www.mtlblog.com Open in urlscan Pro
2606:4700:10::6814:b32d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mtlblog.com/
Effective URL:
https://www.mtlblog.com/
Submission: On July 25 via manual (July 25th 2023, 11:28:21 pm UTC) from TH — Scanned from DE

Summary HTTP 178 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 51 domains to perform 178 HTTP transactions. The main IP is 2606:4700:10::6814:b32d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mtlblog.com. The Cisco Umbrella rank of the primary domain is 422734.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2023. Valid for: a year.

This is the only time www.mtlblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.243.223.181 54.243.223.181	14618 (AMAZON-AES) (AMAZON-AES)
22	2606:4700:10:... 2606:4700:10::6814:b32d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:a000:1f:138b:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.193.68 151.101.193.68	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
14	75.2.96.173 75.2.96.173	16509 (AMAZON-02) (AMAZON-02)
1	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.87.222 34.149.87.222	15169 (GOOGLE) (GOOGLE)
2	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	3.85.250.173 3.85.250.173	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
6	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.1.68 151.101.1.68	54113 (FASTLY) (FASTLY)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	23.192.153.28 23.192.153.28	16625 (AKAMAI-AS) (AKAMAI-AS)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:fc00:a:e047:753:be1	() ()
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	142.93.164.216 142.93.164.216	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	159.127.43.10 159.127.43.10	25751 (VALUECLICK) (VALUECLICK)
1	23.212.222.60 23.212.222.60	16625 (AKAMAI-AS) (AKAMAI-AS)
3	152.199.23.151 152.199.23.151	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	52.51.98.179 52.51.98.179	16509 (AMAZON-02) (AMAZON-02)
1	52.215.101.250 52.215.101.250	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
3 5	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
8 10	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:8869:c03a:e9b:25ed	16509 (AMAZON-02) (AMAZON-02)
3 5	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	3.248.0.230 3.248.0.230	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	34.224.44.34 34.224.44.34	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	193.108.153.18 193.108.153.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.120.19.63 3.120.19.63	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	198.47.127.20 198.47.127.20	() ()
178	64

1 54.243.223.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-223-181.compute-1.amazonaws.com

mtlblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:10::6814:b32d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mtlblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:a000:1f:138b:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.memberstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.68 (United States)

ASN54113 (FASTLY, US)

assets.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 75.2.96.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8bdc53f9e74a023c.awsglobalaccelerator.com

memberstack-client.getmilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.87.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.87.149.34.bc.googleusercontent.com

static.narcity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.85.250.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-250-173.compute-1.amazonaws.com

pages-stats.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-stats.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

mtl-blog.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.68 (United States)

ASN54113 (FASTLY, US)

www.rebelmouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.153.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-28.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:fc00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.216 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.127.43.10 (Santa Barbara, United States) 1 redirects

ASN25751 (VALUECLICK, US)

www.anrdoezrs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.qksrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.222.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-222-60.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.23.151 (United States)

ASN15133 (EDGECAST, US)

widget.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.98.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-98-179.eu-west-1.compute.amazonaws.com

s.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.101.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-250.eu-west-1.compute.amazonaws.com

t.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.122.74 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.39.36.142 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.39.36.141 (Los Angeles, United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.206.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:8869:c03a:e9b:25ed (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.0.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-0-230.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.224.44.34 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-44-34.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.243 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.19.63 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-63.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	mtlblog.com 1 redirects mtlblog.com — Cisco Umbrella Rank: 381539 www.mtlblog.com — Cisco Umbrella Rank: 422734	301 KB
18	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2709 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1746	112 KB
17	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 120 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	172 KB
14	rubiconproject.com 7 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1011 fastlane.rubiconproject.com — Cisco Umbrella Rank: 568 eus.rubiconproject.com — Cisco Umbrella Rank: 623 pixel.rubiconproject.com — Cisco Umbrella Rank: 388 token.rubiconproject.com — Cisco Umbrella Rank: 616	15 KB
14	getmilla.com memberstack-client.getmilla.com	4 KB
12	googlesyndication.com 697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	94 KB
12	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 590 ads.pubmatic.com — Cisco Umbrella Rank: 567 image6.pubmatic.com — Cisco Umbrella Rank: 784 image2.pubmatic.com — Cisco Umbrella Rank: 950 simage2.pubmatic.com — Cisco Umbrella Rank: 788 simage4.pubmatic.com	27 KB
10	amazon-adsystem.com 6 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106 s.amazon-adsystem.com — Cisco Umbrella Rank: 319	7 KB
10	rbl.ms assets.rbl.ms — Cisco Umbrella Rank: 44049 pages-stats.rbl.ms — Cisco Umbrella Rank: 32593 static.rbl.ms — Cisco Umbrella Rank: 55976 user-stats.rbl.ms — Cisco Umbrella Rank: 35414	154 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 646 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 490 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	8 KB
7	disqus.com mtl-blog.disqus.com disqus.com — Cisco Umbrella Rank: 1276	41 KB
6	beop.io widget.beop.io — Cisco Umbrella Rank: 45084 s.beop.io — Cisco Umbrella Rank: 46205 t.beop.io — Cisco Umbrella Rank: 45965	48 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 438	110 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2586	3 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 244 acdn.adnxs.com — Cisco Umbrella Rank: 577	19 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 384	1 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3931 onesignal.com — Cisco Umbrella Rank: 1328	88 KB
3	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 4468 c1.adform.net — Cisco Umbrella Rank: 610	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 27424 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24557	921 B
3	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1448 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	962 B
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 439 cdn.id5-sync.com — Cisco Umbrella Rank: 845	26 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 910	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5228	562 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 685 cdn.indexww.com — Cisco Umbrella Rank: 1632	2 KB
2	qksrv.net www.qksrv.net — Cisco Umbrella Rank: 37468	320 B
2	gstatic.com fonts.gstatic.com	65 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 995	234 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	2 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 902	425 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 25076	270 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 571	698 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 882	612 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 928	265 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 811	589 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 853	795 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 607	363 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 385	673 B
1	yceml.net www.yceml.net — Cisco Umbrella Rank: 23948	1 KB
1	anrdoezrs.net 1 redirects www.anrdoezrs.net — Cisco Umbrella Rank: 21922	212 B
1	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 19598	21 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1648	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 378	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1115	402 B
1	teads.tv at.teads.tv — Cisco Umbrella Rank: 4478	338 B
1	rebelmouse.com www.rebelmouse.com — Cisco Umbrella Rank: 37590	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5791	408 B
1	narcity.com static.narcity.com — Cisco Umbrella Rank: 452996	120 KB
1	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 13071	88 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	85 KB
1	memberstack.com static.memberstack.com — Cisco Umbrella Rank: 242417	60 KB
178	51

