ6Mu1JaXN1GP3njHYcT4nb8dvqcpH4EWEaPWod-jibTRZNeboaek4Yh9xCb6-I-DHI8Vx3ue1pKjUzqBet2P9rtzq4IEM4a_MI5ryTNaoiDjfh0ZJ8sjSoGDpHmWuxJbFwPXcxlStXNUoRWP2la4EJ17pnwqqVZxr_EhqtvdnCfG3HCbjfyBlcNKqr6e3WHYKWvkub_829TfrfjCE7dWzDUqgmNj0oQdTzAP_bHlHDuFnpyK4QoHM70ruoTBygMST75tic-ZaK0UOO7Fp5Ny0mEI-tyA4j2fk4wzbutqPzpnwkkou7d4mn8BZw6Szow_sFqvFFSyFnXTyiT1ez-XMsBXBvyAl6-4z1gbLRi2by3IazzS5Ayv0X6i4pcGvd-wtf9dzJHJMVarxbNK6fVGG8dkoeopRQTooZwHl7WTyNC0QWvOT6mpTOLH3Pv4fKxVnfypdfKZc_q2hpEXm4GGmA3GlH0oKS_LV_eh3H8huK5nbRgu3i2z3nsCMyIVG18DQwN4fRmuLFsdG-3RoEZxFHyAdCUkCFjuF7HcKahFw-RFdovCIyWyonc20Q
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900013.redintelligence.net/ Frame E5DF
613 B
935 B
Script
General
Full URL
https://hal900013.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=45a21cf29f&subid=&uid=690d1cd74ca8070e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNCr0740kYfG6Nqm3gAepqJbwB7v6hIpXn6bi9bcH8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNUBT9AD5Mn40YaZ6n1UGWdo3xIDqpqQtl6BDEV6TAlhV2V_pL4FyZFNp61uyN0dDY4qrrIYB4fEeWqBFId7TgDjqbPtFwpsiPgZ8bHupP_hqmfH6L8O7i_QTZSxLPmbXf6AmWF0i0QYLQSI8O00VvWz9oZTJsFsgPK6ymNBICcFpLQXmX7Pw9Zx7fy-9L7BkUXQfbpsBs6RgugJbjI-GmrtEYTcPK_erdLjD3TM2KiKaGkoSkX19G4e6Lftm2MqIshxxIcoASWw3lmEQz6rp4e8I6hGQ1XKwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg%26sig%3DAOD64_1406M_SuzgFZQEMM0tZr71GJYpvw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CNpPsbw30eVLea6cPOwC2iF6q96nOO12DAmK-a7ilXJIhKlpn5ZOJP2eDBebT2OWRLNu92YXgDBOT60sOZOFPsjUiLvBRxspds2DKHdtzcmGueae8zjpFmY3ep2Ag2xU0zy_SUds85g4JjrZvy9AWy6JUM7Q%26cry%3D1%26dbm_d%3DAKAmf-ChdCH1vWRWGsLalfX6Wyt2NvfjfWojG-va5xfr3X_6cDSwT9BmoJinZaRNAckas64YeGWl164SK1I2tPi9za4pDY4DeheerxfmqX9x8dYHrZzOMtgRzW6jSrc2C83rbC_Jsq9UkXK-Luvq0TeebEdUVG6I1H-kQ5V9x3liwQEQFoSoj7lWZWDJY9HEBfNGlGhFN3D_-6ChP4N5qaJ8RgLMOm5y4h-wy9eTguEnAiCHmhhY1f1F8zawr541bUXiED-Kzq8YKtygjE6ggTCOhGqqrFy2_2EHrtmQmIQt0z1TM6fEf19PsHxGb0fJ9nTPQdHQDnzh7jcLlHknx1BWu3sLyQhyE07hp6hwkIi6wTTmOb-c24MowpNRbwerXlduw2YYu4j_JDFq_sA3tNb2oDf_l671slMsfrw18QQDtOyIAXpccFK52MNZbE_8LpQc0SUrqWtr%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=5435811801901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ihaaer67pw2u?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNCr0740kYfG6Nqm3gAepqJbwB7v6hIpXn6bi9bcH8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNUBT9AD5Mn40YaZ6n1UGWdo3xIDqpqQtl6BDEV6TAlhV2V_pL4FyZFNp61uyN0dDY4qrrIYB4fEeWqBFId7TgDjqbPtFwpsiPgZ8bHupP_hqmfH6L8O7i_QTZSxLPmbXf6AmWF0i0QYLQSI8O00VvWz9oZTJsFsgPK6ymNBICcFpLQXmX7Pw9Zx7fy-9L7BkUXQfbpsBs6RgugJbjI-GmrtEYTcPK_erdLjD3TM2KiKaGkoSkX19G4e6Lftm2MqIshxxIcoASWw3lmEQz6rp4e8I6hGQ1XKwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg%26sig%3DAOD64_1406M_SuzgFZQEMM0tZr71GJYpvw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CNpPsbw30eVLea6cPOwC2iF6q96nOO12DAmK-a7ilXJIhKlpn5ZOJP2eDBebT2OWRLNu92YXgDBOT60sOZOFPsjUiLvBRxspds2DKHdtzcmGueae8zjpFmY3ep2Ag2xU0zy_SUds85g4JjrZvy9AWy6JUM7Q%26cry%3D1%26dbm_d%3DAKAmf-ChdCH1vWRWGsLalfX6Wyt2NvfjfWojG-va5xfr3X_6cDSwT9BmoJinZaRNAckas64YeGWl164SK1I2tPi9za4pDY4DeheerxfmqX9x8dYHrZzOMtgRzW6jSrc2C83rbC_Jsq9UkXK-Luvq0TeebEdUVG6I1H-kQ5V9x3liwQEQFoSoj7lWZWDJY9HEBfNGlGhFN3D_-6ChP4N5qaJ8RgLMOm5y4h-wy9eTguEnAiCHmhhY1f1F8zawr541bUXiED-Kzq8YKtygjE6ggTCOhGqqrFy2_2EHrtmQmIQt0z1TM6fEf19PsHxGb0fJ9nTPQdHQDnzh7jcLlHknx1BWu3sLyQhyE07hp6hwkIi6wTTmOb-c24MowpNRbwerXlduw2YYu4j_JDFq_sA3tNb2oDf_l671slMsfrw18QQDtOyIAXpccFK52MNZbE_8LpQc0SUrqWtr%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
0cf2f33dd98a9abaf5079034dd99cf43bf8c1159fb9fbce69bbeea9cb5701b56

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
74129100029320600628846011696013
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Tue, 24 Aug 2021 07:13:08 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame D11E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoNvI8I0kYcnyL8CLjuwPudevMAAAAAA4AeAEAg&bg=!np2lndnNAAZvV8FTb1c7ACkAdvg8WuNdXYhJeUmgsUs5VxcymjZO4Pi0thaNaadYs9xWcjFjfOYUgQIAAANzUgAAAK1oAQeZAstX2VItbvYV6kYew4wQCJpwxEwNradZYxO-mOfxwhQhesC7HKvzl-7jGpVIEKknw-pEHjSYbDUtGQu15gE1c2rxMpsdz-L5kC5CdK_jV49Cy7mpvbUVTCxbGZCw41_AlDzWc29Nbys_aPglIFgH3l25YbSEbOAAFUQdHSkP9B5eJMtfKmlagKbSrU6Ubip55rkPPudi0zMijauKPb51b33SrS-QI-YDBir5G1a860hHQiARhuPrrHkGk0qNsfOqUjkhEVtVZHpeiL2GORpmv6LM2ExhiCyqiQ9q1i5zqcuyc3vruc83wuMY__THu3ZenklWJl_feASjK-S5bT-VcCaXlLCPdNIqnb9ZmM4PI0DL4IomcmQbNqtaxkoAvxa7GVraRCjyvaP8S4UCUfWs3ZxA4QiJMh9F2AOA16M0P0ccNb9_f5LINO3Iw9UsW4wHl7F-6zTSzGjJWUKqsSLczZUhYkxhQC2YgGJyvMT3ybH0ZXTIPM5aoBOVIQ_YnvHTDHapTGghwTMe44_ycCEt2B1yNItcyNXXoKZjXmKm4yWMV6185pVgpg2rLgPLNvkkax9CQCxyLnXGcnhgxgRFzji37EkUrvQLyAsQBzmvGEukOfgqXoyIWhiVAq1ymL5jZLdGRunJGBwOxhiT7fitTDE5LtORfOfkuG4jRzMGfLHc3ZmQjn8uZCNpD5nF1xf2Elvo-3G0zKdLKy8K9w3LsBnY78pTi-hElvIulzdXFhQa1mmCm_CxBzobNpoaosBDivUAYywZez3u7qAbzyqiy9c6bu2jp3B3RSsn8vuqPBTmdZ8PVjVYzpH2Xn2zQTAcNpQHj-B0VzONsgau7H3FXQd1dOVyxv-PdDvuYrxHb2YwHqba0eM09GQTVrAZdwUJ-fZMv4B69qDbOSSj94WG7tUdO9F7qGu4Eg6qr6yNXKKxID6Mp0eZyO4hRt-g
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getMWConf.php
xml.affiliate.rakuten.co.jp/widget/conf/ Frame 71F9
35 B
325 B
Script
General
Full URL
https://xml.affiliate.rakuten.co.jp/widget/conf/getMWConf.php?time=1629785586923
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.16.123 , Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
xml.affiliate.rakuten.co.jp
Software
Apache /
Resource Hash
ffa0c516b15f890efae5ac5a88d63d9f87a234ed431e599fa603c09c9359626e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Connection
close
Content-Length
55
X-XSS-Protection
1; mode=block
dv-measurements1710.js
cdn.doubleverify.com/ Frame BCCF
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
truncated
/ Frame FCCD
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d9b8298b411bbe101ad654cf53a94fcb85c1107e6151c192befdaaba8997a32