	Domain	Requested by
22	www.mtlblog.com	www.mtlblog.com
14	memberstack-client.getmilla.com	static.memberstack.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
10	cm.g.doubleclick.net	8 redirects
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	mtl-blog.disqus.com	www.mtlblog.com mtl-blog.disqus.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	image2.pubmatic.com	ads.pubmatic.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	pixel.rubiconproject.com	3 redirects
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com
5	tpc.googlesyndication.com	www.mtlblog.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	a.audrte.com	3 redirects ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	match.adsrvr.org	static.narcity.com ads.pubmatic.com ssum-sec.casalemedia.com
4	securepubads.g.doubleclick.net	www.mtlblog.com securepubads.g.doubleclick.net
4	assets.rbl.ms	www.mtlblog.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	widget.beop.io	www.mtlblog.com widget.beop.io
3	ib.adnxs.com	static.narcity.com acdn.adnxs.com
3	pages-stats.rbl.ms	www.mtlblog.com
3	www.google.com	1 redirects www.mtlblog.com tpc.googlesyndication.com
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	static.narcity.com eus.rubiconproject.com
2	ads.pubmatic.com	static.narcity.com ads.pubmatic.com
2	www.qksrv.net	www.anrdoezrs.net
2	googleads.g.doubleclick.net	www.mtlblog.com pagead2.googlesyndication.com
2	s.beop.io	widget.beop.io
2	c2shb.pubgw.yahoo.com	static.narcity.com
2	prebid-server.rubiconproject.com	static.narcity.com
2	id5-sync.com	static.narcity.com
2	static.rbl.ms	www.mtlblog.com static.rbl.ms
2	onesignal.com	cdn.onesignal.com
2	region1.analytics.google.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sb.scorecardresearch.com	www.mtlblog.com
2	unpkg.com	1 redirects www.mtlblog.com
2	cdn.onesignal.com	www.mtlblog.com cdn.onesignal.com
2	fonts.googleapis.com	www.mtlblog.com securepubads.g.doubleclick.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	simage2.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	js-sec.indexww.com	static.narcity.com
1	acdn.adnxs.com	static.narcity.com
1	t.beop.io	widget.beop.io
1	www.yceml.net
1	www.anrdoezrs.net	1 redirects
1	cdn.onthe.io	www.mtlblog.com
1	697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	static.narcity.com
1	hbopenbid.pubmatic.com	static.narcity.com
1	fastlane.rubiconproject.com	static.narcity.com
1	lb.eu-1-id5-sync.com	static.narcity.com
1	user-stats.rbl.ms	www.mtlblog.com
1	at.teads.tv	static.narcity.com
1	www.rebelmouse.com	www.mtlblog.com
1	disqus.com	www.mtlblog.com
1	www.google.de	www.mtlblog.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.narcity.com	www.mtlblog.com
1	js.hcaptcha.com	static.memberstack.com
1	www.googletagmanager.com	www.mtlblog.com
1	static.memberstack.com	www.mtlblog.com
1	mtlblog.com	1 redirects
178	84

This site contains links to these domains. Also see Links.

Domain
www.getmilla.com
www.narcitymedia.com
www.narcity.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-15` - `2024-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
static.memberstack.com Amazon RSA 2048 M01	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.rbl.ms GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-07` - `2024-03-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
memberstack-client.getmilla.com R3	`2023-06-08` - `2023-09-06`	3 months	crt.sh
static.narcity.com GTS CA 1D4	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.rebelmouse.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-07` - `2024-03-10`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-11-15`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.onthe.io Sectigo ECC Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.beop.io Gandi Standard SSL CA 2	`2023-03-01` - `2024-03-31`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.qksrv.net GlobalSign RSA OV SSL CA 2018	`2023-02-08` - `2023-09-24`	7 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.mtlblog.com/
Frame ID: D61E36B3366BCF1122E9468CE7D92760
Requests: 110 HTTP requests in this frame

Frame: https://697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F9CC417F5F183D8BADC15249168C643
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 63BE0CD9B5B12626A68C14B5FA873B91
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D3ED7D35312A46AB3FE90F1DC192527
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC8C932FE8A1131D688BFAC41313C775
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: FEFE0249101998FF7802166802E27100
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 30048ACE7B9F4AEA1074DF6CFA4FB6C0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Frame ID: AD7BB284BCD5A034F20EB645F156D43C
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AB38BA1A8F769584E2E0C2C26441A95A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 722FD3081F1C9CEDA6E6200E3ECC617A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F32C99B7055FCBD6585BDCB11194ED8E
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7821538520863806497
Frame ID: D6E9AA2DEB9D0B23CE8CB35D1C835931
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2FD3582EA56942779E26051C21F036D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526843645243
Frame ID: 6E6D4BC65D28668E5C120E89554C553A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2C7F897993F43210E6B77873EC22CF13
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ
Frame ID: 3E3A79CFAFEEFEE1FF5C4F4B81F61D20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MTL Blog

Page URL History Show full URLs

http://mtlblog.com/ HTTP 301
https://www.mtlblog.com/ Page URL

Detected technologies

MemberStack (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

memberstack\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

178
Requests

88 %
HTTPS

31 %
IPv6

51
Domains

84
Subdomains

64
IPs

11
Countries

1910 kB
Transfer

5381 kB
Size

57
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.getmilla.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.getmilla.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.narcitymedia.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.narcitymedia.com/careers
Title: careers

Search URL Search Domain Scan URL

URL: https://www.narcitymedia.com/political-ads-registry
Title: POLITICAL ADS REGISTRY

Search URL Search Domain Scan URL

URL: https://www.narcity.com/national/ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.narcity.com/national/us/
Title: US

Search URL Search Domain Scan URL

URL: https://www.narcity.com/fr/
Title: Québec

Search URL Search Domain Scan URL

URL: https://www.narcity.com/national/global/
Title: Global

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mtlblog.com/ HTTP 301
https://www.mtlblog.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js HTTP 302
https://unpkg.com/@google/model-viewer@3.2.0/dist/model-viewer.min.js

Request Chain 94

https://www.anrdoezrs.net/am/8067236/impressions/page/am.js HTTP 302
https://www.yceml.net/am_gen/8067236/impressions/page/am.js

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 146

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Sn7VZk4fQ22q-Q01a7VYdg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sn7VZk4fQ22q-Q01a7VYdg

Request Chain 147

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNhOTM3MGE2NTYyNmE3MWViNjA1YjcyZTIzYmRiYTM3OWNiYTRhMQ

Request Chain 148

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/9YPi7QeYHr8HnyL4CbG_WQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-G11FQ7pE2oIND0izcgQUgMSBTZURIsR3rcnlYQ--~A

Request Chain 149

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QW3kOZd7SfeVR_HQr9dCAw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QW3kOZd7SfeVR_HQr9dCAw

Request Chain 150

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtJWEdUMUItNi1FTzhW HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJYzG0rV6gFqpfE-IYDXchU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJWEdUMUItNi1FTzhW&google_push=

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELC4mA15PcqLyWcihGeO8UM&google_cver=1

Request Chain 152

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIXGT1B-6-EO8V

Request Chain 154

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7821538520863806497

Request Chain 156

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526843645243

Request Chain 157

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 158

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b38BAICLTcuMF4DKRIlsWA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 161

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3006342196 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6F7F0100-808B-4DCB-8C17-80CA44896C58

Request Chain 162

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6F7F0100-808B-4DCB-8C17-80CA44896C58 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDM3NHg2M2RsbTBRLU93LVJCaVhOQUFlUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=8741475592893149168&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkY3RjAxMDAtODA4Qi00RENCLThDMTctODBDQTQ0ODk2QzU4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMRmjRkjoRHRUIXyurcCs4&google_cver=1

Request Chain 166

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8741475592893149168

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTD5IpNATQIdP-9QjjE7pc&google_cver=1

Request Chain 169

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZMBakrHh.0lfTvtxUtsuAAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELx1XzdyKZigAy77t__wSPI&google_cver=1&google_hm=2

Request Chain 173

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d533cc8c-7c35-47f2-9823-cdc54ddd65fb