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BAF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiH338I0kYbyCMPKAjuwPjPW7wAgAAAAAOAHgBAI&bg=!n5ylnNjNAAZvV8FTb1c7ACkAdvg8Wt-u_tF30jpSuzoBwRrO1SBPLqFJRyIfYG6xeYw9u635asOEQwIAAAQEUgAAAJtoAQeZAt8nHnxJpufMpIGKcNVaa87D6VPYvNtz3cnRxCI2g_4tFSMSDG-M-cJIyZ0gQZoOvur1gV68uG6Ao17UZT_OvFW06rneqHPt9OSNX4_-iLZYLXPfgLboOMBi-qHRQhqygo350HEwvTH3vIogV6s4bGkLZKoYtNBdZrd_bu1kkJcG8o53OuFOToiVsPt3sLoe2G-4mz3b50PfyilZsXaCQftcg7h16ahoI4L-Dz4SRRiGT4tqZCqKsLsvc12r_cCm_Fit7uDCVu0hQr_FHk7HHkghhghwnJ37gZ3akKkpqevtugMLxLE6Pre6BGmu6nuasjF0j1Qn0LNfu6ySQlTNBZ0LWIb4YbwFKQGwQ7VQYcVbBRFaSTWeoZrKZTMm1n4I8vt-136zqNncNOxAl9Mc78CMUVGuUr2ndlVDR1N0BvxZqERNTKycBVZU8ueyoyykrO0rMwtEtIqlWvEaTb01y_ffQaawbEFJcJSjPCbcjw-m6_KLbiwwmyCIvYXY8O0FvxB_2AeNLaO3XLDQybwS-tUA_qPDYPSYH7zAOHk8JEGhp23nQ2L8SokJ-DxrOVXtCimMppyWBUNtJzFCz7uuNY9UO4YIjd_KgnyW2GEpCbUR3WGZsU9LNi4353BQizLaVU1xCqbNqK8oUpigH3Tej3IpV9sKMagSH9PxzUsUREsbD43z8f2D9XyMy7I27ogjAl5WWH9sZpld25cjk2rXhlMIjB3MVzW3MbA2wBZJMn5PFmpfmrgAv7lkI4Te3_jFLP5nwjrpu1daIPu-xVoDmKGu9oFhif_Z49uQUtBVbRYnnHTMZAgAVDnKIdaxRUwHKUTO3eVK24pBj4yz2-SDE-mHBeXH7Mc7H1-WsDH7fhZMsjFi3WfX2Whph3_kNIOEv-UcbMPsCwiBgxwqv7_-6De78g9emAbkT9T1IZtEcdXLI-U88yLr5hYzOq8KVN_MYS2GWRHp9llYcSR-y32wG1s
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CD7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4hHa8I0kYcrKM4Xj-ga40ZWICQAAAAA4AeAEAg&bg=!CwilCEzNAAZvV8FTb1c7ACkAdvg8Wj4-TW5fDiitu4LGUn6t66XUmAndeuCm-eYM0tPTiAZpqPPICwIAAAQIUgAAAGxoAQeZAtltaLYEMYjBwmi2ORdZ6y59txGDt2KpIrmDR4tfcaqQIssIn6qh48AIVP9bLwYk-fnuVI3eSbWT1ann2gSL0tnJwk410LTZr9ONwrssREirXIyrjv6t9GBWTVgF9wVOOtZKtu3t0zchYdpvXKvhfIfwPKPhfV-kvYwucfFbAk0HQCTxxhvANHiJ5oFtsGoMe0cviw8Mcx-RQFgspvZiVDeriLNzZVB-hfIGKD7RnnGRvYH-P2qOVCtdLdGPvNjAP2g-af4tXvS37R8mgM_e0ptdShgwqxgtYNqOjJJHYj3yOhtc3Q1_4kbUzjL0pnuRC1UbD9cN9cHjQksUGGaWdL8lLHKWIPnFtYuo8vIcUqp1Bqe4eSbWSLDRFA1RAyvtQ0bycOiiCgHwmSDRS3QqgKDRFpzALfn5YFUa17bpJLywS9IF94PotKOh1KnDXIvXlog4aM19y9km1vIsqTZIHm-TBgDEVZvjV1nkMIpdhHJC9kAI9Y4ZLRk88TarXWZkwWBPSLcpwkb75bbzFeYpb5IVJhwe8qM971ly2OfefeTRB2mYWUs46FL1VbiF98Qxx-B719Zjknuvli4S2g4-qcL2t5Z3IPaV5N0f2EnDvKntd3n_8ypQqQcXJZEizmZHjsdswbEEteGe7xoMHZVRrzpR6smJ_bvv-ChNHQ59a2pZ7VCfjR_aIOAbrueLrK1uGUGBARsmd3g7tQY0jK86SxM7trpVu-CzqzXADgE-hhOSrTs5SaR7nwzqheH9keme-egOYzH2rWeoo9Q0p-IdMUYnWWoJFz8i91bRpusPEsxo-e6mQIg0MowYvAxwX0uN5ZB3zm1TTHgSsfbQokQjMRJGf_HssfQTe8fr46ksebKOkaQUFSnsqhD8Tt6ONsB48D5BNtIM14exYO0UbJg9QIrQE4eKRPnu16XgUfz-o6G2pKFrxRuWZ0dOp296DTMBBLjgOl0IIx2_8ak
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EEB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdGiz8I0kYeP6L5vRgQf2rr2wDAAAAAA4AeAEAg&bg=!_v2l_bnNAAZvV8FTb1c7ACkAdvg8Wtl4h9ZSBt3p2CEV8Vep7NEz_-M-u9pjL1A9MJV1BV8ZkyOtfgIAAAQCUgAAAG5oAQeZAsVRO1dxNTmCV951qFTvpNH487nBgsUsKhUwnCr6u-tFGn-AM4anLkhmZQXivniIqEgtHioMP4odLxUvJ0kvJFdZzFOnWAAjFVW9RqbYFBZcQC1qIp8_LmKUMKCmLap-LwseBkvxasu1_LlNso8Jmz73dum8WVB0s3A6txPKSd-uQ8n1eZfQpRmLcA3i2-oqN5LyP6UvpkX5yF_PffiAtba6Gx33-rCWgzYvvg0j9tbjMzmPQ-T46K13VpVFlmJzPjNFJFmyslUfi4swH6HmFLkMcal52s7C_Gv-RLgPLKSnpkZhyNW3B84e3pH8p6a4a5afsE1922dRTqLy7md6h4gcYGPXoQcRbhLOHiUXaRVcgaC_5455Pkcav8W305Xi6ia0Acnr-Fqac-bcW_2ECE29jiJi9Ktbs4Sgp5_CD66pnGAv0GwYT_TlmjnSXXXltwjJeT_btSqGVFzik-Bbw-u3o8uc3GrPpriyUdmo0xlkxkjSLKd14_UgZdc5ZsFNhhdLRNNPAHrxYCQuTXzP5QcPeL-Y5VdbMWYTUomZ_ag5r5xWIjyFDNVtUIyR-ZJLeyRCheH_7zetQV8usTxEpx8Ll4hXFZ9WrzPUPPA4elu9BIdipMPtSvk9uiamYIRbdXI9YegHmHfu0yknVvKEypll8fjCzaXZcJcqYq8upGK5PAeM3bI3y9FDbvJPjh8glHevQvNfr5buIa5m_sK2D8Uv-B1B2PZqmzahfDzByaFgttk9fqSQYmTwrYqB-eOJJHU7AwVBYWfy0_L9pcQ8lzIE2xq_M2S3DLo2iRjjjv1O1HwlE_uAfw4WOyeGHBUsR7IjNMny-kyG792zMYeGhLztf5cGATxAfdqDM1GdhoFpPOJh6JmjQecRBkbzeF3ODHDgmQCq9m6CDc2TN_w9cohDFmc_fifsqC_906HQfOoFK66nqacQ
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84D5
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwHSf8I0kYcfoMLWi7_UP_se48AkAAAAAOAHgBAI&bg=!3N-l35vNAAZvV8FTb1c7ACkAdvg8WlcPH_bXvI3lULy-SrNGEPGpmXKLAp7MwMmUhgS4ozs13dCLeQIAAAP5UgAAAG5oAQeZAssplqkXMF4fjjiPOeMRiJswvRMgs9teVjKffLZzC50_Jl8EG-r9Tqh5w36P_YYcByJqCOsFJ3Hn6n5s8VhFaK5i0bUalOy-ctTSsNe49AQLRYjAKX3jv64ZOobpdJPs_-EUEBUpxUnMME4UpghsJwFrtEQNIyChygsgB4JpvBWjqfshKV4zbu0LJhI7c4bF1lDEG-On9d3BB4sfCkKJYjJdN46XuK27xR-raFxVJpcv_DULsGo07QgUOaaoSm8gaMEZMFc0FkOZ3iYjAhbiNbAB_r5_1NKFh587AYsANpaUaJO7rzZAGM2MtPjOGv8wuzQ8-oAO6krYJIyvBAmhfaqq9x0xbyL-sqh38dwQ2raTfYxcmIae6jv6pvd8z41RR4kVvJpEmnek3vb3j1t4piO89vBVO_k-Zd8dafKxwn0TTUPLjDLAqZkSRlDW8UxMrfmr9CR1KjLqRlzIu2OAk7nmYjr28Et-jz66fR7PZXZ76BOq7BEZY9ParYvEWDrSCkl5b5kqDCHxLY_Oiww4Z-hbHuUgKSGN9tBEEG_8ZUBxcAWH4Eq1t3FG4qKQqH6ojTUvn7W_Q0PTcJyXwTWWoOgL_v642Le3OpDR9BbEeUtr4K17iAF0Xu6levXqxLmMatESDBmJNceGNRzA7iYOkBFLFfMYWG1oibbs9nvPWKOXhOVFWfOD5PQ-gkmUDBpe5qcOWdpkKklUKJdkQe3Tr7e26SNhIpqj783KttP5gD57PNeQaa2CVCgsTrc7OVWCp-7bcWSKuu4vil7VJFUOVttnkPA-1j5r8LWodSZNYyOu0bchAd15-JeRmjLgpJ1NwGAFdlGWnWrxta_B1282GaUuonxhvCXx_QUaeWs0aixTBniYKQgNyPJXTcY4jxHeUSHT0kp7POCpVnnKjlVTcf3X2-OUmawbPW3sWJ9anRj62-iJlqFD-tqTR-_1
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 527B
114 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 23:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/ Frame 527B
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3346616624;ord=n2t542;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=228;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 05:58:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 527B
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D534
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBqIJ8I0kYbD8L5G_3gP-qpXADwAAAAA4AeAEAg&bg=!hIelh8PNAAZvV8FTb1c7ACkAdvg8WrZ9WptjUlt6RrefNhKaEOWeOlRMEPyhIv8nuXYW_KOSlqYrIQIAAAPqUgAAAGRoAQcKAMwn4Lpm56IMnAdqtCDDNGtG8F_QtRBXmMJNUSBYuML-rWwDC51aoAqidWyhpMXGeiHSRKRsC_I4WOAMDsbRMx5oErRceoucTxO9bQUn6ElqZq9MDfHqzmDEYo2zHaR3gi3FIt6WV0JeVdVLQ6W1LqqS0MA2RuGqQjMFrFtbv34IcmbkBzjrppcObTwUwYu67B468Wt7hA9PUx8AtdPh5Qq-wFnBMsd9uha6lepVrvMGOggmS_D6O3Vy6rI4vsyuV1NHN-pDCtGqne_PazaZAscgwev12xj1h5LhfwUKgoXI_giu7hWBW02GG0V45iHiFY9R5h8qmdzQ9Pv2QWBw38AKCnQQKHCrORYMba8gtBzBPzdQdBCRnebPnDq6qJMXr-4f0gc2516_vg7p35kMYws2Ievgvlawmp-vUa359tdoaMoopafu2NG_5aUO9N4N2bdzOmoG_BjJ8PDB3qIXCHk9_9-xLqFinHc8bTno6Kt6Wf4B3HYa_wC54znqCt8ZsInMhT3QJC616yMhoq0iqHR1nTNCyUWPt0_1Uu1bW7q8h4ZBxzBP9Pdy-p5uyz9iUn090aEudI6h8r4o1_2JZ1CaOTIhOS9aut-uqopi0M_8ax5ZP2h4HZwX5j8VgZjISpcWZRUgC6tfKLSUf5tV5S6Ul6iRRP8dVEC2xnGH--wJ6Ik2hlQKQdhW8pKIHkUsrj5d2qOHBwQL14sYSqEk5zk8hx_aujai8M0DVoLg9gJ44gYcWiQACIA41I7eo4yej9yakmg9RaAFeS7jM3UXLvzis6mwuG9UJbRJw4OQpYTYxumykaHsnQDXjsfFVa7UAfE0jmQX79I7nF6411TS6igKWA_EXS9dsLw3ElEftt1BY34z4VwK2EuRW86rPG98euk7u047ANOWkO5xV5RoUgZ3GwsMgJAxs5kRc9Vw4O-mg98qNE6ou4NLsfkiPSXEdfNmnuniZlx7jV7RUOBmD8hQcN0TcUKr3Iy-N8r6xwzHCqNY-RCfG2DvUq9C1y8AIqRBC9bXBBjB-raUDtM6CXPYuBN7fny5RbWG22h8Vv20Xio_GfZ5hsf7VQof3uM8_tDyygjyMIbKOuXICSYJ5_uzJCcIL5Vv2uKf4IiFYItEWEAp5h3ltOS9LP4Mhl5RvDcmnlqBsDdQ5rVLw5oMpz00Q5ubTzOF1ofPy-UIAFIgh8HPFPtWldG041-rzfjO6WIXwnOjVDc
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED20
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bp-hc8I0kYb-SL-yux_APgsKFmAQAAAAAOAHgBAI&bg=!xcalxoLNAAZvV8FTb1c7ACkAdvg8Wi5to4ywiMhsBVPrwzUtGXCoBuuyDBIL4dU_PRpY75fh2hzR-AIAAAS-UgAAAGJoAQcKAAair4eI8t6ZAsuWGuVtAYaVqtWYHxvSW9h2bx6uUkVGlO1lRPu2mMOFiB1t1xjNc9dqMeWuqCtIb_ab15nDHCWpokvwYYkrxrDfU-rmQrMsYwpmQMJJmLTpMXxu4ZhQvgKNusZoFJpgni1wr4hrM8SKBjP90p_yVTha6uiPAN-bn1S1q0wL2dq8bsmD9jJjVzoJrtnZxitKP8zjcLFs7HC7qxgs0y1h7lw5p1zklewN9YUKtt3io2VVoNXhCyfYuzk3aKIdwkjg6eC9oDu7-UziAcFKBMnXv5KEUzDYSg4LTcMk_2YM7AVW77klxXlpq3zmJM_Tlbxe0Oh7Tzp_5p-CJW6ATFxC9pWG41BCzcMB2VsyI9ZBADgk6eVxdbfg16GpX-N8ZvsYFOGeugWyPYY-iu0dywsmlacyFOuCdv58goVHtjh3DHvQQLOUtIbZBxPaVffAoPnyt48zaILFBCwoSFlQ5EAFVmpgmEXiFBYONDdY7Mvq04T4gVA7hOy9L56LbuNkOTIypVMNQWMhKqqcIpyqqmckKOezKCZ_coUBLXt8tVBqAWI_jnLwyWjVSStFQxT8yhFLtZ_LBdr1XIU6YKd0TEM0anWtk9L0E11flj5S-l2C0hlfkIO0RXCGXoeLmAXgeZ-TTVjMzfVM5-BVSHVHtjFAUbUiW6J4rK4l9oIZf3HzuwweEyQvYgitj3F8wtr7k3aXuVGvn4lGZZNIjwVWTYkFPCuKh62ukYdEP390UkDoOblsBK5-AEGAjzzl9E8JO11LXme2IBpoNXNYLPtOpzRS-8fZYCXMbLGWMyZlA8z7c0HXeTeoj8dbKhXucqKEHI7PYa_1pEGZaHG7VFO4nJFSznP_GGpiQwK8UpP3weZ_Yvck4zgE4X2h7xYUBQSokRIf4CumS4Ay-AgxXyG_OApC4oRxCM621mmHo057f1bTSAcyasOhgm12TUPIYMzD
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 861B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvtp_src.js
cdn.doubleverify.com/ Frame FCCD
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&num=&adid=&advid=2276943&adsrv=1&btreg=502952840&btadsrv=doubleclick&crt=139285048&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
index.html
s0.2mdn.net/2276943/1602614866015/ Frame 0BFF
5 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/2276943/1602614866015/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f58795a6ad38f25647791d058a0bf9e83daf3fe783f1ea3b674cf53815f48b26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/2276943/1602614866015/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2129
date
Mon, 23 Aug 2021 14:07:39 GMT
expires
Tue, 24 Aug 2021 14:07:39 GMT
last-modified
Tue, 13 Oct 2020 18:47:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
57928
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FCCD
0
545 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssE4jFAo7F1Xo6n4TmroSkQ5QGMil7PqiZxQIFWB7lQvaOR_p2vr1tJO49pdJ2hxm4xw4V-3nBWVwEA7mArJFe4wJp23oW0-i3JhBpiSJICVPzC3SFmemWtrPmhozv9GxB76qTQnoZBLE4g3T_umF7Y3ge2dtZE_-OSpg&sig=Cg0ArKJSzCkz7qp7IWA2EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=172&cisv=r20210819.72172&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 594D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIpo38I0kYbHGMpiPrATPqpPQCAAAAAA4AeAEAg&bg=!ycqlyo7NAAZvV8FTb1c7ACkAdvg8WmRWWoo1dv_kD5Rgr290JKn9Bb-psc6UkdND7yk-F7fHJUOnogIAAASXUgAAAHpoAQcKAGfkADBg3Feqo3FG4qfhnM2qLiQz0MI8S59yzyWNtP3ssM9SbUIaCyEYoVvOzZB2TxEUijfhr6JgmXA6299wQ4C6A1n47eNiZCPjktgI9Mn-mJbQUa-l6iTiOPG3UvF4x0gAjevShtHCmQLrQuwkH7toYfuCu7W_6W3425-f65aRuXp5oqvtUrM7jFpWJhHk9hIERcwVnGN4q5lTSqAoQ2zRm-xQNPFGWpjd_3BGgZ_uWOP2ymDOrDoksIzpR-YiO4YXJnmuWcz1JXhPWmHx8gGeBouE1bfd0tuSEJ5uHu0NodeAkfVHJVqyFmP79bX56qEQ575Hr01jXpjS1G5nKZwSgj2gEpdpLl6ZTKrzS6lgBMXdC4EakCGVUiVXo09loRv9QTa6j2-PDbLmkVa7nqwIqiSctJvM7f4723NVB0pCLwyW8B3SkeyZLNijqUTij7Q-cuswTcgmyBX0WcVWJHJ7pZZMCfontJ7zfivzVRbZ60QBlIF7OgzhQoTjC1JLqsQLnAzxL2PrvLC81ObBEJc1iIfaqQWxh9yAwEriFMKg9WFNmmnC6ND0hwHhtQNPUoR7-43_lKQ_bPW7NHJ26MobzgibR01_0lRv_6X7UZz-F-u-UQUhfuu8DBQ-qljv18amEOaM8v9o5V33qAoy9gwhU_p7kHPPPa8Adb1aiIND5XUq9JO3NyX1X-UBqzoGpMBXlnXyPKd1BbfVTnOOo70EainAQ2t0USlZsJ2oDSHF-5FqcN8i-6VgJ6-YtH3g7zBsChC4-j9eMkZh_fqnDd1aMfyci52mV5SeDyAbcquXrZdufPP4UhqDrKyblwSxYYCASrNcuTDms5vYXKjiHtzAv7R_yqBCQr8a3tplit444ZsA_g64Mw2xChWPL42u_CKBoIxAvW65pS2k_7c13Ph-oqXzW7mbWRICWDvuy6MuhF2vvwYu-Yw-5NMMTJRLvQGM6dx4QEQzvP6hvE8g9mfOHRnpK-Ye6N53d0i644iMOiCKN6rnOf8XPciS9nuCZwV4PpG9QETqFkwp4TePDcxyBUxnxjP-RmS6b54sWkSn7KfdbrMBArdFRdbIq-sTlUd2MhIPmD6OgUaoHYoZ6HnBJksNJzJoRl3Oo_uk6CtQwXkwjyEX
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame F7C4
114 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 23:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/ Frame F7C4
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2753247175;ord=bhjin4;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=212;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 05:58:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F7C4
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
request_content.php
hal900024.redintelligence.net/ Frame E739
4 KB
2 KB
Document
General
Full URL
https://hal900024.redintelligence.net/request_content.php?s=61082200025833800628852011696024&a=19c63003
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=428ec6d872&subid=&uid=3ef70ecc4a13a4e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4xyi740kYe26Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9CWpZ40-OlMS0YOp4AsABpWQJ0YrB7V5eDgr0LM-if8H4J0O0967XGyA44S5WTsHZruBTzZrkWLwlgMZKNAA4T1cfyGDBExIiurw9gB2QECi-dxNggw1JUOvYsRdtdsYJaW1n-ub28VJSlyamdHRXOX4uPlvsYc76aBaR01buYJ0ByFm8_kPXTkTMl7BZxLk-eGZmupK6MWTEnWjDBjURV_GEZJf6oplXMpOu6Alz0xXQW5LCYnr_FTfn-WlT0wRZSWoLCIC_O0CFbkxnNGBaCALNHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo6eTV8i5_VMsjAXflLxnkpo7Ihg%26sig%3DAOD64_1MPGh3lvQ4z92txFZPiUx8NfIg7A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-D88zhHArREvEJ1RobgMQqYO-ZX4vVZVEpO4yRdN6QXLlxRHD3ZuVdpia-ALYgjuy0lcx1VWKaj90wfXPQryzCYESgHXLG_exAyXmvQOFC_rUYrWROtmS_kg3xLrVU_Q6xd8OoYi1aScWha2Kuz_5uKsVwHyQ%26cry%3D1%26dbm_d%3DAKAmf-CRzWceacm7Kyr_mF7vDbM8tH83M0Xona5Ad7lEdwx7-sAytAnCZBhJLETHj5XhZDjJKE399aYAS6Nz0mNYfXV6QPRlJ7mM0Lr46eKKa-cDfEiQ4NlZYKNowLwvldlp-_YpNwYqhcXwEeX5pEAUnd7vRdKMEUM38KSlskQfuo6siZB4tqXYmXU0kM1K_2REchfV5gpQ_Omu-rxSzlfryqJvSSS2wmbtCi1k_ci4H4Xvt4zuhePE8uFx2aK277QW2UNQuQaP8EvhdV_-ss0f9oNz83jwXl--zZb-yd31Tsc_eFYlaxqYBhxpAbA84ybB6Frp0WOqiAyeXdC5ush4pE0q5p-oCr4hZsa_klcf_7F1-6015f7eFKTWC1iP6r19_T6vB4xezuNnox9ktA6xcpNbDnS1axnYG0P9YIWDv6gXFuDH8oh20LFLL9rsnS760fleTFHl%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=6356084418279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8d61cad67a92c126c451d5687f2c8c0a53509ba7bdf1e610db3cec7d139e0e7a

Request headers

Host
hal900024.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=cd512aac7107235f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 24 Aug 2021 07:13:07 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1428
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 3AB2
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df53a740a684c7f852ee0b3f8eae0d4ca509025511ae59b0443487e33c823f8d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
loading.gif
static.affiliate.rakuten.co.jp/widget/html/images/ Frame 71F9
17 KB
17 KB
Image
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/images/loading.gif
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69a984093a6529657bc8a168865a77c7f3dc6613313464bdac5538c6713b4d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Jul 2012 09:57:54 GMT
Server
Apache
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17591
X-XSS-Protection
1; mode=block
buttons.gif
static.affiliate.rakuten.co.jp/widget/html/images/ Frame 71F9
6 KB
6 KB
Image
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/images/buttons.gif
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
48b9db4b0432bdebb0e6772f033d8a04a77712c973ce9d774ce7710e2dc73fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Jul 2018 15:20:50 GMT
Server
Apache
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6306
X-XSS-Protection
1; mode=block
dv-measurements1710.js
cdn.doubleverify.com/ Frame 8BAC
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
truncated
/ Frame 527B
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbc70748c90ed21b7ae2f69b24824940d3313af6e3dc46cce0e003ec287f4715

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
visit.js
tps.doubleverify.com/ Frame BCCF
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=279&ttfrms=33&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1629785587274116&jsCallback=dvCallback_1629785587274272&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://internet.blogmura.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jQ7U9fKoSTNJvyRnpyj18d&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=54663009880.55695&dvp_tukv=1924.50912302105&dvp_uuid=587670752.6231407&dvp_strhd=0.8000030517578125&dvpx_strhd=0.8000030517578125&dvp_mib=1&dvp_tuid=549169968177
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
3fa4cfa29dae3a32f1c16189140f5aa0c72c54a935604cdcc4422ceb868ed58f

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:07 AM
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7BC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw27F8I0kYa3BM76AjuwPs-e6iAMAAAAAOAHgBAI&bg=!ra6lrurNAAZvV8FTb1c7ACkAdvg8WjDCtRZWLi8IdBWuVQdY3bWMCGIThFCpVeR1MdKXTj_efEZY-AIAAASOUgAAAHFoAQeZAsz15aFnRxOAJCgO9gfM5tAvYGqxTA2gGrHPdJcPvphAc_ToiCPxzfUYeVqEfxHW4n6fhKIEDidiHv2msnsHOtsSFC7S7aUGWJ65BMxr49Vy5-0LDX4eVu6uK3SLXsO-RvqeQenOIyF-DrrWWcGI28AsIs7h6bi044BIsjQwMgJtz5JZyKnJV0UVdP9S1QDaTBcMWfw7AkBOAUcyeGZqusYcmIpwj4fACimXKD-S4Xm5iFk0S5P_8B6ItG4xMOyW17-trE5VG_j8C1cvRuW-RyT3uIinKTvl-ebCU0oxkjugIqMLxCOqf3l1pyi2CcwdvOvmZq8nsW3KU6zakRdaSRrXiLikAzGjgjL6jQQkc3fEIpNu10XUeV-BzAe_UDgglBD_MsiMOdj2EcUzDMkz9edyyZgQfHJ33CHP_Ltm6wkFKj8CvJ_zBN34EzFb0qIeEG4Rn59uQFmdxRMyRF6ti9jyUM5PDj7YzcPNouOI15bYsUXJJAbenIJcgkUO0VEb6QyWeirAj0V4hUMroDd2phhCt2SAUtF-024EGl0r61ETsEdwAD9ov23qn_vV5_1qWEd7o7YD2_r_bxW0ElW8wf9PXZqvldJhFfs2OwCXQxB0PXohwWNA90pnw2EmEsGPYO3WXsx8fdAuY7Klu4tmgnAQnpvrN9ms3SeQ6Wfl6zWPJMKh5109hkt1S3lrapRJQv3wnerGmwXi8zKNGKlK-2DqPEC0x34FRFJNQRIlut5PUevCD78qCbLw9gTDctGwGwr3mJvDvctYijUkwgE6rnW_DMvXqnlnNtnj70L-DgzpOKvN8xQMLN4mLvgMhUt_ETUOojimCalSYTxsP36lqNmJrBPaRjIFLocOiLN8b6bcka0wN_yDh-ksjbOmoJ96rafbOgw3qQxQDVQHQzP1MoeWr9WXWFHyaydMxVDjPofAra7db5Wh0OZ5FJbqCA
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
office-be-336.jpg
cdn.contentspread.net/24i/advertiser/33027/creativesup/ Frame 0210
44 KB
44 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/33027/creativesup/office-be-336.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=61263800027476600628852011696003&a=acf3f8b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.235 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21039.dus4.fastwebserver.de
Software
nginx /
Resource Hash
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb

Request headers

Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Last-Modified
Mon, 04 Jul 2016 10:01:04 GMT
Server
nginx
ETag
"577a33e0-afe3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
45027
viewability
hal90003.redintelligence.net/ Frame 0210
0
150 B
Script
General
Full URL
https://hal90003.redintelligence.net/viewability?s=61263800027476600628852011696003&a=70226a39&vb=m
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=61263800027476600628852011696003&a=acf3f8b0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90003.redintelligence.net/request_content.php?s=61263800027476600628852011696003&a=acf3f8b0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 0210
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
dv-measurements1710.js
cdn.doubleverify.com/ Frame FE97
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
truncated
/ Frame F7C4
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe86727b67e72214062ecf5a3f9a727808c19b2d524e78e31a72146bb6873ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC01
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvtp_src.js
cdn.doubleverify.com/ Frame 527B
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&num=&adid=&advid=2276943&adsrv=1&btreg=502952840&btadsrv=doubleclick&crt=139285048&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
index.html
s0.2mdn.net/2276943/1602614866015/ Frame 0EB1
5 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/2276943/1602614866015/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f58795a6ad38f25647791d058a0bf9e83daf3fe783f1ea3b674cf53815f48b26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/2276943/1602614866015/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2129
date
Mon, 23 Aug 2021 14:07:39 GMT
expires
Tue, 24 Aug 2021 14:07:39 GMT
last-modified
Tue, 13 Oct 2020 18:47:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
57928
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 527B
0
60 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0eHyT-3xnX_o_sw13P1-G1kNu8PKpIbSJa4Gr7lnVS658-nHGCz6zIIzFuSLOVJFGa_VE7PazZojtwuVMP8fA0CfJjJufiXA40dD-GV92OqAsnKwF4ohLK1LfUeX7oB2m1mRkCpeRd1NkDJHAIvbhDbLksgsMZXS_Rg&sig=Cg0ArKJSzIUTRqwK-qvBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=334&cbvp=1&cstd=332&cisv=r20210819.39443&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 5130
114 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 23:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/ Frame 5130
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=78.226;sz=728x90;u_sd=1;dc_adk=2970904440;ord=95plbk;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=221;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 05:58:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5130
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame A695
114 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 23:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/ Frame A695
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=78.226;sz=300x250;u_sd=1;dc_adk=3087818425;ord=oxcgm0;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Finternet.blogmura.com%2F$0;xdt=1;crlt=FBgEi!hkXP;osda=2;sttr=223;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 05:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 05:58:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A695
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 23:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 23:04:34 GMT
dv-measurements1710.js
cdn.doubleverify.com/ Frame 468A
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 924D
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvtp_src.js
cdn.doubleverify.com/ Frame F7C4
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&num=&adid=&advid=2276943&adsrv=1&btreg=502952840&btadsrv=doubleclick&crt=139285048&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
index.html
s0.2mdn.net/2276943/1602614866015/ Frame 9A76
5 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/2276943/1602614866015/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f58795a6ad38f25647791d058a0bf9e83daf3fe783f1ea3b674cf53815f48b26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/2276943/1602614866015/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2129
date
Mon, 23 Aug 2021 14:07:39 GMT
expires
Tue, 24 Aug 2021 14:07:39 GMT
last-modified
Tue, 13 Oct 2020 18:47:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
57928
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame F7C4
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrjPmQii2iEyHRc6RAf2jw6YevdVkFIdBznqqljyJLLmBNIhtG1xyTtMI8iB4xEHTP8hZ_lTeksz_ehi-Fu0v8c2XN-NGY-jKXz38D-x6LaB4Gt0fi7nr3-IgRdxfhT4vj1yOdBCjV-clTGsFB27h8tCe6pbRpoIm_JA&sig=Cg0ArKJSzBwy8va_2_MZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=382&cbvp=1&cstd=380&cisv=r20210819.41823&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
visit.js
tps.doubleverify.com/ Frame 8BAC
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=312&ttfrms=9&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1629785587523172&jsCallback=dvCallback_1629785587523113&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://internet.blogmura.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jAz83jdbU8m8in9aRRm25O&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=185806455122.02512&dvp_tukv=356110800785.7496&dvp_uuid=33549779826.99384&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_mib=1&dvp_tuid=1332903205617
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
50bfae99409d396ba286dd6e8c7c6f1c4cd0388eeb140e1ce5e7f646fc85df13

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:07 AM
dv-measurements1710.js
cdn.doubleverify.com/ Frame 51DB
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
truncated
/ Frame 5130
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
278068a4974c180719b25012980cc85c25a809f6c64d25d2c24210fca9c0e9f6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1710.js
cdn.doubleverify.com/ Frame 3795
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
truncated
/ Frame A695
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2fe565e0b9808ea9c82af06d9a33c0a1c99839fb82de9a81c20fb3037d6005