Request Chain 174

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5EqTXg5Y1QorrZ5

Request Chain 175

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7291154382728595153

178 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mtlblog.com/
Redirect Chain

http://mtlblog.com/
https://www.mtlblog.com/

274 KB
56 KB

183ms
76ms

Document
text/html

2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa5fa641f4530c392591a0c27bce29a6790f1ca595eb967f3b5fbc90303f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4013
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=82800
cf-cache-status: DYNAMIC
cf-ray: 7ec82d98991d3631-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 23:28:14 GMT
etag: W/"81b444f5f411c9f11149de28829a289e"
fastly-request-backend: fastly
fastly-sie: 86400.000
fastly-swr: 2592000.000
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
via: 1.1 warehouse@3.8.0 canary, 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
x-assets-optimize: 1
x-cache: HIT, HIT
x-cache-hits: 3, 2
x-frame-options: SAMEORIGIN
x-rebelmouse-authorization: disabled
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
x-rebelmouse-origin-timing: 0
x-request-category: public
x-request-id: 18c5bfdf-9123-4260-8f8e-5d08826f99e3
x-served-by: cache-iad-kiad7000114-IAD, cache-fra-eddf8230049-FRA
x-timer: S1690327694.199601,VS0,VE0
xkey: section/551223144 long_cache_articles/21381795 section/552299916 section/552299940 section/551223150 section/0-21381795 section/2147909931

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Tue, 25 Jul 2023 23:28:13 GMT
Location: https://www.mtlblog.com/
Server: openresty

GET
H2 200 main.10f86943a139e954af93.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 48 KB
17 KB 66ms
65ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876318528d9bcda6f71d58022986a14f0da55852c9c5480b09012a61f19ac0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/
Origin: https://www.mtlblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 3682632
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 6461e806-ae83-484f-b267-8c6150538006
x-served-by: cache-iad-kjyo7100125-IAD, cache-fra-eddf8230115-FRA
last-modified: Tue, 13 Jun 2023 03:45:53 GMT
server: cloudflare
x-timer: S1690327694.283189,VS0,VE1
fastly-request-backend: fastly
etag: W/"fbde70dc7b06ad31b2e62c0e36f7bee0"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d99299e3631-FRA
fastly-sie: 86400.000
x-cache-hits: 7706, 1

GET
H2 200 runtime.9cf63b2d21cab353df9d.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 4 KB
3 KB 75ms
74ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/runtime.9cf63b2d21cab353df9d.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd3e652277a06712481249796e6e44d081927c0ac2e48465167923e011e0b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.mtlblog.com/
Origin: https://www.mtlblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 1126218
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 72c936fc-9235-4db4-afba-e3fa7e02c192
x-served-by: cache-iad-kjyo7100142-IAD, cache-fra-eddf8230069-FRA
last-modified: Wed, 12 Jul 2023 22:23:41 GMT
server: cloudflare
x-timer: S1690327694.293441,VS0,VE1
fastly-request-backend: fastly
etag: W/"0b6c7887d45e9a05e7a3651104139ac4"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9929a03631-FRA
fastly-sie: 86400.000
x-cache-hits: 2, 1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
945 B 144ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo:300,400,700&display=swap

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c9ecd1d9799486c836fc09fb45340d2b04c983cb4372dc329c2d0817bbcdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:28:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 23:28:14 GMT

GET
H2 200 memberstack.js Show response
static.memberstack.com/scripts/v1/ 265 KB
60 KB 184ms
46ms Script
application/javascript 2600:9000:225e:a000:1f:138b:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.memberstack.com/scripts/v1/memberstack.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a000:1f:138b:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60dcb09dd4f1a808329c49ef356c286d30c4ffb5f730c8165084dac14714f9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:36:22 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 18:31:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 53515
x-amz-server-side-encryption: AES256
etag: W/"cd4680ee63cf0aad8734cd3ed0c36723"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: XeMfLlLB_F_uH5XTzVjl8V-zK9ViwHLjhxk7Dy8waL7ZgQRjq2eQIQ==

GET
H2 200 OneSignalSDK.page.js Show response
cdn.onesignal.com/sdks/web/v16/ 1 KB
1 KB 151ms
52ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d09c01d58157628a6c6253fd0a9349bcb58a7df7f0d6e537240098a405b883fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2150
etag: W/"5cf566ff901efbc432beea7fb50869d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ec82d9b3acc383b-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jul 2023 23:28:14 GMT

GET
H2 200 origin.png
assets.rbl.ms/33719594/ 41 KB
41 KB 150ms
43ms Image
image/png 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/33719594/origin.png
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ad75541ba4c43100211368142a5d7b90495059642ce9e2ab25318047784ddf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish
x-amz-request-id: 2S86EE3SCANWDRWB
age: 681903
x-cache: HIT
content-length: 42193
x-amz-id-2: sAhCHlUSpQMjxewIQig0t8717aKUt7l3bJ6gGHv6wMFcroGen2fGldbAwpBursWxbaiEKaIk67c=
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Sun, 21 May 2023 15:22:46 GMT
server: AmazonS3
x-timer: S1690327695.621005,VS0,VE2
etag: "4b237aaec40158f6a76006155b57c1e1"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

model-viewer.min.js Show response
unpkg.com/@google/model-viewer@3.2.0/dist/
Redirect Chain

https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js
https://unpkg.com/@google/model-viewer@3.2.0/dist/model-viewer.min.js

866 KB
233 KB

59ms
59ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@google/model-viewer@3.2.0/dist/model-viewer.min.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04135f18ff8d10dbdd295d6c8377c3075f8bf01f6029dca0d0d1de420d64de17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1212530
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H53HQWQ07K3GBMHFWB76FB2W-fra
server: cloudflare
etag: W/"d8893-tsB//FfSugS/CplffyUiq70vY5A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ec82d9a1ccb372e-FRA

Redirect headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H67P1BXAG9GRXFBD2SEAM3N1-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 69
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@google/model-viewer@3.2.0/dist/model-viewer.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7ec82d99cc76372e-FRA

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ 144 KB
53 KB 166ms
76ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d20146b3e3bfd16f5c21c06d3a15e5a00ed24a6d034538adb6058ef4e9b44834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "8987866101812528597"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 25 Jul 2023 23:28:14 GMT

GET
H2 200 origin.png
assets.rbl.ms/30057786/ 6 KB
6 KB 148ms
40ms Image
image/png 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/30057786/origin.png
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50a287059abe8eb06d51868537b3032afc6f722e556cf3a72ef54c15ed0048b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: A.vf31iYHyGOQAoj7ZXo78vurxz82afy
date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish
x-amz-request-id: 9TS2BCMMCNJFF5N8
age: 688024
x-cache: HIT
content-length: 5671
x-amz-id-2: NURCmg56x0BH2KtgvGqRxlv4WLqgJTXxpxGimbOgtlFRy604GmQR5jBdNTrW+X6EZKcfEryvIDg=
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Sun, 03 Jul 2022 16:56:01 GMT
server: AmazonS3
x-timer: S1690327695.620962,VS0,VE1
etag: "264c7337a7ca1a1e42e90ee8c1a14beb"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
85 KB 147ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W2SMX41KR6

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fe9d2479bd7cddb942df549a6943163a24e39b73f64904105fc37002970af1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 23:28:14 GMT

OPTIONS
H2 204 app-member
memberstack-client.getmilla.com/ Frame 0
0 357ms
134ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/app-member?includeSSOText=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 99
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ 311 KB
88 KB 146ms
47ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?render=explicit&onload=_hcaptchaReady

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53bbf997ec817e783e49cec699edec2a5b9d2d7273494b89c9c431f7bb9d97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: aonDokrJ15.UKkkFZgsiAa9zKxxb20_N
age: 0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 14:36:42 GMT
server: cloudflare
etag: W/"5be753b53ba6ec13c0e115f5ab77e365"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 7ec82d9b58a8bb73-FRA
x-amz-cf-id: FT2srbdSOCTIm7cW07YeYK0gQf318zuH-q5ZPFRfhfkhtP7GxKVdRg==

GET
H2 200 app-member Show response
memberstack-client.getmilla.com/ 3 KB
3 KB 336ms
266ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/app-member?includeSSOText=undefined

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

65434e3702c9794d39142fa073463105eb410ee401087641c351d6108bb76b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 3278
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"cce-6WPFX0Qb7pLMljedjw7s5+yPHjc"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 99

OPTIONS
H2 204 member
memberstack-client.getmilla.com/ Frame 0
0 349ms
133ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?3031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 99
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 prebid7.40.0.js Show response
static.narcity.com/prebid/ 377 KB
120 KB 256ms
158ms Script
text/javascript 34.149.87.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.narcity.com/prebid/prebid7.40.0.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.87.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.87.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d4e7dfb60bedf1132195a57c06d79029cf20275d6c9dac4cf06412f290b90678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycduVFHIdyZPmJVXwfn8q5IOw93_diq3Vh5WX1dGALrJA9yjZv0r--mrDSS8IJWaIcaraZCvWTjf_kKXi_KFcckhNg7UcRKZ2
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122198
last-modified: Sun, 12 Mar 2023 20:38:03 GMT
server: UploadServer
etag: "5e1d2760effe3bc33f4693ff4aa5640f"
vary: Accept-Encoding
x-goog-generation: 1678653483054442
x-goog-hash: crc32c=rqg7SQ==, md5=Xh0nYO/+O8M/RpP/SqVkDw==
content-type: text/javascript
cache-control: max-age=0,public
x-goog-stored-content-length: 122198
accept-ranges: bytes

GET
H2 200 member Show response
memberstack-client.getmilla.com/ 13 B
489 B 209ms
138ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?3031

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"d-XXcxLjB/sjfS0AB6+CxvXcLGrm4"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 99

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa191b19eacc0de52cb5bceb580645ed7bfad03d9a3600bc062a75573e01c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 147ms
41ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 22:24:25 GMT
content-encoding: gzip
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 3850
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: QkL7GompuB7JWeTkb35W3S-lg5e8oyTUO4tmC_ni6rE9QJkrc3ksPA==