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0BFF
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614866015/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614866015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 06:13:07 GMT
adc_RET_avo_300x250_animated.js
s0.2mdn.net/2276943/1602614866015/ Frame 0BFF
89 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/2276943/1602614866015/adc_RET_avo_300x250_animated.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614866015/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
564e0f16dba9dc41760268d47b78fce0d7a97bcaf3082a38ab51164085c87cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614866015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17072
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 18:47:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 09:39:22 GMT
office-be-336.jpg
cdn.contentspread.net/24i/advertiser/33027/creativesup/ Frame 7C34
44 KB
44 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/33027/creativesup/office-be-336.jpg
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=85077600032144800628852011696017&a=16c634f7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.235 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21039.dus4.fastwebserver.de
Software
nginx /
Resource Hash
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb

Request headers

Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Last-Modified
Mon, 04 Jul 2016 10:01:04 GMT
Server
nginx
ETag
"577a33e0-afe3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
45027
viewability
hal900017.redintelligence.net/ Frame 7C34
0
150 B
Script
General
Full URL
https://hal900017.redintelligence.net/viewability?s=85077600032144800628852011696017&a=9b314d0e&vb=m
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=85077600032144800628852011696017&a=16c634f7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900017.redintelligence.net/request_content.php?s=85077600032144800628852011696017&a=16c634f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 7C34
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
visit.js
tps.doubleverify.com/ Frame FE97
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=349&ttfrms=8&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1629785587684508&jsCallback=dvCallback_1629785587684744&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://internet.blogmura.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0itn-y4fJEiEb2cf7hr065f&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=220322620.3874549&dvp_tukv=80290115523.07825&dvp_uuid=112574668274.44475&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_mib=1&dvp_tuid=615465513727
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
1a19cd2d00004987328438cd298552503ec8a217a7500c60c3bf5bda9708071c

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:07 AM
dv-measurements1710.js
cdn.doubleverify.com/ Frame 22DC
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C170
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvtp_src.js
cdn.doubleverify.com/ Frame 5130
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=503233716&btadsrv=doubleclick&crt=139285060&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
index.html
s0.2mdn.net/2276943/1602614881717/ Frame 8431
5 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/2276943/1602614881717/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00324cb7a9df3abf75744947d89f78945102098334b00afccdce6187832dc91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/2276943/1602614881717/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2128
date
Mon, 23 Aug 2021 06:20:59 GMT
expires
Tue, 24 Aug 2021 06:20:59 GMT
last-modified
Tue, 13 Oct 2020 18:48:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
85928
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5130
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-NFql_mxdBuEht9u27zlb582haXD2rip-CUC1pc31q98-1iqAyjFhFCSTVppzaMZuVCH6WYyFKjPNJR9hjGp7dlk-p79Q2P82ipJdA-eE4k6jhP4dNwGK2b4qGN7AbLIsB6GRUk499JYlN-C2FC-qvBs4MQ3-TiA_bQ&sig=Cg0ArKJSzOlEEWBpZLvBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&cbvp=1&cstd=366&cisv=r20210819.85593&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 50ED
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 21 Aug 2021 23:04:36 GMT
expires
Sun, 21 Aug 2022 23:04:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvtp_src.js
cdn.doubleverify.com/ Frame A695
8 KB
3 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&num=&adid=&advid=2276943&adsrv=1&btreg=502952840&btadsrv=doubleclick&crt=152207833&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Aug 2021 13:10:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0d4e496fb94d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
index.html
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/ Frame 54C1
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
494073d30b3709952abfddfa83ee6152d5f5b1fb250da29404d4773729c35e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/2276943/1622822210185/adc_START_300x250_HTML5/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2261
date
Mon, 23 Aug 2021 20:03:50 GMT
expires
Tue, 24 Aug 2021 20:03:50 GMT
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
36557
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A695
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc5kVwXM2u1uoM2N0iNARyzIOBeXmNfeOwpx9fli7iH3t942kW5yjST_hFxZg1SDMSJUPpMbgMDIhzFRJso5SMBCQuCsHZ4e_Z9VEm7v8SobGyp5ozSGXFr3JwOOWC10F-4wT6afVEcNFzj_cKl6pBsmsmo51suBapLQ&sig=Cg0ArKJSzFLD12T3d4iKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=370&cbvp=1&cstd=369&cisv=r20210819.50012&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame 861B
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
552022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:52:45 GMT
visit.js
tps.doubleverify.com/ Frame 468A
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=358&ttfrms=7&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2573&ddur=7&uid=1629785587773399&jsCallback=dvCallback_1629785587773644&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&crt=139285048&btreg=502952840&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=54663009880.55695&dvp_tukv=9935768.836574143&dvp_uuid=1547991955200.9575&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_mib=1&dvp_tuid=1579518900856
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
f70f846510e756a1c7aed469c4c8c8dd0bf8938cc24996312254422c24b413d0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:07 AM
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0EB1
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614866015/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614866015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 06:13:07 GMT
adc_RET_avo_300x250_animated.js
s0.2mdn.net/2276943/1602614866015/ Frame 0EB1
89 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/2276943/1602614866015/adc_RET_avo_300x250_animated.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614866015/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
564e0f16dba9dc41760268d47b78fce0d7a97bcaf3082a38ab51164085c87cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614866015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17072
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 18:47:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 09:39:22 GMT
dv-measurements1710.js
cdn.doubleverify.com/ Frame 0423
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
view
googleads4.g.doubleclick.net/pcs/ Frame FCCD
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssE4jFAo7F1Xo6n4TmroSkQ5QGMil7PqiZxQIFWB7lQvaOR_p2vr1tJO49pdJ2hxm4xw4V-3nBWVwEA7mArJFe4wJp23oW0-i3JhBpiSJICVPzC3SFmemWtrPmhozv9GxB76qTQnoZBLE4g3T_umF7Y3ge2dtZE_-OSpg&sig=Cg0ArKJSzCkz7qp7IWA2EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1034&vt=11&dtpt=860&dett=3&cstd=172&cisv=r20210819.72172&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
request.php
hal90007.redintelligence.net/ Frame 2782
610 B
937 B
Script
General
Full URL
https://hal90007.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=ac4e87b9a4&subid=&uid=d5b709ffef5b72f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIDLX740kYe66Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9AilePxBPSbC1B1TpV5n36DpPb-u4SfbOHB8-ePk79L3e3A9IH7PX1E9T-lzxMogFUHteYcJ_DcTNIkIcM0Tcql9taSxnkPJuu0WO3-tOOfGnIXJJfZr2segReAn_kRgPm42u-mswrT_vlvlpU0C7fTBKm7bLhVsyX42ieWdnUJSyF5K86jgDhO8BIdsMP2Cw6RHUhkgS4A-yp_h3ertECW6iIkvZmwevfPlcGZTwt2lpO_pqywrpzW2hRUQG_zywtFPDLhvIUIFSWW8MAqT-Kbi4_ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ%26sig%3DAOD64_3gc62Fxkv4vwIzRyOva_qnvDRq-A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-DY9Zvru3Q--56Cmg0ijEbEDJLx6EbA_ttYlSDV2M3fm7pS1s4hF9CzZzEgi-EgAjJ3vCkOoS11aHorpLvDOBKhaRP6EXKxGfWfCCSrINs8w02I8nuC4Y8P-E51krP4v9IAnumvzxfqd3hpPzkUkOxqIA-4Yg%26cry%3D1%26dbm_d%3DAKAmf-DgT8DfOHv3ZhFaRNNpPI2MAMLkqLa3vMZpTh1nzpCV6tITAZwDQKK9RrspjzLSK3uoA7xEZQJsCRN7NWK3R_Pl5Vk3sfZG0KEfiX5fFQMwNvGYDxgWfmLozwxgM9mAlzFWuomYB4er5R-9VFT0I24fSxZjEGPd3yFOpF_u3mvHZKFTdAfM1pWTIJjaVxereCbEjkDM-IYU1A5wCBkVrrhFR65TOeRaMlrdOBWzXvza7OF7ZGc13a0DwwNnQOaND7jEAOjnRyRcMfXAttjDjeewWNFQcz-ujfF69Im5t-consWhRrOCIQXU1-FQbHgXrIf6UwER8JCWhhXhxuE3DEKBj4vlqklPV172_cqPYNSNYRg1ixOT0Ek7sqjsVJFkQ5WF-mzrbNhCK4Fj61ckyNX-N2Nj9HsDzQ9Yi7Boi5pLu8K5Xqn2xV_D2d4EYqy37j-eDxry%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7025318468587&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIDLX740kYe66Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9AilePxBPSbC1B1TpV5n36DpPb-u4SfbOHB8-ePk79L3e3A9IH7PX1E9T-lzxMogFUHteYcJ_DcTNIkIcM0Tcql9taSxnkPJuu0WO3-tOOfGnIXJJfZr2segReAn_kRgPm42u-mswrT_vlvlpU0C7fTBKm7bLhVsyX42ieWdnUJSyF5K86jgDhO8BIdsMP2Cw6RHUhkgS4A-yp_h3ertECW6iIkvZmwevfPlcGZTwt2lpO_pqywrpzW2hRUQG_zywtFPDLhvIUIFSWW8MAqT-Kbi4_ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ%26sig%3DAOD64_3gc62Fxkv4vwIzRyOva_qnvDRq-A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-DY9Zvru3Q--56Cmg0ijEbEDJLx6EbA_ttYlSDV2M3fm7pS1s4hF9CzZzEgi-EgAjJ3vCkOoS11aHorpLvDOBKhaRP6EXKxGfWfCCSrINs8w02I8nuC4Y8P-E51krP4v9IAnumvzxfqd3hpPzkUkOxqIA-4Yg%26cry%3D1%26dbm_d%3DAKAmf-DgT8DfOHv3ZhFaRNNpPI2MAMLkqLa3vMZpTh1nzpCV6tITAZwDQKK9RrspjzLSK3uoA7xEZQJsCRN7NWK3R_Pl5Vk3sfZG0KEfiX5fFQMwNvGYDxgWfmLozwxgM9mAlzFWuomYB4er5R-9VFT0I24fSxZjEGPd3yFOpF_u3mvHZKFTdAfM1pWTIJjaVxereCbEjkDM-IYU1A5wCBkVrrhFR65TOeRaMlrdOBWzXvza7OF7ZGc13a0DwwNnQOaND7jEAOjnRyRcMfXAttjDjeewWNFQcz-ujfF69Im5t-consWhRrOCIQXU1-FQbHgXrIf6UwER8JCWhhXhxuE3DEKBj4vlqklPV172_cqPYNSNYRg1ixOT0Ek7sqjsVJFkQ5WF-mzrbNhCK4Fj61ckyNX-N2Nj9HsDzQ9Yi7Boi5pLu8K5Xqn2xV_D2d4EYqy37j-eDxry%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7c4898619c0f9586684159e06844bbf2daa10244e82aa4e6f70c5b54ea7b430d

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
65408600030542100628852011696007
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
331
Expires
Tue, 24 Aug 2021 07:13:08 +0200
visit.js
tps.doubleverify.com/ Frame 51DB
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=403&ttfrms=7&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1629785587948889&jsCallback=dvCallback_1629785587948683&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://internet.blogmura.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gYY84uVgp1vidYDBkNZWna&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=50315679.416458584&dvp_tukv=20455611494.598415&dvp_uuid=3145067092.64808&dvp_strhd=0.1999969482421875&dvpx_strhd=0.1999969482421875&dvp_mib=1&dvp_tuid=416553281506
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
5c71d9fdcebefe96918a0a87df2563ed1f5f2f07a1e9b3e1fe29db57fcf331b3

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:07 AM
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9A76
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614866015/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614866015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 06:13:07 GMT
adc_RET_avo_300x250_animated.js
s0.2mdn.net/2276943/1602614866015/ Frame 9A76
89 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/2276943/1602614866015/adc_RET_avo_300x250_animated.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614866015/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
564e0f16dba9dc41760268d47b78fce0d7a97bcaf3082a38ab51164085c87cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614866015/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17072
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 18:47:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 09:39:22 GMT
visit.js
tps.doubleverify.com/ Frame 3795
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=348&ttfrms=8&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1629785587974344&jsCallback=dvCallback_1629785587974118&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://internet.blogmura.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j-PwduIj0Z536Hg1RmPp2p&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322706036&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18934541623&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=208670898632.41263&dvp_tukv=69120793920.54335&dvp_uuid=1381859470988.3237&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_mib=1&dvp_tuid=1360175403655
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
dab7d5426f171111807d29ac752999a4ecb34042629ac9abda0197d1299255e1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:08 AM
visit.js
tps.doubleverify.com/ Frame 22DC
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=307&ttfrms=7&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2869&ddur=8&uid=1629785588021375&jsCallback=dvCallback_1629785588021963&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&crt=139285048&btreg=502952840&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=185806455122.02512&dvp_tukv=1285757514436.0547&dvp_uuid=294353042.2282097&dvp_strhd=0.1999969482421875&dvpx_strhd=0.1999969482421875&dvp_mib=1&dvp_tuid=600812966367
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
783ff7dac8fdb7cff87cbc54fa7cba8646150783c1d548081754f2acbd872754

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:08 AM
view
googleads4.g.doubleclick.net/pcs/ Frame 527B
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0eHyT-3xnX_o_sw13P1-G1kNu8PKpIbSJa4Gr7lnVS658-nHGCz6zIIzFuSLOVJFGa_VE7PazZojtwuVMP8fA0CfJjJufiXA40dD-GV92OqAsnKwF4ohLK1LfUeX7oB2m1mRkCpeRd1NkDJHAIvbhDbLksgsMZXS_Rg&sig=Cg0ArKJSzIUTRqwK-qvBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1039&vt=11&dtpt=705&dett=3&cstd=332&cisv=r20210819.39443&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dv-measurements1710.js
cdn.doubleverify.com/ Frame 7F94
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
dv-measurements1710.js
cdn.doubleverify.com/ Frame 4654
494 KB
90 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements1710.js
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 12:09:14 GMT
Server
Microsoft-IIS/10.0
ETag
"0d138dc2994d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91447
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame FC01
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
552023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:52:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FCCD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPxW2EIqLif-eiw2NwAisWMX7WvkosHi5gy50BSIfa2YwO2zyzVeaGgk6WF0BtQIaxOQCH17wJkthbNTPOwPLrt7125YUdAM1bSBTp51VIJMG-w4Ib0_kLJHNfjg&sai=AMfl-YTyzBVVQyUrt8EclHUtJbwuvcJ4G1C9ktufBaoAseY5SP_n-WTxI7J2mmdt_b3COUkWbNG6CdwLdaxIf2ui26JqZLSoLWstEr2wICwZmfQ1IKSws-GRQJqCyqy1m1M&sig=Cg0ArKJSzC2SOEGdAnsZEAE&cid=CAASFeRocDeG9B_IR6DKTIUs_1iXV-pnTQ&id=lidar2&mcvt=1134&p=863,415,1113,715&mtos=1043,1134,1134,1134,1134&tos=1043,91,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2797201280&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629785584556&dlt=25&rpt=2476&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 0423
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=346&ttfrms=10&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2959&ddur=7&uid=1629785588178708&jsCallback=dvCallback_1629785588178644&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&crt=139285048&btreg=502952840&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=220322620.3874549&dvp_tukv=32714439199.82726&dvp_uuid=155340596874.8482&dvp_strhd=0.29999542236328125&dvpx_strhd=0.29999542236328125&dvp_mib=1&dvp_tuid=852235881764
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
840c343b3d4bd11a000223f92b36ea2cf8e60dfff7ed81c1cd59985d889576d7

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:08 AM
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8431
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614881717/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614881717/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 06:13:08 GMT
adc_RET_avo_728x90_animated.js
s0.2mdn.net/2276943/1602614881717/ Frame 8431
85 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/2276943/1602614881717/adc_RET_avo_728x90_animated.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1602614881717/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1578a060db58aaed17f36b16859d4d9163a762252ccce77d30fae7051203b87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1602614881717/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15991
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 18:48:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 09:38:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F7C4
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrjPmQii2iEyHRc6RAf2jw6YevdVkFIdBznqqljyJLLmBNIhtG1xyTtMI8iB4xEHTP8hZ_lTeksz_ehi-Fu0v8c2XN-NGY-jKXz38D-x6LaB4Gt0fi7nr3-IgRdxfhT4vj1yOdBCjV-clTGsFB27h8tCe6pbRpoIm_JA&sig=Cg0ArKJSzBwy8va_2_MZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1169&vt=11&dtpt=787&dett=3&cstd=380&cisv=r20210819.41823&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/libs/1.0.0/ Frame 54C1
236 KB
62 KB
Script
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 11:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63907
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 11:24:21 GMT
300.250.js
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/ Frame 54C1
63 KB
13 KB
Script
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/300.250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51e74d20f4eec4df9ec12ea2d8981886e72530842c54358332f0cbdbc96890d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13074
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 24 Aug 2021 10:16:20 GMT
bsevent.gif
tps20517.doubleverify.com/ Frame FCCD
807 B
1 KB
Ping
General
Full URL
https://tps20517.doubleverify.com/bsevent.gif?impid=04aadf08ad9643e3bede6c0db7960600&pltfrm=Linux%20x86_64&cbust=1629785588254670
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:08 AM
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame 924D
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
552023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:52:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD8F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIX1X8Y0kYfKMG4yP7_UPmNafyA8AAAAAOAHgBAI&bg=!mJulm9_NAAZvV8FTb1c7ACkAdvg8WuYOGkHaoPg8rnNGjukJumPf9iTNMRQO-_Wp5QKBOOv2BIp9FwIAAAPVUgAAANpoAQeZAtUfaXcMyJzDkUZPtjgp0xHr5snaNfXY4NC78iAiO3iwcck3ZXF5V7A9IB8744YGxoB5nrFLW6d8aY3i4iYJRwo8XSTXM7F8k-J6sgkMzEhEqs-LHm5eKLRPFKkC2etWBzhw4DgV56TQqX3YH0XLTCUq2wRIDdhcqsDR0EVztX3XsQLjXpdI4t-Sm5KkO1fHpW6GiCACMeBgT5KXdz6mMPTYSUsmvn9i6YQLktda05woFiOT3Pd0sQAvvFI-4rJhb2B6LGfraA0t56cyNnGaBUVjBLUEU5PGlNN3cUehYL4bpHFCMX-pbXGULlWNlnk4cP9Qq0Xi7oZxrfzwLxS-23ipWuRyPYT0ywg_JWKFWPOEfEQwdvmwxUI9HQZV930__j6_lz1Cqzek5KowUWPa1IzWRHkE7bEXkSaDlTHO_VXHkSM-XD14HS_scR3GWZo6uknHvi2HF6gH6jtusQHIiw3EJ8BLbRYEfpyL98L8_SdKcg-XRS5ubVQjKPZ2zBYx7XZKGz3P0B8cIwZ6gcdm0wSTzkQgQ8vxSGexcF5txNWa1_cNaF9e9Id3W3kfnAp9WPx7ErxN0dr9zhQghzNETxvKcAdLUAhvFju6NySm3nK62or533fUFgZmZWuILM7L2MNh94MADGHyiqpsHqqP32XNC32sGXS1wR8HDkd-fmy2KNJh_MKPvcPSntWaTHTr1DhwPUyCfEK7tEvTyFPjHyzo0I-V66RB1GBgQlOqVF0_iRwLRzsdPlyeJPY30KjdHwIxitR6b1DkJwKBwN0oTBE7TMUt53sqyKY6bHnpuGKKgPe8Hl9q-frP7ed4CVs_Xb-wsJqUa9YYHTmpw3HEIHyaXIb0_JWAhu2EKuHW-F4n4s9ImVBLteBz_yEztcuMZcSfXzuJuMYE03J1kOY-tOvawYDQUDHUqeswq3V8w-OU0NDECrqLrpovAUI4aI5GkGhX7j-trQ
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20511.doubleverify.com/ Frame 527B
807 B
1 KB
Ping
General
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=461b883532b44708bc2f9a6b862d17ae&pltfrm=Linux%20x86_64&cbust=1629785588269528
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:08 AM
bsevent.gif
tps20513.doubleverify.com/ Frame F7C4
807 B
1 KB
Ping
General
Full URL
https://tps20513.doubleverify.com/bsevent.gif?impid=6727975459ab446a8660c32b3142ba83&pltfrm=Linux%20x86_64&cbust=1629785588317297
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.16 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:08 AM
activeview
pagead2.googlesyndication.com/pcs/ Frame FCCD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvilbU_Sap27fK0mQZN9ZF2zjBP2G1bk72hLKg_2WY_PeKV3K7pHk2Mfl4qG_upf_8V8RV9m4u8RnhsPJqG5BQH-QzsTzvn&sig=Cg0ArKJSzIlkLVKU1yjGEAE&id=lidar2&mcvt=1078&p=0,0,250,300&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=3013400691&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20520.doubleverify.com/ Frame A695
807 B
1 KB
Ping
General
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=2a895af4bed148658e94c99b690f0af3&pltfrm=Linux%20x86_64&cbust=1629785588321407
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:08 AM
visit.js
tps.doubleverify.com/ Frame 7F94
1 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=296&ttfrms=6&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2558&ddur=7&uid=1629785588375370&jsCallback=dvCallback_1629785588375150&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=139285060&btreg=503233716&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=50315679.416458584&dvp_tukv=566650096.0131917&dvp_uuid=3482377.508667267&dvp_strhd=0.29999542236328125&dvpx_strhd=0.29999542236328125&dvp_mib=1&dvp_tuid=1127955046145
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
0a4430ec388df2e76df8e90d2cc8938489fb3859138c33fc773a82faf624e924