GET
H2 200 origin.png
assets.rbl.ms/34205710/ 15 KB
15 KB 184ms
84ms Image
image/png 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/34205710/origin.png
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ca71411ce52f5d5831d8050c25f9551a45f17296cef65ee1de912e2079d907d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish
x-amz-request-id: RKE2Q6DQ7HJA940D
age: 761210
x-cache: HIT
content-length: 14869
x-amz-id-2: 3L/2b8hZO+Xwch5hd0TmpEJnZRnbROqi1PZLwy4WQfXMwFutS69EmtcrO8XxKjmQiW6WU2jGiWI=
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Wed, 28 Jun 2023 17:19:04 GMT
server: AmazonS3
x-timer: S1690327695.623331,VS0,VE1
etag: "25cf2213165a28f651682dc03e186fcb"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 origin.png
assets.rbl.ms/25880095/ 1 KB
1 KB 189ms
89ms Image
image/png 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/25880095/origin.png
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bf81b569820582ddcc5e4a8704b6d7fa926e320482022ac25213be0d266c6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: wpozsNHwJek8dtfzGLf3C4FjmMWEOoWF
date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish
x-amz-request-id: D6R9E65B3F0WZGGE
age: 910191
x-cache: HIT
content-length: 1066
x-amz-id-2: BLC/KtRnQye1ioe3+NX7iSntDkR1kBuo8vZq75h0WZQCOz3fHgqASJsPlpfNC0R88D/NvnwyKaI=
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Fri, 26 Mar 2021 11:00:43 GMT
server: AmazonS3
x-timer: S1690327695.623331,VS0,VE1
etag: "8d598f2b1c0000a748f118373612ff68"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v18/ 31 KB
31 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mtlblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:49:43 GMT
x-content-type-options: nosniff
age: 560311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31516
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:34:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 11:49:43 GMT

GET
H2 200 OneSignalSDK.page.es6.js Show response
cdn.onesignal.com/sdks/web/v16/ 316 KB
76 KB 79ms
78ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160000

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a42db8905b117bd3891b49de5f450364a0cf2bb67cf4fef5c5aa5e3c767220

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"a6a49f0d9565a1d79ab84858cce64239"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ec82d9b8b36383b-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jul 2023 23:28:14 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 41ms
40ms Image
text/plain 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=18729422&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690327694672&ns_c=UTF-8&c6=&c8=&c7=https%3A%2F%2Fwww.mtlblog.com%2F&c8=MTL%20Blog&c9=
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: ikMs-y6dHfEXfaxoPX76QyDYCqDwgjJ5WQw_VF3Vgnk8VX5-P_JXhw==
x-cache: Miss from cloudfront

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
214 B 428ms
116ms Fetch
image/gif 3.85.250.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1690327694763&event=section-page-view&version=1&format=json&data=%7B%22site_id%22%3A21381795%2C%22roar_id%22%3A21381795%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22section_id%22%3A0%2C%22sections%22%3A%5B0%5D%7D
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-250-173.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
last-modified: Sat, 24 Jun 2023 02:32:55 GMT
server: openresty
etag: "649655d7-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

POST
H3 200 / Show response
www.mtlblog.com/core/users/tracking/ 89 B
591 B 173ms
172ms Fetch
application/json 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/core/users/tracking/

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da2cf4ef625d8c3966a7d1c701433a43ca9bae10970201cb1a2101226c69321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
fastly-ttl: 0.000
x-cache: MISS, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: c85ba7bf-df12-4eab-b3f0-f40c59fbc562
x-served-by: cache-iad-kiad7000127-IAD, cache-fra-eddf8230071-FRA
server: cloudflare
x-request-category: private
x-timer: S1690327695.804259,VS0,VE111
fastly-request-backend: fastly
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Cookie
content-type: application/json
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=0
cf-ray: 7ec82d9c6b1e0493-FRA
fastly-sie: 86400.000
x-cache-hits: 0, 0

GET
H3 200 5517.9c8f5339b69b57d80999.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 4 KB
2 KB 59ms
59ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/5517.9c8f5339b69b57d80999.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/runtime.9cf63b2d21cab353df9d.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48deb759bbe2dcbd9ec0cf4c261c6a09ba43d2be496fa46161b25d91ca896c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 1042162
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: f5388896-2717-4cbd-ae8f-f5f815e29de3
x-served-by: cache-iad-kiad7000090-IAD, cache-fra-eddf8230044-FRA
last-modified: Thu, 13 Jul 2023 18:59:31 GMT
server: cloudflare
x-timer: S1690327695.803660,VS0,VE1
fastly-request-backend: fastly
etag: W/"a400dfcd959c7ccbdd141dc0e99ff641"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9c6b220493-FRA
fastly-sie: 86400.000
x-cache-hits: 1352, 1

GET
H3 200 7338.aa33fa5de1cba5d7aee8.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 2 KB
2 KB 60ms
60ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/7338.aa33fa5de1cba5d7aee8.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/runtime.9cf63b2d21cab353df9d.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde88b38e128c27f25e29ad4c33337ce0d7e4c85e7c76cbed6f0e7f8cc43f4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 1856533
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 7000c383-7465-403e-a88e-36409ed02d4d
x-served-by: cache-iad-kcgs7200065-IAD, cache-fra-eddf8230065-FRA
last-modified: Tue, 04 Jul 2023 11:07:23 GMT
server: cloudflare
x-timer: S1690327695.804689,VS0,VE2
fastly-request-backend: fastly
etag: W/"abd6ece5eb75474c90b218034772728d"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9c6b230493-FRA
fastly-sie: 86400.000
x-cache-hits: 1576, 1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 144ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W2SMX41KR6&gtm=45je37o0&_p=760463552&_gaz=1&cid=1302452251.1690327695&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690327694&sct=1&seg=0&dl=https%3A%2F%2Fwww.mtlblog.com%2F&dt=MTL%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.transport=beacon&ep.dimension13=home%2C2&ep.dimension17=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2SMX41KR6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 144ms
48ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W2SMX41KR6&cid=1302452251.1690327695&gtm=45je37o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2SMX41KR6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 141ms
51ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W2SMX41KR6&cid=1302452251.1690327695&gtm=45je37o0&aip=1&z=578048901

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 member
memberstack-client.getmilla.com/ Frame 0
0 135ms
135ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?6937

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 99
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 member Show response
memberstack-client.getmilla.com/ 13 B
77 B 144ms
144ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?6937

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"d-XXcxLjB/sjfS0AB6+CxvXcLGrm4"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 99

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7cfcd152-8a46-4ca5-8538-ee697cea5b1a/ 6 KB
2 KB 150ms
130ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7cfcd152-8a46-4ca5-8538-ee697cea5b1a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de270e3495af6f634ad8618e0d4596a7fbf10c806319ba4ed7e3abb44944fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 80e611d8-4297-4cc7-ae6e-ffa418d7037b
x-runtime: 0.064426
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7de270e3495af6f634ad8618e0d4596a"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7ec82d9ccc58383b-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 26 Jul 2023 00:28:14 GMT

GET
H3 200 a-hand-sculpture-sticking-out-of-the-ground-around-the-base-of-a-tree-in-the-forest.jpg
www.mtlblog.com/media-library/ 22 KB
23 KB 184ms
184ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/a-hand-sculpture-sticking-out-of-the-ground-around-the-base-of-a-tree-in-the-forest.jpg?id=34667227&width=341&height=191&quality=80&coordinates=45%2C0%2C45%2C0

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcf86d726e35fb21013b23a99b86fb4fa31f8778c1ac4b6cd0a217ab30c0120

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 3884
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 4a29c585-18da-4db2-9caf-8201aef1363a
x-served-by: cache-iad-kjyo7100136-IAD, cache-fra-eddf8230065-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.840847,VS0,VE101
fastly-request-backend: fastly
etag: W/"413c9-DLvD1vbeysNqWsidSpH9+/E9H1E"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb520493-FRA
fastly-sie: 86400.000
x-cache-hits: 5, 0

GET
H3 200 tew-s-falls-in-ontario-right-the-maid-of-the-mist-nearing-niagara-falls.jpg
www.mtlblog.com/media-library/ 12 KB
13 KB 229ms
228ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/tew-s-falls-in-ontario-right-the-maid-of-the-mist-nearing-niagara-falls.jpg?id=34667106&width=341&height=191&quality=80&coordinates=0%2C37%2C0%2C38

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a1650352af6aa0c7071c540d09e0eb5ddb98790b07fef07fd9ddac162f15e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 10826
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 99a173c3-e994-4045-9261-42c236fa0b29
x-served-by: cache-iad-kiad7000088-IAD, cache-fra-eddf8230112-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.851036,VS0,VE87
fastly-request-backend: fastly
etag: W/"30671-zT2CA5nayPiRxqepfdirBNe1WQs"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb540493-FRA
fastly-sie: 86400.000
x-cache-hits: 7, 0

GET
H3 200 image.png
www.mtlblog.com/media-library/ 11 KB
12 KB 141ms
140ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/image.png?id=34206863&width=341&height=191&quality=80&coordinates=0%2C50%2C0%2C51

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2ff1a0bf173a68ecc3781331edf616044fbdd3b1cf3f5a8ea38c8e157507bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 15537
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: e0d8258a-f7a9-4211-8164-31ae53a8d41b
x-served-by: cache-iad-kjyo7100128-IAD, cache-fra-eddf8230044-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.840460,VS0,VE90
fastly-request-backend: fastly
etag: W/"830e1-QbpIMVml0ih2cw/CZlNpiQeGigA"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb560493-FRA
fastly-sie: 86400.000
x-cache-hits: 8, 0

GET
H3 200 a-pixelated-collage-of-quebec-iconography-on-r-place.jpg
www.mtlblog.com/media-library/ 21 KB
22 KB 230ms
229ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/a-pixelated-collage-of-quebec-iconography-on-r-place.jpg?id=34663749&width=341&height=191&quality=80&coordinates=45%2C0%2C45%2C0

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d112017ace90fd8a8fa9e0f61eecd5524a88c564ece34cbeadec54867991913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 19358
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 61af4075-84a5-4b4c-9bc5-9540416a94e1
x-served-by: cache-iad-kiad7000155-IAD, cache-fra-eddf8230061-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.850747,VS0,VE90
fastly-request-backend: fastly
etag: W/"29d9e-J/xDs+jLDu1EK9b0bgwoHpdCCMI"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb590493-FRA
fastly-sie: 86400.000
x-cache-hits: 10, 0