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:08 AM
visit.js
tps.doubleverify.com/ Frame 4654
3 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=298&ttfrms=8&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3FE6C%3F6E%5D3%3D%408%3EFC2%5D4%40%3ETar9EEADTbpTauTauc_b%607e4b43g%60647h4f5aae546aafh_3c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3262&ddur=7&uid=1629785588390541&jsCallback=dvCallback_1629785588390414&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1710&tgjsver=1710&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=251&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&crt=152207833&btreg=502952840&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=208670898632.41263&dvp_tukv=124144832.74164833&dvp_uuid=23837278408.913284&dvp_strhd=0.29999542236328125&dvpx_strhd=0.29999542236328125&dvp_mib=1&dvp_tuid=676036583151
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
018761d3142206ed9025eb8569107eee39a01be4927f245c7c12c7c894c989cf

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
8/23/2021 6:13:08 AM
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame C170
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
552023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:52:45 GMT
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame 50ED
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
552023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:52:45 GMT
office-be-336.jpg
cdn.contentspread.net/24i/advertiser/33027/creativesup/ Frame E739
44 KB
44 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/33027/creativesup/office-be-336.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=61082200025833800628852011696024&a=19c63003
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.235 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21039.dus4.fastwebserver.de
Software
nginx /
Resource Hash
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb

Request headers

Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Last-Modified
Mon, 04 Jul 2016 10:01:04 GMT
Server
nginx
ETag
"577a33e0-afe3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
45027
viewability
hal900024.redintelligence.net/ Frame E739
0
150 B
Script
General
Full URL
https://hal900024.redintelligence.net/viewability?s=61082200025833800628852011696024&a=b7c24165&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=61082200025833800628852011696024&a=19c63003
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900024.redintelligence.net/request_content.php?s=61082200025833800628852011696024&a=19c63003
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame E739
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 5130
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-NFql_mxdBuEht9u27zlb582haXD2rip-CUC1pc31q98-1iqAyjFhFCSTVppzaMZuVCH6WYyFKjPNJR9hjGp7dlk-p79Q2P82ipJdA-eE4k6jhP4dNwGK2b4qGN7AbLIsB6GRUk499JYlN-C2FC-qvBs4MQ3-TiA_bQ&sig=Cg0ArKJSzOlEEWBpZLvBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1163&vt=11&dtpt=795&dett=3&cstd=366&cisv=r20210819.85593&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
GettyImages1066499126.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
143 KB
143 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages1066499126.jpg
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
900d20b4b1a9f7117e4e31810de30236f7c0daa5896c3a7a736e5db6bf3fdc29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50311
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146070
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A695
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc5kVwXM2u1uoM2N0iNARyzIOBeXmNfeOwpx9fli7iH3t942kW5yjST_hFxZg1SDMSJUPpMbgMDIhzFRJso5SMBCQuCsHZ4e_Z9VEm7v8SobGyp5ozSGXFr3JwOOWC10F-4wT6afVEcNFzj_cKl6pBsmsmo51suBapLQ&sig=Cg0ArKJSzFLD12T3d4iKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1173&vt=11&dtpt=803&dett=3&cstd=369&cisv=r20210819.50012&adurl=
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
request_content.php
hal900013.redintelligence.net/ Frame 1A8B
7 KB
3 KB
Document
General
Full URL
https://hal900013.redintelligence.net/request_content.php?s=74129100029320600628846011696013&a=a3be6cec
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=45a21cf29f&subid=&uid=690d1cd74ca8070e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNCr0740kYfG6Nqm3gAepqJbwB7v6hIpXn6bi9bcH8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNUBT9AD5Mn40YaZ6n1UGWdo3xIDqpqQtl6BDEV6TAlhV2V_pL4FyZFNp61uyN0dDY4qrrIYB4fEeWqBFId7TgDjqbPtFwpsiPgZ8bHupP_hqmfH6L8O7i_QTZSxLPmbXf6AmWF0i0QYLQSI8O00VvWz9oZTJsFsgPK6ymNBICcFpLQXmX7Pw9Zx7fy-9L7BkUXQfbpsBs6RgugJbjI-GmrtEYTcPK_erdLjD3TM2KiKaGkoSkX19G4e6Lftm2MqIshxxIcoASWw3lmEQz6rp4e8I6hGQ1XKwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9MWfxnnLx5gD7CzgjjJkt5-NIg%26sig%3DAOD64_1406M_SuzgFZQEMM0tZr71GJYpvw%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-CNpPsbw30eVLea6cPOwC2iF6q96nOO12DAmK-a7ilXJIhKlpn5ZOJP2eDBebT2OWRLNu92YXgDBOT60sOZOFPsjUiLvBRxspds2DKHdtzcmGueae8zjpFmY3ep2Ag2xU0zy_SUds85g4JjrZvy9AWy6JUM7Q%26cry%3D1%26dbm_d%3DAKAmf-ChdCH1vWRWGsLalfX6Wyt2NvfjfWojG-va5xfr3X_6cDSwT9BmoJinZaRNAckas64YeGWl164SK1I2tPi9za4pDY4DeheerxfmqX9x8dYHrZzOMtgRzW6jSrc2C83rbC_Jsq9UkXK-Luvq0TeebEdUVG6I1H-kQ5V9x3liwQEQFoSoj7lWZWDJY9HEBfNGlGhFN3D_-6ChP4N5qaJ8RgLMOm5y4h-wy9eTguEnAiCHmhhY1f1F8zawr541bUXiED-Kzq8YKtygjE6ggTCOhGqqrFy2_2EHrtmQmIQt0z1TM6fEf19PsHxGb0fJ9nTPQdHQDnzh7jcLlHknx1BWu3sLyQhyE07hp6hwkIi6wTTmOb-c24MowpNRbwerXlduw2YYu4j_JDFq_sA3tNb2oDf_l671slMsfrw18QQDtOyIAXpccFK52MNZbE_8LpQc0SUrqWtr%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=5435811801901&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
45628ef607608857be5d206693b85a4fd862e0ac78e763f895635227964cbac8

Request headers

Host
hal900013.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=cd512aac7107235f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Date
Tue, 24 Aug 2021 06:13:08 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 24 Aug 2021 07:13:08 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2298
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame E5DF
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
351a34663310d2ee46afab5894525332d316db89b9eede463feba6e509aa7f69

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 5130
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3FR7i9NQLG3O6gtoVVSSkSWq3WieNusrFNAM4dAkMF0Ack-hhATNJwHyZwoAyuC6_1I-6KHzYAVIcYO_7P-Ou_iX1sAvwLKJuSlEhMIndowSp4uqX5LTnX_kKQA&sai=AMfl-YRvKSwusbk4xWg8_1t0edkP7p4QYRNKx_BoWJbwF3FCiH7gq_xby1YEZOR655RmZC3Y9lxkl6fL1ZUOpDC3HygCb1mV7tdwmjHpBCb1v4DsGXIqB3nJTbPCsqjcwM0&sig=Cg0ArKJSzAzUhbbtty-MEAE&cid=CAASFeRoJQbbVNL_Qt0mkpsd4sl-tQEiLA&id=lidar2&mcvt=1061&p=1105,436,1195,1164&mtos=857,1061,1061,1061,1061&tos=857,204,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1070556060&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629785585182&dlt=79&rpt=1&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A695
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyW57oK_mGijtCoqcx21DPfOgS1BlBXagl7YfDFiAFtTFPUR3eAWhOvxFIMtiCThKZKPLGg_52vXXbB_c2lHgH_DT-aURYHEMNPeX8rlQeMtjBOhj29vpoHjivBg&sai=AMfl-YS0D2tiOQZbJ8JHz5kV7XaTXQHgJdNhPgK1oxgvphMHkK1C84MOMgZ-XXj_pUQ7xlmcrg1nmgXXdBdDcVBMvGM8MV-myBRPb8BPCUCdCYqaKLZDIT-uc5fGHkzhnN4&sig=Cg0ArKJSzExuCroAJN7vEAE&cid=CAASFeRo3hTi2LgRCFM7-QlCI0I2_FQy2A&id=lidar2&mcvt=1049&p=863,105,1113,405&mtos=953,1049,1049,1049,1049&tos=953,96,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2319159430&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629785584554&dlt=22&rpt=3178&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GettyImages1127274241.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
143 KB
143 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages1127274241.jpg
Requested by
Host: 4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
URL: https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ac9c2714a360c3ae01ab69e4b06b65c5915eea3fd4e7d799a7ccbf727c69c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50300
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146326
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:48 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 1A8B
89 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=74129100029320600628846011696013&a=a3be6cec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 04:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 04:37:17 GMT
mircosoft-en-300-600.jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 1A8B
77 KB
77 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/14265/creativesup/mircosoft-en-300-600.jpg
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=74129100029320600628846011696013&a=a3be6cec
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.235 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21039.dus4.fastwebserver.de
Software
nginx /
Resource Hash
83087bdaf1ca3313a7226475026cdb99d853b3c1e0d235192122c7baf7938117

Request headers

Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:09 GMT
Last-Modified
Tue, 29 Sep 2015 15:03:03 GMT
Server
nginx
ETag
"560aa827-13398"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
78744
GettyImages1132314350.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
128 KB
128 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages1132314350.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65b59513cceda5eef3bd77150101a3146c210581944b0d0a80733e8c1b304c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50303
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131221
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:45 GMT
request_content.php
hal90007.redintelligence.net/ Frame 7620
4 KB
2 KB
Document
General
Full URL
https://hal90007.redintelligence.net/request_content.php?s=65408600030542100628852011696007&a=2655406b
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=ac4e87b9a4&subid=&uid=d5b709ffef5b72f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIDLX740kYe66Nqm3gAepqJbwB7v6hIpX7Yut3P0J8C4QASCB1ZwkYLn4x4DcAcgBCakCKWsBWFaxsz6oAwGqBNQBT9AilePxBPSbC1B1TpV5n36DpPb-u4SfbOHB8-ePk79L3e3A9IH7PX1E9T-lzxMogFUHteYcJ_DcTNIkIcM0Tcql9taSxnkPJuu0WO3-tOOfGnIXJJfZr2segReAn_kRgPm42u-mswrT_vlvlpU0C7fTBKm7bLhVsyX42ieWdnUJSyF5K86jgDhO8BIdsMP2Cw6RHUhkgS4A-yp_h3ertECW6iIkvZmwevfPlcGZTwt2lpO_pqywrpzW2hRUQG_zywtFPDLhvIUIFSWW8MAqT-Kbi4_ABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRopmY-w0EbtYdpdh8tv4rJWlZ_PQ%26sig%3DAOD64_3gc62Fxkv4vwIzRyOva_qnvDRq-A%26client%3Dca-pub-9252416192348979%26dbm_c%3DAKAmf-DY9Zvru3Q--56Cmg0ijEbEDJLx6EbA_ttYlSDV2M3fm7pS1s4hF9CzZzEgi-EgAjJ3vCkOoS11aHorpLvDOBKhaRP6EXKxGfWfCCSrINs8w02I8nuC4Y8P-E51krP4v9IAnumvzxfqd3hpPzkUkOxqIA-4Yg%26cry%3D1%26dbm_d%3DAKAmf-DgT8DfOHv3ZhFaRNNpPI2MAMLkqLa3vMZpTh1nzpCV6tITAZwDQKK9RrspjzLSK3uoA7xEZQJsCRN7NWK3R_Pl5Vk3sfZG0KEfiX5fFQMwNvGYDxgWfmLozwxgM9mAlzFWuomYB4er5R-9VFT0I24fSxZjEGPd3yFOpF_u3mvHZKFTdAfM1pWTIJjaVxereCbEjkDM-IYU1A5wCBkVrrhFR65TOeRaMlrdOBWzXvza7OF7ZGc13a0DwwNnQOaND7jEAOjnRyRcMfXAttjDjeewWNFQcz-ujfF69Im5t-consWhRrOCIQXU1-FQbHgXrIf6UwER8JCWhhXhxuE3DEKBj4vlqklPV172_cqPYNSNYRg1ixOT0Ek7sqjsVJFkQ5WF-mzrbNhCK4Fj61ckyNX-N2Nj9HsDzQ9Yi7Boi5pLu8K5Xqn2xV_D2d4EYqy37j-eDxry%26adurl%3D&documentReferer=https%3A%2F%2Finternet.blogmura.com%2F&ancestorOrigins=https%3A%2F%2Finternet.blogmura.com&random=7025318468587&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
613b2ccfce39be71ef698c57d8b3f5a45011d2fe5f278dce33276c587c78130a

Request headers

Host
hal90007.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=cd512aac7107235f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/

Response headers

Date
Tue, 24 Aug 2021 06:13:09 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 24 Aug 2021 07:13:09 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1427
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 2782
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c57f060dcd7628e21e2b5b653f28bab18e46afd208ef6fffe4dad6cff8182e6d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
viewability
hal900013.redintelligence.net/ Frame 1A8B
0
150 B
Script
General
Full URL
https://hal900013.redintelligence.net/viewability?s=74129100029320600628846011696013&a=45ce6d6f&vb=m
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=74129100029320600628846011696013&a=a3be6cec
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900013.redintelligence.net/request_content.php?s=74129100029320600628846011696013&a=a3be6cec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:09 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 1A8B
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame A695
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpPFRNeHEHIoB1ILtn7feyX__V0mIjsrPv923ZkfHBTNy6YmkgZH2KnlyNuepDTCzYWFEBB8ncgyMhFC92WYjzJh_QWkct&sig=Cg0ArKJSzBuOliw3scXHEAE&id=lidar2&mcvt=1127&p=0,0,250,300&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=3087818425&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5130
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTpPGzLu-bT8AH8KThnhtJDznpOctR81QLE8H-fthuK6BRRwoCoJhqe47XFTbQBEXLKAnOL_vTpDrVehvzzfrmjWEda2uB&sig=Cg0ArKJSzP8BjNMHQdicEAE&id=lidar2&mcvt=1127&p=0,0,90,728&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2970904440&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GettyImages1179627316.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
120 KB
120 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages1179627316.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15a1fe8fc40c997b79e35445fbcfb51796325c3804bdf0fbd3da349e0dc9647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50298
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122943
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:51 GMT
GettyImages1191607556.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
153 KB
153 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages1191607556.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53c687358e3d3a2e2a271d6d0765d80b563871b7f093087c96909937d636cfb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50304
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156215
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 861B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTpKb8o0kYajIKJXQ7_UPv_-EmAQAAAAAOAHgBAI&bg=!IiGlIWXNAAYXVutgF1Y7ACkAdvg8WhvRQiyI18MJE3PzxEYbI2XmCEe8eUP0w4gVD7MgHKQ1oeoOUAIAAAOnUgAAAF1oAQcKAESR2nWSwO_ZPXFx939BbAFe8JGvyPgp2oI2KxztVrW1k3v6nUEkMGZ4xAvU1dCQPAPh7f1wKrV8lGC0ytPIlRVTPDY6wpkCyXaNFfetas1m9tG5W7-tjdOpLF0eJPbz3hLUEx018FyvDOSVQ8ieC7kOF2vo1LcG2NWKBWCcbnqZbTrFJNjWT5oKuN4SYGzX07iSqJSV01UM9e4TrsvmMP8u1YkeoNsn0MW-hAG9ePqsqqa3AtHCvvhSZhSQLHmWgFrzGIKpODEwdCVnYdaWeQMR20b1NHvAXbYjr-BaWGtIaAX8BHYqPSrepQ9Tub3O-RFZW8kVeXLvnWj2iS7-yscbvol0SBMpMAimThpBiJU63S7nW4mg4rVUGVzi7ZWzJhHfvKUSGsCy8sOhorrIVFjyTptYXylO27X3yyvzrpG4MN2_gcqZX3jIxhyDFS4My32iUsFA2DRx8nnwbyzb528qL_QcIlYDuRl8wD8kRfrPTtAXVTs3sRpOe8dskd-rlDK5J1r_EjZa3femGXeEA7txw7Su4p8BYwRn3ste5lZYy6l5V2gppLfIANWA00QsJeIyS36AFPm8tEcTbd63wL34tIdXkBaObZnfNCfng8vW7RGBQObgvu72BusedbPdDrXjgPpTL01WvKzula69HtS-cTLiAQ_H1RkW9Uu55tSuCfmUBpe6Q0mO-rQsJq_ZBCkknUHGipVEIMyTxHTPE2vjni6ZK73_Ijy6gkDrXulBfUAm3gjLK9WzkgwimGeVKjhg-U0h7Evi_wLOCaII_PC71bNsvQK53NdkWmKjEXv_pk1JbRVxARXpkHeraHlW18gCEWCBRP6afYQoXT673FhgUlPHSmi_hSJeQYadM7DNO6kDXNjfBiK6gLjVsSyMYDIcbV64ty9NESd941wu8vghfzR1ldcIEAhZ4m95xWTJ1xyW0IICnAQVYtTSSzhB8JAzfRXRD9RUQDNNpfMLEsIAbDaWmK6FmszvO634X4es-4RM078Ze2Z7npcOp-C0tDv6KbLhC6WaoBiI3iJz4HQX
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC01
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPjwr8o0kYY_PKMTh-gaEg62QDQAAAAA4AeAEAg&bg=!gYKlgsbNAAYXVutgF1Y7ACkAdvg8WhIllLXH1mtRI4yyY6zlOnWC1ClwazExq8uezkv2OfvF_aX0iAIAAALcUgAAAFxoAQeZAsomt7GcJWPzStiENG8ENUknHneE7Qqa56Vkew50bDq5LL3dIq2kAd4cGqPkXsTHr9OJAvrnVmp8RTcyfHb-AAoH08R6TcQnEMjsQbHhPdPp1aPWnJsB66tESrSXRaK09QkK0I0xC76ldhmg2rXuRza55cE5Yeg1WgjIPI9oUG0F3zg_wQunVmiBwsCezOEdEnccCTgRPhXKVUMX5JcaGU7syMfGh9TeD60F1RoZRHza9i1um-zLKrFpHNQXPMrXBtBwCxiZqq-JUjGaLUYKF0XRFaJQ3HlpdNmYzsBGhDUb1EEoRar6s_mPrMJ6mGRI2NBXz0lTbVPeEdcwoKrJLrJLjAGI9G_z8vDmlr7jT_u9bdduQ_Pn0RqsV-iRPXR8FQr3O3rMfmESfPoMCG_LaJD2_8ciPVVBhKq0QA3C9C-bZDptQs3586t_5xotIRPsMdgQ7Xr4pN62mWEIIpRxuzxmTh6VxlxJTSrWf0CQvwA_ubyPLPmsp4fc2f62duzMK9IiBtooHduQqLLizWDLZfyFoNEPtikh63yPCSdzAh5-KDNg2fXwLMerZeOck3acu6RsXuFKjv4Walx1moRB7TkUNquWbM2s0Xad6ndcTaIAYRpyGrbL0KWHzMn_0mK0YrcgkjUpGOVDo01kpmLNvEeRg9PkHfh8bpMjEkAn4nnNjxThXxj6AnBKsAWVgKJZJpa7BmAMsURcvUdlNbjjq6t46_dzTZDrKoDRwFDnKOWvnceUN7oDWh4-35-7mh52PwuW73EiYg8uGOJpBfj3Y49MIvHqVTL0xSuU7E8nOJ1yI1oaOw1N_iTgO24I7taVng6F8U_rRDGEntyAvRCeSNyrxrXJOAeCqT_meBXRNcu84Xt_dyAj7crXPuNLeE4x4gDYzYDeGO0VEVhVWZuuz_HtrbMGKS5o1yUZpBbH74DjsI_LjpSgNnCWxAM
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 924D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4IUy8o0kYZWJKs-NgAfghoLACwAAAAA4AeAEAg&bg=!RUalRgLNAAYXVutgF1Y7ACkAdvg8WsO7eLjMrbF8Jw8jkRtrFLfB8UnF4sVdheGRa7vFqN7Xn1sbawIAAAKxUgAAAFloAQeZAtiNxB6xbqq14q_QiSp4V-_IT7p99vSJ5QHj94SlLHntDx-PUVEBEEAgQ9d933Hr3xHMlonCmHsZH1AVW-CPgPLSAt7LNx3rKy_MmbBUPfGLtrnAIa3T8nMAMeYm-UanMP_uxw7cGFbag8RSAT2JYAbAN-U3jzvkqhCYly9kgQctOwIBG3Uqxu4NY_-JgKFwQiw-ySDOU_gBIQvUUNQqFswCEdx-u3X7_6Fqqr3Qm4YFEDXjOLPrFSZdPAdw7LLJUllCIgd7WyRipmLnTyamKnCtUhfl1YmXfmq_fBmLPe0kxMhTPev7ujMev_gxTiZYmI9MgepD-u5Db1f2nPnvOM4Cob1r1XNUiiQ1d7ntrej3CeuKBD0X5RZhPkvy_cDxI4uVDsglng56lbwxw-6U7BCweHgAtaukRgkt-HCwwN54Ewhy1SiAOjppkhVRjK1AHJf8icInt-DY4L0GSkc-xRRo6NVu3FvHojFzvZI2mBnFw1_CX5MWaOTWEwR-a9uJUfuEWlV3k2cwfOzdMHa1dPJjzKp77BiULRiBLjlSLSGyetAMozrlvtgNfzHM8AiDLtY-6z_kvO8HqHfYkycwfN6AUNPPnQm5Oia2mfe0PzNiYRU3Aac55NR89cvarV1yJXxwtKr6Cz5a7N1aq_paQWwQXHqqSygxno3uOCL9Ez_-m0wMUO4SxGzy8_4_v0xvl2yz_WEgeZ8LAu1YmcQEs35vZ7Buo_UoDlzGxK1DSjEmoNs8pou5yophhroMdH_PhwRQXQ2Sw5VI_-h5U8Z8zoFrd0MGN7f2yluz989mB-15h93tR1NuEfEMzBKARqRXM9k6m5gUH8Rf0hCWwD1eqU5Q7wdSNjXybGV_3aTog9p3kBGnOOEr8-sniI1Q_u3QPfsqyl1GDruyj4osN8qxj5rKM5kMN6DFcARzTp-ocQj-Tt-8Z97sqLI6dSW34ObjnYI4SCp444brvg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GettyImages1250238624.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
135 KB
135 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages1250238624.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa5c611396e0e4f11ac50edc3ce75960ba5d232d28de3df45d3591c40d960b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50303
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138648
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C170
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx7JO840kYZSNA52O7_UPo6u2kAwAAAAAOAHgBAI&bg=!BQalBkLNAAYXVutgF1Y7ACkAdvg8WiCfexTaAXxOMIV8viXg50tq_cyT-esyowMXV9fhd29n4VS-cQIAAAIRUgAAAD9oAQcKAFg-c8TRpJgzYdU0f27ZjsDf9bhddXol85scTN-wY8Br339AXfO4mWHaTq9ac3-R2FCDRN9ma7t1yXW7yzP9FzDwr36WEQq5qsBoB3GazWq5Zrcb7uPb-yz0mQLR-PL2GpE9ZDlVzwlI3I6x4b2I93WDkTFyKGpIvpmmxitydroC3WC7SK9uG005he5VtPjfjdhuXZvxeV2TSzfbYo79Zg62g_LbSnxj4HIhv1fVNT1fvw2KvNcXXQQ4uUHulmKpZFfYgMvsKaO4taLGeV9HP8X1pPm7eV2X3GfL5jsSItfowJzxEvtEKjcLxkHKHGJbSiYoF2efDxlhwughgFHAwFJT1J6j26mHJaHACmH8KtivYIoFdLEuFoCLoG8hDWzUIRBJxJ8b8O6Dj9mrTUDxkoF0N7aqbVlNDbKr6Bu1eVly9qocpx2iW4hw208MUkaht1dvUuUTP2QPyQDRMA54HN7QYfsa2iv6J4QyWK2HpEumewm9aaDh2BmcMhSnrVVGIXrjtqb_q6eKgo5whUc_hP0Rv4LXTKqQNnXuy5AtkJjLxEEqSFRPjrJZfcg2NJ5CfYSJyp1LD8co28myy-nXZ9O220NrCiOhFyNVOYA80kw606PouaFdHCSsKunP8sIPrXYBRp3Ef2FIfb46UJZ_iagdeD0wCcqpfRZ7oePg0b20deRMJ4RlmTUnWyZ5pm4Cz-2MYZR43rK2_Yf9E4hnJFLpy5NY-rORxjolX6C2dI4KXquflDQT2oZxvJiqC-nYOpt6BHhKXBQ4oHR1UEFM7ZUl6tds3FfFFUm1H1SPVsHdKXfmw1mX558V0Nw1HpO12kWy0PeCBlUWkmnZjfwA27fwHfqHZLTIB_KXsaqVWrobdgpEDfdfdg0PPeRBrLZ4q4phG3UH1YSG_Rnp7qpqwARkc9YnrIAgjlV1iDCzQL9BO2hrN5by_hLUR5Gt3KQ9XQEepsY2rC6Z0wUftdJ_96rIkCEsbmYz3AIM50hgKgfCBnpFut2gHs-hCMssSbhUZsJQeeCzRpaH81ortv-Sjf0_CY0KzAICBeTjp2rj3DuwtxdrnA2PsyEqN9slkw
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GettyImages685132223.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
148 KB
148 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages685132223.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
754acbab8d20b0606d01fafd26e53b28fd45b8e2c46c4b9d5d5939e790d64a44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50301
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151928
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:48 GMT
GettyImages925235242Man.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
109 KB
109 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages925235242Man.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
543dd61b71ea387689aca9c656261d1cbdedbde3ac23b9c418c9d30762d0bdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50298
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111569
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50ED
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7I0X840kYdaeA9GU9u8PwOiCIAAAAAA4AeAEAg&bg=!T0ylTAjNAAYXVutgF1Y7ACkAdvg8WgdMWjYOUNGK6GYF0pY4vzrcq0ZYSJk2g2MAwKC_vLqixMYEewIAAAIgUgAAAGNoAQeZAsoqQv2IT7ZYsXC3D5Cw4l9XoSROMQKo9ZAFFvVt7GYLVgCCGtQWURYUIlg4c6YzPAEtXXXHPNcjF-4KWZs65JRlf_al9jUsdEFk8sQPB43D5lSLytHr83RtGAU2TRowGZrnkaV28V91wUcbM0FBrvLMFptJbEm2544dKDbtWXgWRYWhVraLtlNotbbG6ffNDIahcNDqdkPtIRuGddzFrwct-_mb86DYVDZkQnjc0LnwIBQznewB8BXyj9f8QRHPGMkkJUUSfYqrg-9iuOTnuFn3DURrv4xT7RgYUyUmirSolkkKX9eQQTac3BJuy2XnMKKgxZaDMiI1iEafUqNDhsd4cUm5lOgZp1m-ydPWJspjOvmC0PXHecBeAmD5F6Ei9w5G-42MiYhx59B3lRQdoI7Fw9YEIxvyJEb-UkgQeN8bJGUgE9a1b0E7PFs7CQombmy2VzA71t_cibUhJXCC5iFYxzNPsxqCqkQZ8ZD5ikKxPXcdH8s4H1N2NaebtpkIWw2oLv-hJYRwuAoUsFYFY5tD_HB1JFQYjJS_qMXxp4Sb6Ad0xqEWHPpoqFn7yMLX2XVQCxJvSdxvZLssMUwZ6tfq5DqnMGN0ha-HukV1JTJNn78-TibrZ_Ajv7qN0PYqW03MI2vDBcPUhApk6f4rQho23ruhswEuWQyz7wHA0mAYiF0M8nHGl7Gm9dUk8vil1lVj91cX4hrMRm1JK4220ZOPtOYr-moKge3wiutffI9c0YaLeB38S1CUWDXFXY3-70DlW2yGa4KL7HttLTjZ9BgRIjYqYksfI5_U8yMpZo3qohGYwX2Ya6SOLtETznP3HIzI6aUW-NTi2wGgxrB6y49FKwemVfX-vVL6syWS8tDOaueesR-0_0YdNtLifYbYZkaxdP4i_wiphi_E9TRn3Ww5dY-D16LDpEiTtIRIFCyPzm2SlBbA6BedSeE
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GettyImages985138634.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
141 KB
142 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages985138634.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d664d45ec3e2e5fd3f9e3564062953701ee81d01a1f059030888da8436b8761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:43 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50306
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144825
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:43 GMT
GettyImages985138700.jpg
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
167 KB
167 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/GettyImages985138700.jpg
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1501a1f37e383c6898c4c9c1d7f69aa138e86bcb18a7f4c715dbcac501adcd36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50298
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170725
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:51 GMT
Story.png
s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/ Frame 54C1
11 KB
11 KB
Image
General
Full URL
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/images/Story.png
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c1ef7839ecd6c1ef6c65a0fe3dde65b5a1f3f1d9a53f2b74c14210e3f0d7b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/2276943/1622822210185/adc_START_300x250_HTML5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:14:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 15:56:50 GMT
server
sffe
age
50298
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11297
x-xss-protection
0
expires
Tue, 24 Aug 2021 16:14:51 GMT
office-be-336.jpg
cdn.contentspread.net/24i/advertiser/33027/creativesup/ Frame 7620
44 KB
44 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/33027/creativesup/office-be-336.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=65408600030542100628852011696007&a=2655406b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.235 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21039.dus4.fastwebserver.de
Software
nginx /
Resource Hash
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb

Request headers

Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:09 GMT
Last-Modified
Mon, 04 Jul 2016 10:01:04 GMT
Server
nginx
ETag
"577a33e0-afe3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
45027
viewability
hal90007.redintelligence.net/ Frame 7620
0
150 B
Script
General
Full URL
https://hal90007.redintelligence.net/viewability?s=65408600030542100628852011696007&a=42374b51&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=65408600030542100628852011696007&a=2655406b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90007.redintelligence.net/request_content.php?s=65408600030542100628852011696007&a=2655406b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:09 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 7620
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
event.png
tps20227.doubleverify.com/ Frame BCCF
67 B
464 B
Ping
General
Full URL
https://tps20227.doubleverify.com/event.png?impid=208f8a203d0c4456b7441e16175e32c9&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=176&vdur=497&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=5&msltms=15&vltms=497&sei=289&vetms=366&engms=1&engisel=1&ttfurm=2899&cbust=1629785590145517
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
event.png
tps20243.doubleverify.com/ Frame 8BAC
67 B
464 B
Ping
General
Full URL
https://tps20243.doubleverify.com/event.png?impid=8d407b8aba1b4156a01c1d78eb1723a1&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=244&vdur=284&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=8&tetms=7&msltms=12&vltms=284&sei=289&vetms=336&engms=1&engisel=1&ttfurm=2629&cbust=1629785590146423
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20235.doubleverify.com/ Frame FE97
67 B
464 B
Ping
General
Full URL
https://tps20235.doubleverify.com/event.png?impid=da510752f9d541a19280f60ae0bf3a4d&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=256&vdur=157&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=4&msltms=9&vltms=157&sei=289&vetms=316&engms=1&engisel=1&ttfurm=2480&cbust=1629785590159267
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
event.png
tps20222.doubleverify.com/ Frame 468A
67 B
464 B
Ping
General
Full URL
https://tps20222.doubleverify.com/event.png?impid=276951033f0a494d90889e35ad22e306&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=225&vdur=100&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=5&msltms=9&vltms=100&sei=290&vetms=342&engms=1&engisel=1&ttfurm=2449&cbust=1629785590216355
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
event.png
tps20248.doubleverify.com/ Frame 51DB
67 B
464 B
Ping
General
Full URL
https://tps20248.doubleverify.com/event.png?impid=3db18b47436c46fa8173187d8ca94c87&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=204&vdur=262&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=5&msltms=10&vltms=262&sei=289&vetms=222&engms=1&engisel=1&ttfurm=2492&cbust=1629785590435801
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
event.png
tps20241.doubleverify.com/ Frame 3795
67 B
464 B
Ping
General
Full URL
https://tps20241.doubleverify.com/event.png?impid=a6317b73a4874582b370d6711a0bc17b&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=222&vdur=268&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=4&msltms=9&vltms=268&sei=289&vetms=198&engms=1&engisel=1&ttfurm=2474&cbust=1629785590443412
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
bsevent.gif
tps20517.doubleverify.com/ Frame FCCD
807 B
1 KB
Ping
General
Full URL
https://tps20517.doubleverify.com/bsevent.gif?impid=04aadf08ad9643e3bede6c0db7960600&mascid=kspo9a2rq796c8htek8ir1t4ybqa7xbw&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=1853&cbust=1629785590482590
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:10 AM
bsevent.gif
tps20511.doubleverify.com/ Frame 527B
807 B
1 KB
Ping
General
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=461b883532b44708bc2f9a6b862d17ae&mascid=kspo9a2sap6u3gvehr30enxtd88g3f6a&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=2200&cbust=1629785590483361
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:10 AM
bsevent.gif
tps20513.doubleverify.com/ Frame F7C4
807 B
1 KB
Ping
General
Full URL
https://tps20513.doubleverify.com/bsevent.gif?impid=6727975459ab446a8660c32b3142ba83&mascid=kspo9a2yfsqcemsn7or1229wsg337nci&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=2280&cbust=1629785590488608
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.16 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:10 AM
bsevent.gif
tps20520.doubleverify.com/ Frame A695
807 B
1 KB
Ping
General
Full URL
https://tps20520.doubleverify.com/bsevent.gif?impid=2a895af4bed148658e94c99b690f0af3&mascid=kspo9a3qldzmptqotaxrpzb1riirki3q&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=2563&cbust=1629785590516862
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:10 AM
event.png
tps20238.doubleverify.com/ Frame 22DC
67 B
464 B
Ping
General
Full URL
https://tps20238.doubleverify.com/event.png?impid=a5401b986f234209bc06a21db19d67e2&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=251&vdur=286&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=8&tetms=4&msltms=13&vltms=286&sei=290&vetms=202&engms=1&engisel=1&ttfurm=2500&cbust=1629785590516501
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
event.png
tps20221.doubleverify.com/ Frame 7F94
67 B
464 B
Ping
General
Full URL
https://tps20221.doubleverify.com/event.png?impid=9c4286cf677b4aa5aec5563dee9442ff&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=255&vdur=34&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=6&msltms=25&vltms=34&sei=290&vetms=277&engms=1&engisel=1&ttfurm=2320&cbust=1629785590690259
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:12 AM
event.png
tps20240.doubleverify.com/ Frame 4654
67 B
464 B
Ping
General
Full URL
https://tps20240.doubleverify.com/event.png?impid=98c14e1609bf49e48e6fa1074d3adf0e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=247&vdur=36&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=6&msltms=9&vltms=36&sei=290&vetms=297&engms=1&engisel=1&ttfurm=2360&cbust=1629785590744674
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:10 AM
event.png
tps20236.doubleverify.com/ Frame 0423
67 B
464 B
Ping
General
Full URL
https://tps20236.doubleverify.com/event.png?impid=b22f6d1f346243109e1cecaa1cdce89a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=154&vdur=329&eoid=7&msrjs=1710&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=7&tetms=5&msltms=10&vltms=329&sei=290&vetms=240&engms=1&engisel=1&ttfurm=2579&cbust=1629785590749151
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.14 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
pc_pcview_all.css
static.affiliate.rakuten.co.jp/widget/html/stylesheets/ Frame 71F9
111 KB
8 KB
Stylesheet
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84dbb2e17cdca526a253123a8b6ab0c734db2ffaafe8acc091e63c4aa07122ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Jun 2014 04:51:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8155
X-XSS-Protection
1; mode=block
front_merged.js
static.affiliate.rakuten.co.jp/widget/html/javascripts/ Frame 71F9
135 KB
44 KB
Script
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/javascripts/front_merged.js
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e08978792f1773719a3676a24d7d6527917bd44c2dc6665d0ed894fd9aa8b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Aug 2017 01:46:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
/
mtwidget05.affiliate.ashiato.rakuten.co.jp/ Frame 71F9
126 KB
126 KB
Script
General
Full URL
https://mtwidget05.affiliate.ashiato.rakuten.co.jp/?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.61.100 Suginami-ku, Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
any.pub.jpe2.rpaas.net
Software
/ Express
Resource Hash
a05c2346196745079c5a3823a4c0e72c86df356bedad1b60afc539a077277c4f

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Vcap-Request-Id
a37cdbda-c67b-42f7-47f6-103bcb5b3bf6
Date
Tue, 24 Aug 2021 06:13:13 GMT
Connection
keep-alive
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
event.png
tps20227.doubleverify.com/ Frame BCCF
67 B
464 B
Ping
General
Full URL
https://tps20227.doubleverify.com/event.png?impid=208f8a203d0c4456b7441e16175e32c9&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=9&ismms=42&isumms=41&isvelg=1&nvr=6&isgmmims=42&isgmv4mims=42&elmtp=1&isbxdms=2942&b0=100&b11=3063&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=3163&sftb=3163&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1094&isuiabvms=1094&isgmpims=225&isgmv4dpims=1094&ispmxpms=1094&engalms=40&dvp_dpr=1&cbust=1629785591139100
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20243.doubleverify.com/ Frame 8BAC
67 B
464 B
Ping
General
Full URL
https://tps20243.doubleverify.com/event.png?impid=8d407b8aba1b4156a01c1d78eb1723a1&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=9&ismms=12&isumms=12&isvelg=1&nvr=2&isgmmims=12&isgmv4mims=12&elmtp=1&isbxdms=2712&b0=2855&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&lftb=2855&sftb=2855&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=11&dvp_dpr=1&cbust=1629785591145936
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20235.doubleverify.com/ Frame FE97
67 B
464 B
Ping
General
Full URL
https://tps20235.doubleverify.com/event.png?impid=da510752f9d541a19280f60ae0bf3a4d&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=9&ismms=10&isumms=10&isvelg=1&nvr=2&isgmmims=10&isgmv4mims=10&elmtp=1&isbxdms=2510&b0=2756&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&lftb=2756&sftb=2756&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=10&dvp_dpr=1&cbust=1629785591159704
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20222.doubleverify.com/ Frame 468A
67 B
464 B
Ping
General
Full URL
https://tps20222.doubleverify.com/event.png?impid=276951033f0a494d90889e35ad22e306&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=9&ismms=45&isumms=44&isvelg=1&nvr=6&elmtp=1&isbxdms=2545&b0=100&b11=2627&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2727&sftb=2727&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=997&isuiabvms=997&ispmxpms=997&engalms=43&dvp_dpr=1&cbust=1629785591215744
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
bsevent.gif
tps20516.doubleverify.com/ Frame 5130
807 B
1 KB
Ping
General
Full URL
https://tps20516.doubleverify.com/bsevent.gif?impid=279d8cce767846d99d47853fad06ee20&mascid=kspo9aqc8jtm3ddfbwouu25ulle4skns&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=1684&cbust=1629785591326358
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
8/23/2021 6:13:11 AM
event.png
tps20248.doubleverify.com/ Frame 51DB
67 B
464 B
Ping
General
Full URL
https://tps20248.doubleverify.com/event.png?impid=3db18b47436c46fa8173187d8ca94c87&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=9&ismms=11&isumms=10&isvelg=1&nvr=6&isgmmims=11&isgmv4mims=11&elmtp=1&isbxdms=2510&b0=100&b11=2634&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2734&sftb=2734&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1126&isuiabvms=1126&isgmpims=222&isgmv4dpims=1126&ispmxpms=1126&engalms=10&dvp_dpr=1&cbust=1629785591436937
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20241.doubleverify.com/ Frame 3795
67 B
464 B
Ping
General
Full URL
https://tps20241.doubleverify.com/event.png?impid=a6317b73a4874582b370d6711a0bc17b&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=9&ismms=12&isumms=11&isvelg=1&nvr=6&isgmmims=12&isgmv4mims=12&elmtp=1&isbxdms=2517&b0=100&b11=2645&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2745&sftb=2745&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1107&isuiabvms=1107&isgmpims=245&isgmv4dpims=1107&ispmxpms=1107&engalms=10&dvp_dpr=1&cbust=1629785591448245
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20238.doubleverify.com/ Frame 22DC
67 B
464 B
Ping
General
Full URL
https://tps20238.doubleverify.com/event.png?impid=a5401b986f234209bc06a21db19d67e2&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=9&ismms=11&isumms=11&isvelg=1&nvr=2&elmtp=1&isbxdms=2512&b0=2655&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&lftb=2655&sftb=2655&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=11&dvp_dpr=1&cbust=1629785591512296
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
loading.gif
static.affiliate.rakuten.co.jp/widget/html/images/ Frame 71F9
17 KB
17 KB
Image
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/images/loading.gif
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69a984093a6529657bc8a168865a77c7f3dc6613313464bdac5538c6713b4d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Jul 2012 09:57:54 GMT
Server
Apache
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17591
X-XSS-Protection
1; mode=block
buttons.gif
static.affiliate.rakuten.co.jp/widget/html/images/ Frame 71F9
6 KB
6 KB
Image
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/images/buttons.gif
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
48b9db4b0432bdebb0e6772f033d8a04a77712c973ce9d774ce7710e2dc73fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Jul 2018 15:20:50 GMT
Server
Apache
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6306
X-XSS-Protection
1; mode=block
event.png
tps20221.doubleverify.com/ Frame 7F94
67 B
464 B
Ping
General
Full URL
https://tps20221.doubleverify.com/event.png?impid=9c4286cf677b4aa5aec5563dee9442ff&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=9&ismms=11&isumms=10&isvelg=1&nvr=6&elmtp=1&isbxdms=2411&b0=100&b11=2545&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2645&sftb=2645&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=940&isuiabvms=940&ispmxpms=940&engalms=10&dvp_dpr=1&cbust=1629785591698462
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20240.doubleverify.com/ Frame 4654
67 B
464 B
Ping
General
Full URL
https://tps20240.doubleverify.com/event.png?impid=98c14e1609bf49e48e6fa1074d3adf0e&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=9&ismms=29&isumms=28&isvelg=1&nvr=6&elmtp=1&isbxdms=2428&b0=100&b11=2468&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2568&sftb=2568&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1047&isuiabvms=1047&ispmxpms=1047&engalms=27&dvp_dpr=1&cbust=1629785591741948
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
event.png
tps20236.doubleverify.com/ Frame 0423
67 B
464 B
Ping
General
Full URL
https://tps20236.doubleverify.com/event.png?impid=b22f6d1f346243109e1cecaa1cdce89a&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=9&ismms=14&isumms=14&isvelg=1&nvr=2&elmtp=1&isbxdms=2614&b0=2840&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&lftb=2840&sftb=2840&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=14&dvp_dpr=1&cbust=1629785591749611
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.14 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:11 AM
pc_pcview_all.html
static.affiliate.rakuten.co.jp/widget/html/ Frame 0040
1 KB
933 B
Document
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1f6cdc161a4ba60d120986b8b479c4990c00bd6a92dee0eaa620540275cd8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
static.affiliate.rakuten.co.jp
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://static.affiliate.rakuten.co.jp/widget/html/mw_dynamic_view.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--new_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json

Response headers

Server
Apache
Last-Modified
Thu, 30 Mar 2017 06:47:01 GMT
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Length
610
Connection
keep-alive
pc_pcview_all.css
static.affiliate.rakuten.co.jp/widget/html/stylesheets/ Frame 0040
111 KB
8 KB
Stylesheet
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84dbb2e17cdca526a253123a8b6ab0c734db2ffaafe8acc091e63c4aa07122ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Jun 2014 04:51:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8155
X-XSS-Protection
1; mode=block
pc_pcview_all.js
static.affiliate.rakuten.co.jp/widget/html/javascripts/ Frame 0040
216 KB
57 KB
Script
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/javascripts/pc_pcview_all.js?20200323
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5e60dc565a7bcf0532b838a9c75617566ea701f292c84aa4c33174cc20d1fbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Mar 2019 05:25:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
loading.gif
static.affiliate.rakuten.co.jp/widget/html/images/ Frame 0040
17 KB
17 KB
Image
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/images/loading.gif
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69a984093a6529657bc8a168865a77c7f3dc6613313464bdac5538c6713b4d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Jul 2012 09:57:54 GMT
Server
Apache
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17591
X-XSS-Protection
1; mode=block
buttons.gif
static.affiliate.rakuten.co.jp/widget/html/images/ Frame 0040
6 KB
6 KB
Image
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/html/images/buttons.gif
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
48b9db4b0432bdebb0e6772f033d8a04a77712c973ce9d774ce7710e2dc73fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/widget/html/stylesheets/pc_pcview_all.css?20140611
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Jul 2018 15:20:50 GMT
Server
Apache
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6306
X-XSS-Protection
1; mode=block
get_motion_widget_conf.php
xml.affiliate.rakuten.co.jp/widget/conf/ Frame 0040
37 KB
9 KB
Script
General
Full URL
https://xml.affiliate.rakuten.co.jp/widget/conf/get_motion_widget_conf.php?pointbackId=_RTmtlk20011595&service=ichiba&aid=10c3fda8.d5ba32e3.10c3fda9.3e43e297&pattern=4&date=1629785592854&callback=jQuery17202500012132606346_1629785592849&_=1629785592855
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/javascripts/pc_pcview_all.js?20200323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.16.123 , Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
xml.affiliate.rakuten.co.jp
Software
Apache /
Resource Hash
66f1bb8e88dc0700e8b03fbf7c1ae4e47953f23697bb09285e8753a75c619653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Connection
close
Content-Length
8962
X-XSS-Protection
1; mode=block
event.png
tps20227.doubleverify.com/ Frame BCCF
67 B
464 B
Ping
General
Full URL
https://tps20227.doubleverify.com/event.png?impid=208f8a203d0c4456b7441e16175e32c9&gdpr=&gdpr_consent=&mascid=kspo9a2rq796c8htek8ir1t4ybqa7xbw&dvp_masver=1710&eoid=10&cbust=1629785593251397
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20243.doubleverify.com/ Frame 8BAC
67 B
464 B
Ping
General
Full URL
https://tps20243.doubleverify.com/event.png?impid=8d407b8aba1b4156a01c1d78eb1723a1&gdpr=&gdpr_consent=&mascid=kspo9a2sap6u3gvehr30enxtd88g3f6a&dvp_masver=1710&eoid=10&cbust=1629785593252972
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:14 AM
event.png
tps20235.doubleverify.com/ Frame FE97
67 B
464 B
Ping
General
Full URL
https://tps20235.doubleverify.com/event.png?impid=da510752f9d541a19280f60ae0bf3a4d&gdpr=&gdpr_consent=&mascid=kspo9a2yfsqcemsn7or1229wsg337nci&dvp_masver=1710&eoid=10&cbust=1629785593261470
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20222.doubleverify.com/ Frame 468A
67 B
464 B
Ping
General
Full URL
https://tps20222.doubleverify.com/event.png?impid=276951033f0a494d90889e35ad22e306&gdpr=&gdpr_consent=&mascid=kspo9bujhjtrs129p99s03q3bz8cxrd9&dvp_masver=1710&eoid=10&cbust=1629785593319199
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20248.doubleverify.com/ Frame 51DB
67 B
464 B
Ping
General
Full URL
https://tps20248.doubleverify.com/event.png?impid=3db18b47436c46fa8173187d8ca94c87&gdpr=&gdpr_consent=&mascid=kspo9aqc8jtm3ddfbwouu25ulle4skns&dvp_masver=1710&eoid=10&cbust=1629785593537969
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20241.doubleverify.com/ Frame 3795
67 B
464 B
Ping
General
Full URL
https://tps20241.doubleverify.com/event.png?impid=a6317b73a4874582b370d6711a0bc17b&gdpr=&gdpr_consent=&mascid=kspo9a3qldzmptqotaxrpzb1riirki3q&dvp_masver=1710&eoid=10&cbust=1629785593544468
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20238.doubleverify.com/ Frame 22DC
67 B
464 B
Ping
General
Full URL
https://tps20238.doubleverify.com/event.png?impid=a5401b986f234209bc06a21db19d67e2&gdpr=&gdpr_consent=&mascid=kspo9c1g1c4xrmumhwbhanme2nqm0phl&dvp_masver=1710&eoid=10&cbust=1629785593628574
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20221.doubleverify.com/ Frame 7F94
67 B
464 B
Ping
General
Full URL
https://tps20221.doubleverify.com/event.png?impid=9c4286cf677b4aa5aec5563dee9442ff&gdpr=&gdpr_consent=&mascid=kspo9cbadqh9r5htty235nb0k9ub9sz8&dvp_masver=1710&eoid=10&cbust=1629785593795492
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20240.doubleverify.com/ Frame 4654
67 B
464 B
Ping
General
Full URL
https://tps20240.doubleverify.com/event.png?impid=98c14e1609bf49e48e6fa1074d3adf0e&gdpr=&gdpr_consent=&mascid=kspo9cbof818ik3grybwbjm3ukf61gb4&dvp_masver=1710&eoid=10&cbust=1629785593846107
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
event.png
tps20236.doubleverify.com/ Frame 0423
67 B
464 B
Ping
General
Full URL
https://tps20236.doubleverify.com/event.png?impid=b22f6d1f346243109e1cecaa1cdce89a&gdpr=&gdpr_consent=&mascid=kspo9c5srm6bwk3p4glzu1if7u4lvnn2&dvp_masver=1710&eoid=10&cbust=1629785593851133
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1710.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.14 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 24 Aug 2021 06:13:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
8/23/2021 6:13:13 AM
vc
grp01.ashiato.rakuten.co.jp/rms/sd/ashiato/ Frame 0040
33 B
417 B
Script
General
Full URL
https://grp01.ashiato.rakuten.co.jp/rms/sd/ashiato/vc?act=6&sid=76&c=1&1629785594&callback=jQueryAshiato
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/javascripts/pc_pcview_all.js?20200323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.48.232 Suginami-ku, Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
grp01.ashiato.rakuten.co.jp
Software
openresty /
Resource Hash
8ec7feade55865e2f4027ee991f04b7eba21e3370257f4ab05a9ba56156ba2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri Mar 04 00:00:00 GMT 2011
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
private
Connection
close
Content-Length
33
X-XSS-Protection
1; mode=block
X-Request-ID
5f8901de-04a2-11ec-a86a-0242ac110007
Expires
Wed, 25 Aug 2021 11:13:17 GMT
dc_oe=ChMIqInQt4DJ8gIVFei7CB2_PwFDEAAYACC4pLVC;met=1;&timestamp=1629785598312;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FCCD
42 B
515 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqInQt4DJ8gIVFei7CB2_PwFDEAAYACC4pLVC;met=1;&timestamp=1629785598312;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj5DQt4DJ8gIVxLDeCh2EQQvSEAAYACC4pLVC;met=1;&timestamp=1629785598649;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 527B
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj5DQt4DJ8gIVxLDeCh2EQQvSEAAYACC4pLVC;met=1;&timestamp=1629785598649;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI1NLnt4DJ8gIVHce7CB2jlQ3CEAAYACDEpLVC;met=1;&timestamp=1629785598744;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5130
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1NLnt4DJ8gIVHce7CB2jlQ3CEAAYACDEpLVC;met=1;&timestamp=1629785598744;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIluTnt4DJ8gIVUYr9Bx1AtAAEEAAYACDZg8pI;met=1;&timestamp=1629785598787;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A695
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIluTnt4DJ8gIVUYr9Bx1AtAAEEAAYACDZg8pI;met=1;&timestamp=1629785598787;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIlcrRt4DJ8gIVzwbgCh1ggwC4EAAYACC4pLVC;met=1;&timestamp=1629785598800;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F7C4
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlcrRt4DJ8gIVzwbgCh1ggwC4EAAYACC4pLVC;met=1;&timestamp=1629785598800;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: internet.blogmura.com
URL: https://internet.blogmura.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.xml
static.affiliate.rakuten.co.jp/widget/ranking/ Frame 0040
85 KB
29 KB
XHR
General
Full URL
https://static.affiliate.rakuten.co.jp/widget/ranking/0.xml?20210824
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/javascripts/pc_pcview_all.js?20200323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.75.89.215 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1cd18dd13ddabcbf4ac45460b92896fd7f9865f0204bd960c79c3fee3cdb7905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Aug 2021 06:14:18 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29126
X-XSS-Protection
1; mode=block
a.gif
log.affiliate.rakuten.co.jp/mw/imp/ Frame 0040
43 B
313 B
Image
General
Full URL
https://log.affiliate.rakuten.co.jp/mw/imp/a.gif?pointbackId=_RTmtlk20011595&item=ctsmatch&service=ichiba&affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&itemMode=ichiba_default&ashiatoCount=0&itemCodes=cicib:10002505,mahapp:10000049,cicibella-sports:10000118,newd01:10000060,volstar-online-shop:10000160,weiwei:10022881,shopjapan:10000672,fuji-komtech:10000001,book:19750950,book:20446200&genreIdList=0,0,0,0,0,0,0,0,0,0&m=-_pbid--20011595__size--728x200__imode--ichiba_default__dt--PC__ver--replaced_18_-&recommend=on&itemCount=20&pUrl=https%3A%2F%2Finternet.blogmura.com%2F&date=1629785598943
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.60.7 Suginami-ku, Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
log.affiliate.rakuten.co.jp
Software
Apache /
Resource Hash
dd2c258cf8c745613b19d15a4760085ef64af7bc9ec0aa10531f8b0f5c30965c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Feb 2019 07:30:20 GMT
Server
Apache
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1; mode=block
20.jpg
thumbnail.image.rakuten.co.jp/@0_mall/cicib/cabinet/08429497/08429498/ Frame 0040
4 KB
4 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/cicib/cabinet/08429497/08429498/20.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
743f70e1a5aa46cd045581f3f14667489cacee2f0994337fcc1cf4ecfa406aea

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
56138
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3964
last-modified
Tue, 10 Aug 2021 09:00:26 GMT
server
nginx
etag
"6112402a-87ace"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/cicib/cabinet/08429497/08429498/20.jpg?fitin=700:700>; rel="canonical"
x-llid
101968edf9c246a70d7a665a14e940ee
expires
Tue, 24 Aug 2021 07:13:19 GMT
imgrc0087733590.jpg
thumbnail.image.rakuten.co.jp/@0_mall/mahapp/cabinet/08014349/ Frame 0040
5 KB
5 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/mahapp/cabinet/08014349/imgrc0087733590.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
b001fd7aeda79be8d73cc4027dece13d80adec93caa30f6cd41699c88ab024af

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
8135
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
5190
last-modified
Sat, 21 Aug 2021 06:49:55 GMT
server
nginx
etag
"6120a213-28ee3"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/mahapp/cabinet/08014349/imgrc0087733590.jpg?fitin=700:700>; rel="canonical"
x-llid
6cf301be9f9384311c41970841a5f110
expires
Tue, 24 Aug 2021 07:13:19 GMT
50.jpg
thumbnail.image.rakuten.co.jp/@0_mall/cicibella-sports/cabinet/08402809/ Frame 0040
6 KB
6 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/cicibella-sports/cabinet/08402809/50.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
f522e6466c14cc35e0f59ead392714a02b0cbba23e95fa3323958b24d839eef0

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
70001
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
5948
last-modified
Tue, 27 Jul 2021 09:51:18 GMT
server
nginx
etag
"60ffd716-cbf83"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/cicibella-sports/cabinet/08402809/50.jpg?fitin=700:700>; rel="canonical"
x-llid
1e5ab0508d3200aafc23e4bae39a35e2
expires
Tue, 24 Aug 2021 07:13:19 GMT
oximeter10_20.jpg
thumbnail.image.rakuten.co.jp/@0_mall/newd01/cabinet/ Frame 0040
4 KB
5 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/newd01/cabinet/oximeter10_20.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
0622992918204806b51f0bd82b42cffe0c0b60797c99baf8cb683bbe08d3450b

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
31139
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
4442
last-modified
Sat, 21 Aug 2021 06:27:05 GMT
server
nginx
etag
"61209cb9-34308"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/newd01/cabinet/oximeter10_20.jpg?fitin=700:700>; rel="canonical"
x-llid
bb63116f79f9ec13b9a2d30d5e02b508
expires
Tue, 24 Aug 2021 07:13:19 GMT
enavis_ha_1.jpg
thumbnail.image.rakuten.co.jp/@0_mall/volstar-online-shop/cabinet/07374919/08407164/08407166/ Frame 0040
3 KB
3 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/volstar-online-shop/cabinet/07374919/08407164/08407166/enavis_ha_1.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
f519d2ef48b4ca790eb19e8bf3d541b59dd6d8b7c2bbcb5da44db6eb2c957101

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
78428
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3112
last-modified
Thu, 29 Jul 2021 09:21:59 GMT
server
nginx
etag
"61027337-6004d"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/volstar-online-shop/cabinet/07374919/08407164/08407166/enavis_ha_1.jpg?fitin=700:700>; rel="canonical"
x-llid
faf5594500a222979f0d3f91d04b2e23
expires
Tue, 24 Aug 2021 07:13:19 GMT
bwm8yp.jpg
thumbnail.image.rakuten.co.jp/@0_mall/weiwei/cabinet/shouhin-image03/ Frame 0040
6 KB
7 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/weiwei/cabinet/shouhin-image03/bwm8yp.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
02c66fb160169614d60e0953cb51bdbba2db1470e3031e1317b581908e5aede7

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
23426
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
6474
last-modified
Thu, 19 Aug 2021 02:13:09 GMT
server
nginx
etag
"611dbe35-557a6"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/weiwei/cabinet/shouhin-image03/bwm8yp.jpg?fitin=700:700>; rel="canonical"
x-llid
1a8002e8626ad708efe06fc7773a3637
expires
Tue, 24 Aug 2021 07:13:19 GMT
20210821th_s.jpg
thumbnail.image.rakuten.co.jp/@0_mall/shopjapan/cabinet/trsp35/ Frame 0040
2 KB
2 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/shopjapan/cabinet/trsp35/20210821th_s.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf6fe87055fbb36d360ecf96253a33c84b3645a8145508031325680a56d1efd

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
11748
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
1640
last-modified
Tue, 17 Aug 2021 05:10:25 GMT
server
nginx
etag
"611b44c1-1feed"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/shopjapan/cabinet/trsp35/20210821th_s.jpg?fitin=700:700>; rel="canonical"
x-llid
a89f517e11134078aed956aae6e096b2
expires
Tue, 24 Aug 2021 07:13:19 GMT
parusu_00_3.jpg
thumbnail.image.rakuten.co.jp/@0_mall/fuji-komtech/cabinet/shouhin/parusuokisimeta/ Frame 0040
4 KB
4 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/fuji-komtech/cabinet/shouhin/parusuokisimeta/parusu_00_3.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
676297115c2e76303f68dae1a62b08245ea958bec9e79bcdefd30e97068735b9

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
68474
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3654
last-modified
Fri, 29 May 2020 06:10:38 GMT
server
nginx
etag
"5ed0a75e-d58d"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/fuji-komtech/cabinet/shouhin/parusuokisimeta/parusu_00_3.jpg?fitin=700:700>; rel="canonical"
x-llid
3b3ffb6da5342ffae92999bbdc9c75bd
expires
Tue, 24 Aug 2021 07:13:19 GMT
4902370542912.jpg
thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/ Frame 0040
2 KB
2 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/4902370542912.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
7957f1d4cb1e2ee2c8c24604c5178275d094ffa8e9ca4fa929ebe063ba50db48

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
29109
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
2148
last-modified
Fri, 23 Aug 2019 06:20:00 GMT
server
nginx
etag
"5d5f8590-2f104"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/book/cabinet/2912/4902370542912.jpg?fitin=700:700>; rel="canonical"
x-llid
99632732b7fe3cb57a40826131eca8a0
expires
Tue, 24 Aug 2021 07:13:19 GMT
4988021718752.jpg
thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/8752/ Frame 0040
5 KB
5 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/8752/4988021718752.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
afe30a39743308f67a7e5f208eef83b590d41c36677bdd91f01b623bbf73a596

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
31091
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
5118
last-modified
Fri, 20 Aug 2021 04:39:01 GMT
server
nginx
etag
"611f31e5-13d31e"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/book/cabinet/8752/4988021718752.jpg?fitin=700:700>; rel="canonical"
x-llid
60a64a8bf67e986600364be89a911678
expires
Tue, 24 Aug 2021 07:13:19 GMT
imgrc0085650425.jpg
thumbnail.image.rakuten.co.jp/@0_mall/e-earphone/cabinet/07202705/ Frame 0040
4 KB
4 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/e-earphone/cabinet/07202705/imgrc0085650425.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
12196fe4b2647d327079cb0502d09b57ec86638b155808dfd4ba29f4a8c45290

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
12289
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3834
last-modified
Thu, 03 Jun 2021 08:00:18 GMT
server
nginx
etag
"60b88c12-ba74"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/e-earphone/cabinet/07202705/imgrc0085650425.jpg?fitin=700:700>; rel="canonical"
x-llid
8c50ba0809f39f2c9b747d797efb8a3e
expires
Tue, 24 Aug 2021 07:13:19 GMT
imgrc0073596196.jpg
thumbnail.image.rakuten.co.jp/@0_mall/cottonhouse/cabinet/07920170/07920173/ Frame 0040
5 KB
6 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/cottonhouse/cabinet/07920170/07920173/imgrc0073596196.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
72c4466b6204f01f877b48404dd25603ffc34edf20d19c6bd0664da619b2a57e

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
31075
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
5574
last-modified
Tue, 17 Aug 2021 08:03:28 GMT
server
nginx
etag
"611b6d50-28ac2"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/cottonhouse/cabinet/07920170/07920173/imgrc0073596196.jpg?fitin=700:700>; rel="canonical"
x-llid
5e85a2e700b0a908e755cfa78f73fed6
expires
Tue, 24 Aug 2021 07:13:19 GMT
imgrc0088071502.jpg
thumbnail.image.rakuten.co.jp/@0_mall/sbyt-sbyt/cabinet/07783362/07809085/08219003/ Frame 0040
3 KB
3 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/sbyt-sbyt/cabinet/07783362/07809085/08219003/imgrc0088071502.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
69662b3df98a0264fda89f2c9dad828c2b82cd826f4f3724241189fa8d347036

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
78428
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3058
last-modified
Fri, 09 Jul 2021 08:39:17 GMT
server
nginx
etag
"60e80b35-1c01b"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/sbyt-sbyt/cabinet/07783362/07809085/08219003/imgrc0088071502.jpg?fitin=700:700>; rel="canonical"
x-llid
e2ee925e130c553761e6d437edd1478b
expires
Tue, 24 Aug 2021 07:13:19 GMT
50.jpg
thumbnail.image.rakuten.co.jp/@0_mall/cicib/cabinet/08402884/08402885/ Frame 0040
6 KB
6 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/cicib/cabinet/08402884/08402885/50.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
3fff37520cc589a8bdc6be3bc097e6285dc62075ca1001e68249d6dfdc4516a9

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
31059
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
6130
last-modified
Tue, 27 Jul 2021 10:56:34 GMT
server
nginx
etag
"60ffe662-d73f8"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/cicib/cabinet/08402884/08402885/50.jpg?fitin=700:700>; rel="canonical"
x-llid
bcecab46ca4bdee6a5991a25fe5a7bbe
expires
Tue, 24 Aug 2021 07:13:19 GMT
288366_0000.jpg
thumbnail.image.rakuten.co.jp/@0_mall/kurashikenkou/cabinet/jishahin21/ Frame 0040
4 KB
5 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/kurashikenkou/cabinet/jishahin21/288366_0000.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
0d6c70cf50a1a9ec5a54aaad3a1eb712a7f66be288532aca03471dd7c92f2dd3

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
78428
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
4206
last-modified
Mon, 02 Aug 2021 07:02:01 GMT
server
nginx
etag
"61079869-4940e"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/kurashikenkou/cabinet/jishahin21/288366_0000.jpg?fitin=700:700>; rel="canonical"
x-llid
124163e29531dafeba6b90a35b7c1e59
expires
Tue, 24 Aug 2021 07:13:19 GMT
ao_30p_c699.jpg
thumbnail.image.rakuten.co.jp/@0_mall/seedcoms/cabinet/images/thum/cpn/ Frame 0040
8 KB
8 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/seedcoms/cabinet/images/thum/cpn/ao_30p_c699.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
2525029bb364e5d47c6429f1601521d29d1b97a46362fd2870a25cae64042536

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
66486
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
7800
last-modified
Mon, 22 Jun 2020 08:35:34 GMT
server
nginx
etag
"5ef06d56-2dd37"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/seedcoms/cabinet/images/thum/cpn/ao_30p_c699.jpg?fitin=700:700>; rel="canonical"
x-llid
079d7d2ab28c6e9fce0fa1d7fecda9a0
expires
Tue, 24 Aug 2021 07:13:19 GMT
1.jpg
thumbnail.image.rakuten.co.jp/@0_mall/attackchance/cabinet/08285488/08307068/ Frame 0040
6 KB
6 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/attackchance/cabinet/08285488/08307068/1.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
ec5ee9056fc30975688b2c4c4e26be6e0c964a34a26a9d92e4801ebce0dc08b8

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
8814
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
6002
last-modified
Sat, 21 Aug 2021 06:47:39 GMT
server
nginx
etag
"6120a18b-75ed0"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/attackchance/cabinet/08285488/08307068/1.jpg?fitin=700:700>; rel="canonical"
x-llid
a8a45c1aa53bf07a8472094f504241ae
expires
Tue, 24 Aug 2021 07:13:19 GMT
mask120kf03-2.jpg
thumbnail.image.rakuten.co.jp/@0_mall/life-life/cabinet/mask/ Frame 0040
3 KB
4 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/life-life/cabinet/mask/mask120kf03-2.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
3e320ca63ffbcb27b79e64c05755cfd1bfe9e9cc901925caac711ff8abfd841b

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
31027
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3390
last-modified
Tue, 17 Aug 2021 03:18:31 GMT
server
nginx
etag
"611b2a87-1aca7"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/life-life/cabinet/mask/mask120kf03-2.jpg?fitin=700:700>; rel="canonical"
x-llid
4a01a42f9f837e361d43cb2c11fde2c2
expires
Tue, 24 Aug 2021 07:13:19 GMT
new_ec100d_main.jpg
thumbnail.image.rakuten.co.jp/@0_mall/pureclean-shop/cabinet/oximeter/ Frame 0040
3 KB
4 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/pureclean-shop/cabinet/oximeter/new_ec100d_main.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
e80baa8a23f1b2cb3e46937d6b8ea9560bb7e7c1f82a96c535f00fd31ff95082

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
56137
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
3344
last-modified
Thu, 04 Jun 2020 03:17:12 GMT
server
nginx
etag
"5ed867b8-207fd"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/pureclean-shop/cabinet/oximeter/new_ec100d_main.jpg?fitin=700:700>; rel="canonical"
x-llid
e758e51e8d201142d9abccc1a4f76251
expires
Tue, 24 Aug 2021 07:13:19 GMT
imgrc0087984245.jpg
thumbnail.image.rakuten.co.jp/@0_mall/sbyt-sbyt/cabinet/07783362/07809085/ Frame 0040
3 KB
3 KB
Image
General
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/sbyt-sbyt/cabinet/07783362/07809085/imgrc0087984245.jpg?_ex=128x128
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:623:12:207:43ff:fe3e:b940 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
a4bb77303e393c5dbc007eafedaa2548ddd72bc655b63f0e2426149c2ea95a73

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:19 GMT
x-cdn-cache
HIT
age
56136
x-cpcode
349668
x-cdn-served-from
LLNW
content-length
2978
last-modified
Wed, 30 Jun 2021 07:33:44 GMT
server
nginx
etag
"60dc1e58-1c0ac"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/sbyt-sbyt/cabinet/07783362/07809085/imgrc0087984245.jpg?fitin=700:700>; rel="canonical"
x-llid
b778186f16fa86ad9f0a07019fb6e7cc
expires
Tue, 24 Aug 2021 07:13:19 GMT
a.gif
log.affiliate.rakuten.co.jp/mw/imp/ Frame 0040
43 B
313 B
Image
General
Full URL
https://log.affiliate.rakuten.co.jp/mw/imp/a.gif?pointbackId=_RTmtlk20011595&item=ctsmatch&service=ichiba&affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&itemMode=ichiba_default&ashiatoCount=0&itemCodes=cicib:10002505,mahapp:10000049,cicibella-sports:10000118,newd01:10000060,volstar-online-shop:10000160,weiwei:10022881,shopjapan:10000672,fuji-komtech:10000001,book:19750950,book:20446200&genreIdList=0,0,0,0,0,0,0,0,0,0&m=-_pbid--20011595__size--728x200__imode--ichiba_default__dt--PC__ver--replaced_18_-&recommend=on&itemCount=20&pUrl=https%3A%2F%2Finternet.blogmura.com%2F&date=1629785599146
Requested by
Host: static.affiliate.rakuten.co.jp
URL: https://static.affiliate.rakuten.co.jp/widget/html/pc_pcview_all.html?rakuten_design=slide&rakuten_affiliateId=10c3fda8.d5ba32e3.10c3fda9.3e43e297&rakuten_items=ctsmatch&rakuten_genreId=0&rakuten_size=728x200&rakuten_pattern=H1C&rakuten_target=_blank&rakuten_theme=gray&rakuten_border=on&rakuten_auto_mode=off&rakuten_genre_title=off&rakuten_pointbackId=_RTmtlk20011595&rakuten_no_link=off&rakuten_no_afl=off&rakuten_no_logo=off&rakuten_undispGenre=off&rakuten_wmode=off&rakuten_noScrollButton=off&rakuten_bgColor=FFFFFF&rakuten_txtColor=1D54A7&rakuten_captionColor=000000&rakuten_moverColor=C00000&rakuten_recommend=on&rakuten_service_flag=ichiba&rakuten_adNetworkId=&rakuten_adNetworkUrl=&rakuten_searchKeyword=&rakuten_disableLogo=&rakuten_moverItembgColor=&rakuten_moverCaptionColor=&rakuten_slideSpeed=250&rakuten_moreInfoColor=red&rakuten_subTxtColor=&rakuten_loadingImage=auto&rakuten_imageDisplay=auto&rakuten_txtDisplay=auto&rakuten_captionDisplay=auto&rakuten_moreInfoDisplay=auto&rakuten_txtRow=auto&rakuten_captionRow=auto&rakuten_auto_interval=6000&rakuten_imageSize=auto&rakuten_slideCell=auto&rakuten_slideDirection=auto&rakuten_order=0,1,2,3&rakuten_loadingTimeout=0&rakuten_mediaId=&rakuten_measurementId=-_ver--replaced_18_-&rakuten_pointSiteId=&rakuten_isAdvanced=false&rakuten_isIE=false&rakuten_deviceType=PC&rakuten_itemAmount=20&rakuten_tLogFrequency=10&rakuten_timestamp=1629785585156&rakuten_optout=off&rakuten_deeplink=on&rakuten_pUrl=https%3A%2F%2Finternet.blogmura.com%2F&rakuten_version=20200323&rakuten_datatype=json&ruleId=responsive728x200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.237.60.7 Suginami-ku, Japan, ASN23820 (RAKUTEN Rakuten,Inc., JP),
Reverse DNS
log.affiliate.rakuten.co.jp
Software
Apache /
Resource Hash
dd2c258cf8c745613b19d15a4760085ef64af7bc9ec0aa10531f8b0f5c30965c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.affiliate.rakuten.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 06:13:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Feb 2019 07:30:20 GMT
Server
Apache
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b05ad0f39557466102310a6c6126b170f9a4913f1f10f0dc20a1cdb20e8866f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 06:13:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8670
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:13:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 24 Aug 2021 06:13:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F5BF
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 24 Aug 2021 05:46:04 GMT
expires
Wed, 24 Aug 2022 05:46:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 083E
783 B
829 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd5375d252b663b71e1646c6b6c50d83a548abc3aeb572caebcd5de403a8d3a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LiVk+ZQUVmFxrR2cwuom5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://internet.blogmura.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://internet.blogmura.com/

Response headers

expires
Tue, 24 Aug 2021 06:13:20 GMT
date
Tue, 24 Aug 2021 06:13:20 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LiVk+ZQUVmFxrR2cwuom5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame F5BF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
70
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 06:12:10 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=2141549704890938&bg=!4OOl46fNAAZvV8FTb1c7ACkAdvg8WsbbLKKzzA6vJUQPoOhJbBI4HsteZGQAAcG0xoQFCtakLYnsDAIAAADlUgAAABFoAQeZAoCGXyo47NmtJ8cm6tBvlcNllHaqSb4Hmc2myZ9lznCO5tDUymJABim0cp0x4frJaqaiy9nowe9fIyUVqLt7cyrPGqgpVcyhSfhB5olmXYNlgrx-QyP4zJIMwlHnhk-ahN59V0Fa-DuJQCXYchKC2JbTNnVXahmgc5RCUrQM2MV3zCEHDOfbd7AHn14VtFrgEnVsBAURAQ6rrI2Tr3vafhLaMGI3bhI_S_bwAYqEXB9i0FybB3rA4CkEIoPeg6pV2FND1fuqXfl_FXAjCERBG8YUrtO0GVp-wE-sWr-_A-b-AIIneLMJmLdQcE5RwjVMtl5JuH97CVQt44UZcY8oOiq-Qv_TqbVWi62YoIGT_JF3eeupjsLGgDKBzbWWDn68onofn3hm4im8dAyjJ9WtCqafkmDI-gvL_J_lRusEiY5Ym_QtSJYme3ScOEiT8f5zQhoUk3-4OoaMLngk5kpWFfmL0D1Q4nrXs9hgWvBe6GOGnoMRJERPux4BwncILPDXgPVfODVl4aq_AvJd-1Fmtm7dueEOE5Or8WNwyDptQXCaC-abLd2YneKx2UMY_eRnHXgn8Epvz-ze8wE9_8hzW_tLTHU_3oso-Sp_2Kg3jWxWButg8y-2yBXG2_7uhzTV4_PJPPQUw2QY23uY9u4nwW5KLiqtjaYbgaIgXprgWHVXAWWYs7imFlYe1FkpZ99Pu2lo8tPApiwjl9qfhMi7HTNZ8pXUPJUTLOald3YFvhEzJt40BktMi7Jy083hopsbg-zvCTKV42pY45hql-NNZBtaBTkWyhKuqIeBjvlU-pX06pSXmZJy_F3OZkh3s4_p-vpQQ-QTEhoKaTbnoZp7SbkX
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://internet.blogmura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

dc_oe=ChMIqInQt4DJ8gIVFei7CB2_PwFDEAAYACC4pLVC;met=1;&timestamp=1629785608312;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame FCCD
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqInQt4DJ8gIVFei7CB2_PwFDEAAYACC4pLVC;met=1;&timestamp=1629785608312;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj5DQt4DJ8gIVxLDeCh2EQQvSEAAYACC4pLVC;met=1;&timestamp=1629785608649;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 527B
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj5DQt4DJ8gIVxLDeCh2EQQvSEAAYACC4pLVC;met=1;&timestamp=1629785608649;eid1=2;ecn1=0;etm1=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI1NLnt4DJ8gIVHce7CB2jlQ3CEAAYACDEpLVC;met=1;&timestamp=1629785608744;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 5130
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1NLnt4DJ8gIVHce7CB2jlQ3CEAAYACDEpLVC;met=1;&timestamp=1629785608744;eid1=2;ecn1=0;etm1=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIluTnt4DJ8gIVUYr9Bx1AtAAEEAAYACDZg8pI;met=1;&timestamp=1629785608783;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame A695
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIluTnt4DJ8gIVUYr9Bx1AtAAEEAAYACDZg8pI;met=1;&timestamp=1629785608783;eid1=2;ecn1=0;etm1=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIlcrRt4DJ8gIVzwbgCh1ggwC4EAAYACC4pLVC;met=1;&timestamp=1629785608795;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame F7C4
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlcrRt4DJ8gIVzwbgCh1ggwC4EAAYACC4pLVC;met=1;&timestamp=1629785608795;eid1=2;ecn1=0;etm1=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 06:13:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| Stickyfill function| objectFitImages string| positionKey object| $defaultHtml undefined| initialSortList undefined| currentSortList object| defaultSuggestList boolean| isDefaultSort object| _categories object| _sort number| timer object| _interval object| ticker function| escapeQuietly function| addPoint object| googletag object| gaplugins object| gaGlobal object| gaData string| rakuten_design string| rakuten_affiliateId string| rakuten_items number| rakuten_genreId string| rakuten_size string| rakuten_target string| rakuten_theme string| rakuten_border string| rakuten_auto_mode string| rakuten_genre_title string| rakuten_recommend string| rakuten_pointbackId object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| rakuten_adNetworkId string| rakuten_adNetworkUrl string| rakuten_mediaId string| rakuten_pointSiteId string| rakuten_bgColor string| rakuten_captionDisplay string| rakuten_imageSize string| rakuten_moreInfoDisplay string| rakuten_moverItembgColor string| rakuten_noScrollButton string| rakuten_pattern string| rakuten_slideCell string| rakuten_txtDisplay string| rakuten_itemAmount string| rakuten_txtColor string| rakuten_dispPc object| GoogleGcLKhOms object| google_image_requests

0 Cookies

3 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108100143000 https://internet.blogmura.com/
console-api info URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108100143000 https://internet.blogmura.com/
console-api info URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108100143000 https://internet.blogmura.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4031f6c3cb81ecf9c7d226dce22790b4.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
ads.yahoo.com
adservice.google.be
adservice.google.com
ajax.googleapis.com
cdn.ampproject.org
cdn.contentspread.net
cdn.doubleverify.com
cdn3.doubleverify.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grp01.ashiato.rakuten.co.jp
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900013.redintelligence.net
hal900017.redintelligence.net
hal900024.redintelligence.net
hal90003.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
img.blogmura.com
internet.blogmura.com
link.blogmura.com
log.affiliate.rakuten.co.jp
mtwidget04.affiliate.rakuten.co.jp
mtwidget05.affiliate.ashiato.rakuten.co.jp
p.typekit.net
pagead2.googlesyndication.com
rtb-csync.smartadserver.com
rtb0.doubleverify.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.affiliate.rakuten.co.jp
static.blogmura.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
thumbnail.image.rakuten.co.jp
tpc.googlesyndication.com
tps.doubleverify.com
tps20221.doubleverify.com
tps20222.doubleverify.com
tps20227.doubleverify.com
tps20235.doubleverify.com
tps20236.doubleverify.com
tps20238.doubleverify.com
tps20240.doubleverify.com
tps20241.doubleverify.com
tps20243.doubleverify.com
tps20248.doubleverify.com
tps20511.doubleverify.com
tps20513.doubleverify.com
tps20516.doubleverify.com
tps20517.doubleverify.com
tps20520.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
xml.affiliate.rakuten.co.jp
104.111.242.245
104.75.89.215
116.202.48.214
13.224.102.73
13.224.196.96
133.237.16.123
133.237.48.232
133.237.60.7
133.237.61.100
138.201.63.117
138.201.63.157
138.201.84.245
138.201.84.252
142.250.184.226
142.250.185.194
142.250.185.226
142.250.186.162
142.250.186.38
159.69.70.9
18.156.0.31
185.86.138.144
185.94.180.126
2.18.234.21
213.254.244.13
213.254.244.14
213.254.244.15
213.254.244.16
213.254.244.19
213.254.244.20
213.254.244.22
2a00:1288:80:800::7000
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c08::9a
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a02:3d0:623:12:207:43ff:fe3e:b940
3.113.241.215
34.98.64.218
37.252.172.250
54.199.143.71
85.114.131.235
94.130.102.164
00324cb7a9df3abf75744947d89f78945102098334b00afccdce6187832dc91c
0166f8adacda7f8883e5aa4a4e95155ae29580de8ce1c986962591c163312c69
018761d3142206ed9025eb8569107eee39a01be4927f245c7c12c7c894c989cf
01e7515d2f13cb1833bff4f39aecad134db16f34d6cdba32c3d4fa67dcf86c55
029d7c2f3eaa98901f8697ae3d16869f6b7ec06175b0837a1f822b270c11cca6
02c66fb160169614d60e0953cb51bdbba2db1470e3031e1317b581908e5aede7
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0622992918204806b51f0bd82b42cffe0c0b60797c99baf8cb683bbe08d3450b
06cfec9fb52dc6d0c17a014b960b8d4003d4f4fb9d836f85fc822a9fecaa678b
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
09e6991b315fab6b428107d3544b47fdb8a6ecfb013f7a64aec9c1cac2635f5b
0a4430ec388df2e76df8e90d2cc8938489fb3859138c33fc773a82faf624e924
0b05ad0f39557466102310a6c6126b170f9a4913f1f10f0dc20a1cdb20e8866f
0b45103e5604c3182d4726f3ed4d625c0a405c77f3c62ddfc51395ab012282f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ef7839ecd6c1ef6c65a0fe3dde65b5a1f3f1d9a53f2b74c14210e3f0d7b5f
0cf2f33dd98a9abaf5079034dd99cf43bf8c1159fb9fbce69bbeea9cb5701b56
0d32a8d443a69cb25ddf3469610d08562a4e7a2578c5aa374cc4d2e375090e43
0d6c70cf50a1a9ec5a54aaad3a1eb712a7f66be288532aca03471dd7c92f2dd3
0eecf491241f39dda128866d96677cc58baa42500a10426748f61849f2daad54
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
0fa5c611396e0e4f11ac50edc3ce75960ba5d232d28de3df45d3591c40d960b8
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
1156f20ef7e5fd197ab31c1b5180e032a3a7aba395872981ec7e67f803bac6d5
12196fe4b2647d327079cb0502d09b57ec86638b155808dfd4ba29f4a8c45290
126efbcdc48a9eef57a0de949224a0ba971cd391e759ef1bd79520571b731de1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fbc4e2cb6dae7985b0ca415c414ac8d7541cf7b83e5d17a29e579659d53363
13304ccc5dda202cde28892fc6845790f04a7a3d04ddf7a730a529f147d60b83
138a7d3f7c9fc540ac00e93d5dc7cf1baf120213b831b774ed7afa8939510286
13ac11a5c871a2774665134d73d46710eac54d405782e5ff3d2a46849fa98b5d
13e2959a4628b5abc04a12287d6c09056fa5304d60ce6681ccb724ea75817241
1501a1f37e383c6898c4c9c1d7f69aa138e86bcb18a7f4c715dbcac501adcd36
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
1a19cd2d00004987328438cd298552503ec8a217a7500c60c3bf5bda9708071c
1a6d72f7035f8f346400860ed45ac7b554b7e187ed67f4e948c82c987d25eb7c
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b5b66991214be65bbc2eb8cc232624fb727234e533a4eb69f45f1082e534a86
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c26e557051bd119dc1a6aa0afe56340562d7982948913dcee964e00b5f8b6dd
1cd18dd13ddabcbf4ac45460b92896fd7f9865f0204bd960c79c3fee3cdb7905
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d9b8298b411bbe101ad654cf53a94fcb85c1107e6151c192befdaaba8997a32
1e2642ff4e9ae93b2e656c28ffb15e29ae60c4f225e1b1f8136789443ba1befd
217ea10692f609f4b8f420fa43d8a25b467644adbd2ad57b89daeca5fd6cde0b
2358476a97ece5cc4b117235d96129085663d8dd6269a27cd543463b1d9b6ad3
24f659b8c67b7360e6082553fbfd9b173caf11264a0302c59484cacbc1ed7093
2525029bb364e5d47c6429f1601521d29d1b97a46362fd2870a25cae64042536
25b42484fef192537d462d4a0e34cce6cc6550821a95f5ae49a6d4eed843a65f
26c332a1bc94f828fc6c652bb3e70ea00fd4a84a3b36635dd5f1d8f5a59e24c7
278068a4974c180719b25012980cc85c25a809f6c64d25d2c24210fca9c0e9f6
2831a00d605c6d6e29c67f2b454bf3e3b3564eca0842adf0030d59cb19f8c75b
297b2d8325eaf4eb1efeec54fe8c6d5ff64421b1115aa4c159f7804721b3361e
29fa1cdf8f74298180439ddac40a06193225e46cee6a42f63307bb66424f478b
2b61a6fd1de147199dc5ffb1b08735b65244b4c3f225b48c684fb2c52fbd1807
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d70789fd33cced1cab8fb52f0c118c346b4723ec1dbc117512c438ab707db52
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
301e700a1f674c884f96d255a44ff98b18ceaa8e467fe64054448d1858072119
327409c444071af46fdbea0c2a11eda561ec50bf77df589eaab00f25f17e21ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
343f37b2dbd276a57e77096a608b4aea79c73e3e31ae014459382b9aeacab784
351a34663310d2ee46afab5894525332d316db89b9eede463feba6e509aa7f69
35df8414818d0e01ceab6a282582d41ea7afd0954e16b24cf588d3b4bd53a5ee
36f586f3ac6ab16017617fc2e97326d91af613892dc35427fbca9f3ea745e5af
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
3d3dc880548afa8b5cc88132a3beab0f27176e0a70536cc001d35395eb5a2ac7
3e320ca63ffbcb27b79e64c05755cfd1bfe9e9cc901925caac711ff8abfd841b
3e53327cf8bd92bed041d68ce17fe426296f3c1b76a3c4302e021f73ba61dbdd
3fa4cfa29dae3a32f1c16189140f5aa0c72c54a935604cdcc4422ceb868ed58f
3fff37520cc589a8bdc6be3bc097e6285dc62075ca1001e68249d6dfdc4516a9
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
45495ed9eace853e0defc98d7434f8c5db52b4f706fda4c3c747be39c9fa0129
45628ef607608857be5d206693b85a4fd862e0ac78e763f895635227964cbac8
4657daff6c58fd50f163892062f537e40715a7acd0394b7fb877c74d8a7362d7
4666c6c2067e71b1163469fa27ce236307a5d88553e7e04aa29404c2b86640b4
4681e86d0d657a36639f067b3204438f68a575752ff12bbc57f3b607fa9fcff3
46d7a5ac4e099b15e3517a54c0422d2582c262fe3280fb828f4275c254768e7c
48b9db4b0432bdebb0e6772f033d8a04a77712c973ce9d774ce7710e2dc73fd5
494073d30b3709952abfddfa83ee6152d5f5b1fb250da29404d4773729c35e85
4a325185358ff94b13a6cdd22d10a9814f43d93b65bf2612eecf241e8f871b5f
4a9dd2b607a461613431106d5d6385d4856b2de7b982c294c5ad288b034d6222
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf56bb95d356267f31317c82615739c95854914bd3e2ba204c5652556194848
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea60a5e1fbcbdf0e28cd72115e11a847deaf557afeb5b5ccae028b3505e345f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fe2cf2b4e9b9df717da1f8eb20e4b547c88b65e24bad32022102bc9cf7da8e7
4fe86727b67e72214062ecf5a3f9a727808c19b2d524e78e31a72146bb6873ac
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bfae99409d396ba286dd6e8c7c6f1c4cd0388eeb140e1ce5e7f646fc85df13
5173624ff4a5a5de98c9ea0e5abadbd9a8f88c2f59da5fac902f1f76f9ec0d2c
5178c04c440fb357e04e1c6e632bd3f44a56ee8076b4cb8d53f1e26eac8c3e4f
51e74d20f4eec4df9ec12ea2d8981886e72530842c54358332f0cbdbc96890d3
5245e161791bbed4447ac49838a2ae80d0268519a431c9407e3bf9d4f27f16b5
52d4e250eb8c3e8b5808c8b09de2145be83c40ab204ffc83f268d13a81a4d1c6
536dc70fc794489d809e2d9f9f8a686169096c539c16517f643c407a5ba943dc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c687358e3d3a2e2a271d6d0765d80b563871b7f093087c96909937d636cfb5
543dd61b71ea387689aca9c656261d1cbdedbde3ac23b9c418c9d30762d0bdbd
54aa72ad7c03b8d65fa94ec48ef9bf8e7550ece2764cdf195a35db427310c3e7
564e0f16dba9dc41760268d47b78fce0d7a97bcaf3082a38ab51164085c87cd6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56d89fb04d6aaa9cd6289167b1f364cc74acc2d1900c0a9b56093a79dc491eb8
573d182d1b681ea058906a8ec43c8de0e67909624b2991f7f2bfcec47ad1eae8
5769b7afafa616b0e25ceebab74bb92caec43dc99d6664d17a0fdba78ff0825b
57b584c77a4e5abde0ac20cab7392246c160db5dc222c366dfa0e27360282549
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
586b88ece0d08b48aaa64dbf5d6d63664032c52384f90a730692dcb533215b4a
5c71d9fdcebefe96918a0a87df2563ed1f5f2f07a1e9b3e1fe29db57fcf331b3
5d67330baf1f8349b424f3e1e05ca06287e3144b3d8561047e4f5a7dac04a939
5e60dc565a7bcf0532b838a9c75617566ea701f292c84aa4c33174cc20d1fbc3
5edf1dd8b1eccedadf09d13917d8044d4a30ffb34dfc775afcbc17f665908ab7
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
613b2ccfce39be71ef698c57d8b3f5a45011d2fe5f278dce33276c587c78130a
62d5eec383467f5c3786bf7b2da042b7fb2be6d07f9d70799db2f01d6fd15056
63a506c6fa2f359f424f87944aee07d98deaaa7ac7ab998e439c6642c8e20961
65b59513cceda5eef3bd77150101a3146c210581944b0d0a80733e8c1b304c98
66c8d6d68b2e99f2cb24da6f29970f934fc4aa5a909685238a21cb45b9740e62
66f1bb8e88dc0700e8b03fbf7c1ae4e47953f23697bb09285e8753a75c619653
671524a16ddae2f3272f95bda6ad492bab1731ae0a960308cca6dc6a96c6a64d
676297115c2e76303f68dae1a62b08245ea958bec9e79bcdefd30e97068735b9
677da06c40373d8da0c6465411591c9ecc9fef4291240e694b3e61136a56a052
6819d35c0e3896303f00ae6b7e29699f8a4a0267b8b9cf438f8c2165303d242b
69662b3df98a0264fda89f2c9dad828c2b82cd826f4f3724241189fa8d347036
69708962d5aa7331fa85da344e8567212f37bf18fc7828743365ccad1490c287
69a984093a6529657bc8a168865a77c7f3dc6613313464bdac5538c6713b4d71
6a0ba7e38b8cce4ac154aedef12a88945ca9dd6eb93b3c50413f9b403d7bbe30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c716e70817b3740e7353b1256193812cba17d2a9a4b0e4040efdf0f1642fe67
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d
6f4a24ff5877ca451fddd867b599d359255c9c4d6d65e1aeaf71d2df901daa2d
7149cccedd7d00679a787c685d0b3ad7b7c853629168b337f2ffb3e89f1173ad
72c4466b6204f01f877b48404dd25603ffc34edf20d19c6bd0664da619b2a57e
743f70e1a5aa46cd045581f3f14667489cacee2f0994337fcc1cf4ecfa406aea
7529874225c015e49ad79ddfb2e6759e8dae7ec698ba82527437c3d815e95bf1
754acbab8d20b0606d01fafd26e53b28fd45b8e2c46c4b9d5d5939e790d64a44
75a44749ecd1616be08f007efa93b8ba557b92706203e9b47751c5489063c877
75d2b14fa9b435eae2866a1ae70d6f208a27b93c91fd843f2798d0ec7a897b2a
75d78fb7beed4053de558352d6528bbb14538861230778d79577ce32f2f56ebd
75e37b95aa5d29e70ed0702209511c6b5bfcab4a79b59da784a1933893e91226
77f7b5de1b44edd27e1fa862c35fb372fb2f71fd9b210339dddb242e72e870ca
783ff7dac8fdb7cff87cbc54fa7cba8646150783c1d548081754f2acbd872754
78982fc025e00915ca1925ba1a3bf852c26156a7b80ad9a22741a09e22749619
78eec686dd271a3bfd4f8511a8591f1086bc9a12ad650f6c04c3565f510d12c3
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
79090ecea960f459486d716ddb482c9514b82a573f7071f9da892a4cfc9452b1
7957f1d4cb1e2ee2c8c24604c5178275d094ffa8e9ca4fa929ebe063ba50db48
7b0beb6bb89c0f76851e7ae3dd393029882578245abb3982968a930007bd2ffc
7c4898619c0f9586684159e06844bbf2daa10244e82aa4e6f70c5b54ea7b430d
7d8135fed2b3a17889ddd869ecaf5739a0fa3ff7a7637d5a57c0994bbe674208
7df688571c2604736a89f64c36fea91cf21ef77d36d7de00d8710058707bfa26
7ea6ad29a5ab3933731717da8ee76c6ede9b0a7d8616f9e3cbb2c8ac9683a1e5
7f684437da2c61935cd716e56ace7a3c8e3569ef24d435e52f73700ab315e245
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
80fa7b6c186ff929da5becc166d1332e475ac5e0f002840046e0fe91254c8af1
812c23adc1fe7a9fb2b39d20fa13455e4503fb2eaab7f6bf5e547c9f09c47657
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868
82265b46d15e1dd5597979163e28e7126766f9acdfe34b696b986392e0b26f01
83087bdaf1ca3313a7226475026cdb99d853b3c1e0d235192122c7baf7938117
83a94030961677a0a2b2250fdcc0aa3335a9b32d3a153eb7b96381ddba8a5c97
840c343b3d4bd11a000223f92b36ea2cf8e60dfff7ed81c1cd59985d889576d7
84dbb2e17cdca526a253123a8b6ab0c734db2ffaafe8acc091e63c4aa07122ba
85453b1884d7375dd7a249c23942a8f9091fa0802942b9254500ef938421789f
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
89ccebfa4c6bc4440808e03a4fd41fb9d3be6a892582d1a09c62dd3b310272a6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a612f215e81f7b201a72f7472f57ed190574ca1051606f14ac42581b12d0575
8c021fb8f90a4183ba8054d24c4eb93a5d2870af953435e15c90c867f9d05434
8d61cad67a92c126c451d5687f2c8c0a53509ba7bdf1e610db3cec7d139e0e7a
8ec7feade55865e2f4027ee991f04b7eba21e3370257f4ab05a9ba56156ba2dc
8f13ca0e55060d59f17408406f49631749419d86ae6f536eff5503f87e7a327e
900d20b4b1a9f7117e4e31810de30236f7c0daa5896c3a7a736e5db6bf3fdc29
90cc89becd7c3af3942cd59fcff59b32bbb9d07f48d6e9c192c0c4857d26eae1
90ffe4fbab8e918812cccac35415a3f029a4fd124dacb7269c7a65308cd0a830
93c317987994b4b9eabf28011208e433e9028614277e5676fcb0d4cf9aa6da96
953fe25490f3558f4bcc945163a4972e12174a961adaafa90943f1d00b72f8b5
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9712e0f7f3d3f0ec8ce36693d32eb88098ef3ed14f722f5620489c4909dd71f1
9769fc9c5ba803f077bc2fb559cfd8be959ebdf16b8ff8e6537ead3991f28c1c
97b59da89abd15c6f67c104bb6b2213079ada729243df6e631c379293c049bcc
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9b2fe565e0b9808ea9c82af06d9a33c0a1c99839fb82de9a81c20fb3037d6005
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
9e08978792f1773719a3676a24d7d6527917bd44c2dc6665d0ed894fd9aa8b2b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05c2346196745079c5a3823a4c0e72c86df356bedad1b60afc539a077277c4f
a07e4e8a1ea16cd985c027504e04a84bf29e6a3059ce6c749f9b179621a758f4
a0be946ffb3119ce5eb5cade72c894840451581ed7749beaf7ed24c6cbcd73b1
a3f9a77acbc3769fd298e1e0ca768a980215a1d68862bbda70b0bae6ea3bf1db
a4600c4adb158403002c1471fe10b78e6ee701ec1a7f7b3afb47b2bbc151ee34
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bb77303e393c5dbc007eafedaa2548ddd72bc655b63f0e2426149c2ea95a73
a4c76d2c4b503bcd47e956f3fb4835140a0e2094c1277af812bdbfb24ea6e4fb
a4d673f51d4d0e5a4063218f19c08053b3f696c73a1ca469ca744d71081246b7
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5fe1801c68ee2c0d3a19348170f1c13f23c6ca96861532b65b86ff857a8eebe
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a9f0e730aec50729de9bb3684595c4e9af1480a475f16e2d7221b1c14363b4e4
ab7de8a0d445e5fb99c0c6c65de2755bf57d011f89abb40f34cdd12c966bccb6
ad0b554e02a61f72151a554c09ec78d2749346927319c398c282f431780c8644
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
aef67e697770b42d3474e547a2752c34fd147839076613156a348459a5663a1e
afe30a39743308f67a7e5f208eef83b590d41c36677bdd91f01b623bbf73a596
b001fd7aeda79be8d73cc4027dece13d80adec93caa30f6cd41699c88ab024af
b0bee5a5c0e16ec6378c67056ab6f853dcd28b375d9deb568e5f6a97e0077901
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15a1fe8fc40c997b79e35445fbcfb51796325c3804bdf0fbd3da349e0dc9647
b193aa21956541e9e242cb087f658cfdd47e55382342d10fe24955e49d68ff06
b2d80bb9b3f622af4256d59bc64e609352999e1a13080fb3d439986866a03f1e
b3843b6ac1b091a7a4c3285ccfc8e03e51b5b5d5026cd584ad6d2925d65e524f
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb
b554e7b24be987955efb11b538ab6de55ed73f47ba2aa25bc2a9d4b91078216a
b598db90a9bb5f73cbb6d9514e9aff7e8f111c7257191d18aa3136cbe960b3b5
b5cf91febe4dec1d83d082897ac5e96c7baced85eb937fcdbdf57a210686f096
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bbc70748c90ed21b7ae2f69b24824940d3313af6e3dc46cce0e003ec287f4715
bbf6fe87055fbb36d360ecf96253a33c84b3645a8145508031325680a56d1efd
bc053e79aad3b35c7454e3163c4a62c9da4358087cb84fe5155ddf5626751428
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeea6db6e880bf81ed0ac83f5ebf40a81c22ab655e35756303d314df21e10df
bf1d16578c9a8e7803e8cdbbfbac06f54511217eee8c25d2f792e39cf859c88e
c01f33fff3aeed339459039f58d2909903f7e85124240e4fac3aa6fa563a213b
c0d4016131d2c3a2687d331da824d0b214f0d8549bcee7f13d0fbcca0be001a9
c1f6cdc161a4ba60d120986b8b479c4990c00bd6a92dee0eaa620540275cd8e9
c3500bba21c3c28cb4f7c369a722162be0a0a6d0de9670e8556cc04ca4e1fee2
c3ac9c2714a360c3ae01ab69e4b06b65c5915eea3fd4e7d799a7ccbf727c69c2
c405526043468920855f26fb732d7113a3c85da248f9c0f2a239fc07da44d010
c4f481b8f2dbbc92710e5187fe0103f87c8cdd0a3b8d9696d28637c3529c5787
c50ed145992d5b37bc558b5618666c88543cacb56f7a17ba14cb28889438e7c7
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c57f060dcd7628e21e2b5b653f28bab18e46afd208ef6fffe4dad6cff8182e6d
c8e0a982ecceaae8b241575d2b63078fa06e2cba640f9b103fef8b8967697349
c8f731cca0be608a29a7a7c03403a5964e364074c5e78ac3bbc50d335d061d5f
ca86a98bcfe3b16661693c8f36b7d6dbdef602d93685f149edd903aa655b8629
caccfbc2c7a1f215fbb7ffb29356e81877587b719153a79fe1b5421546768d37
cad70f03fa4e9c5fa43d7f53784022c702099eb5e1e36b110ba9b49736304b3f
cc9d08db31a39dc3afc488ad2c71fe70205428649ed248d1f1f35c2d7cb4e967
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
cd5375d252b663b71e1646c6b6c50d83a548abc3aeb572caebcd5de403a8d3a2
cd6c8c01db98e9c2e47fdc04a5b4bd88022df1d5dc173b94b62bdd9fa54421d2
ce00bfe7b77907208b7d6acd132864a72cd06ee25cb2e09c2b489237b5271655
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d45b741ce46bcc20f8ee6d537171a19aa734831357091accbcf4368c29f113a0
d4c001a47273b4cb2407b6d5d1cb843bc47d1b901e72415372647b7c43869796
d5ca44cb0112b8f88e5141ed5927e186a0ccdaefe2482df4e944e7bedca3c152
d664d45ec3e2e5fd3f9e3564062953701ee81d01a1f059030888da8436b8761c
d6b549aaeaf4fe3f153c6b9f6e986c30664071c8785d08e250bc66ce7ab5ae70
d6c3da8b6ac0573fe328520049ad00d8da060295e7b4dbb846ec95a7c3a26253
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7848cb0d9157e83802caf2aa7b64b4899683d43ddacd8555530b4de10da0ea6
d78fa151ca38e962cb8ead4ac12a17707611e132a9418f3cb1b6069a7f67a4dc
d80e5a27d9ac575966b4f76b9a7f25a6a42525a3aa22d6ef615ea6757f06d8d2
d82d296e1ee62b0037aeeba7b9fc67fcc2ddf60ba21ed7393297b641859c1827
dab7d5426f171111807d29ac752999a4ecb34042629ac9abda0197d1299255e1
db517adfdf8cf68842056e312532e5c37e031488a700b6e57e1f01ef4d6189f2
dbbdae4930a69c75342bd8297118a95f89236bc44da5800cc652589459465a4f
dd25934901ff38edea4f64e1e88adbd0e092430cf0e7fe1a03209c1d2520406a
dd2c258cf8c745613b19d15a4760085ef64af7bc9ec0aa10531f8b0f5c30965c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df53a740a684c7f852ee0b3f8eae0d4ca509025511ae59b0443487e33c823f8d
dfde703fa1f9fa4b4ea1ea9bee6572465299ea8e37582de4fcd6a5b757d1a420
e1578a060db58aaed17f36b16859d4d9163a762252ccce77d30fae7051203b87
e273a1375eff87e837cc9ddd3f6cd718c25d54532c2195dfada551dc1b653bfa
e2dd077f315253ed2f6edd23cd0d3df44453cef09fddaa58979aa98872648955
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4e907b43bfdac563caccc3f2cc312a5d10be8d53e9059d3670974275ec7b61b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f031d52b4966c76e6adbc2ddbcb692c60dd867b9834819ec5c292aeacce1ca
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e683d4ae93972fa568e73f312becd59c3d2232a3a52a83e96eec833ffe0ebcd4
e6aaf805d942251ccbd07a048e6a22501527c0b4393cc033f4598c89b2ae6b8c
e80baa8a23f1b2cb3e46937d6b8ea9560bb7e7c1f82a96c535f00fd31ff95082
e94a45589a938438fbc55b2958c6c974bbffa81c8c4517d79808b575f6e953f2
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec5ee9056fc30975688b2c4c4e26be6e0c964a34a26a9d92e4801ebce0dc08b8
ec7bdaf13b90111920db9aa45b14254a0ff6e0def039faffe5adb8198cd3430c
ed3938f6257cf08a2fd81c670fa1391da03e2f838307e85472c4db0ea39e938e
ee6e89b7e5d992960f9c23b66d139da87d0f308f2582cdf38e54dcf602ad9d4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cc4a6b6640cd56af68fd39d7bc183457675d6ff1fa90491893518de4d1db94
f3eda39a3c1662cfbebdfec25953c84a6181fd237617006a40943babb38f9156
f519d2ef48b4ca790eb19e8bf3d541b59dd6d8b7c2bbcb5da44db6eb2c957101
f522e6466c14cc35e0f59ead392714a02b0cbba23e95fa3323958b24d839eef0
f58795a6ad38f25647791d058a0bf9e83daf3fe783f1ea3b674cf53815f48b26
f5f1853aa8e0803edc0d64a3ac016ace46b4cda27f32d64c1f72c6dbf7d20c9d
f70f846510e756a1c7aed469c4c8c8dd0bf8938cc24996312254422c24b413d0
f7ad5437775bd44e8a16b806c8eacf117ec31d55962192f65f43b0ed4c77ccb1
f7dfbd803f77cc0ec8ec129fe9feb76fb34f9c102b56182db776236b7cbde25f
fd561ad9cccbb94cb9fa557fbafc08a99314ecb5642a9d0fbceafc270e7ff868
fda0f77d04467a0fefd17d993406783114316c719fe9d0a28e77ba4842d98237
ffa0c516b15f890efae5ac5a88d63d9f87a234ed431e599fa603c09c9359626e