GET
H3 200 meet-mtl-blogs-new-ai-powered-concierge.jpg
www.mtlblog.com/media-library/ 11 KB
12 KB 230ms
229ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/meet-mtl-blogs-new-ai-powered-concierge.jpg?id=34342623&width=375&height=210&quality=80&coordinates=0%2C0%2C0%2C0

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05c3fcdae63d86c34610a3441c62a580997080458b1df459277625d5a95deb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 374656
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: c62f503d-ef71-4b39-8b50-d8418aac3550
x-served-by: cache-iad-kiad7000056-IAD, cache-fra-eddf8230056-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.848579,VS0,VE91
fastly-request-backend: fastly
etag: W/"a062-zLtnNZonZwQuWHvHsVZ+tWrtNf4"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb5b0493-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 0

GET
H3 200 how-the-miniatures-in-your-favourite-movies-tv-shows-are-made-in-montreal.jpg
www.mtlblog.com/media-library/ 16 KB
16 KB 268ms
267ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/how-the-miniatures-in-your-favourite-movies-tv-shows-are-made-in-montreal.jpg?id=33622189&width=375&height=210&quality=80&coordinates=0%2C0%2C0%2C0

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

586d12435780538bbb2739025d0d509013d9d9949388547805981a1ab9ad6e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: df129504-3007-45bf-941f-621630684cbb
x-served-by: cache-iad-kcgs7200052-IAD, cache-fra-eddf8230023-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.849540,VS0,VE149
fastly-request-backend: fastly
etag: W/"cd16-WAkmOPajGGR4HofCIVVUYg8dfhk"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb5c0493-FRA
fastly-sie: 86400.000
x-cache-hits: 0, 0

GET
H3 200 dunkaroos-and-oreo-cinnamon-buns-are-as-awesome-as-they-sound-good-bites.jpg
www.mtlblog.com/media-library/ 18 KB
18 KB 268ms
268ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/dunkaroos-and-oreo-cinnamon-buns-are-as-awesome-as-they-sound-good-bites.jpg?id=33349844&width=375&height=210&quality=80&coordinates=0%2C0%2C0%2C0

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1de10717385658ec726601b7d1e4c98e0ec84e6bc1ba18959241267c73a4ab3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 517253
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 7fb6aea3-1bf8-4556-9da2-77f1a143d10f
x-served-by: cache-iad-kiad7000064-IAD, cache-fra-eddf8230045-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.856098,VS0,VE88
fastly-request-backend: fastly
etag: W/"dc4f-LTLSJ5Ee4KdRJuUh5b+BuWSN/TM"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb5d0493-FRA
fastly-sie: 86400.000
x-cache-hits: 3, 0

GET
H3 200 a-man-holding-up-a-ma-poule-mouillee-takeaway-bag-right-a-stack-of-rotisserie-st-hubert-bbq-boxes.jpg
www.mtlblog.com/media-library/ 21 KB
21 KB 288ms
287ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/a-man-holding-up-a-ma-poule-mouillee-takeaway-bag-right-a-stack-of-rotisserie-st-hubert-bbq-boxes.jpg?id=32974480&width=375&height=210&quality=80&coordinates=0%2C0%2C0%2C71

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c41b6bde2b7d08f61a09085a9c00cfb3b078941b3e2fc6bf6b0dc060b7368d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 876095
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: c5e59872-a016-4dcf-90f5-1d8cd1f139f9
x-served-by: cache-iad-kcgs7200028-IAD, cache-fra-eddf8230050-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.848521,VS0,VE89
fastly-request-backend: fastly
etag: W/"30a72-TLMxkjKiI09st3gwWUt0Pwncn48"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9cbb5f0493-FRA
fastly-sie: 86400.000
x-cache-hits: 3, 0

OPTIONS
H2 204 member
memberstack-client.getmilla.com/ Frame 0
0 135ms
134ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?9868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 98
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 member
memberstack-client.getmilla.com/ Frame 0
0 134ms
133ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?4662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 98
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 member
memberstack-client.getmilla.com/ Frame 0
0 135ms
135ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?8350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 98
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 member
memberstack-client.getmilla.com/ Frame 0
0 133ms
133ms Preflight 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?3071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-id,x-user-agent
Access-Control-Request-Method: GET
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app-id,x-user-agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: ms-mid
cross-origin-resource-policy: same-origin
date: Tue, 25 Jul 2023 23:28:14 GMT
origin-agent-cluster: ?1
ratelimit-limit: 100
ratelimit-remaining: 97
ratelimit-reset: 1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 member Show response
memberstack-client.getmilla.com/ 13 B
58 B 139ms
139ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?9868

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"d-XXcxLjB/sjfS0AB6+CxvXcLGrm4"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 98

GET
H2 200 member Show response
memberstack-client.getmilla.com/ 13 B
54 B 145ms
144ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?4662

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"d-XXcxLjB/sjfS0AB6+CxvXcLGrm4"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 98

GET
H/1.1 200
OK count.js Show response
mtl-blog.disqus.com/ 1 KB
2 KB 147ms
39ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mtl-blog.disqus.com/count.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 91
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Jul 2023 16:51:41 GMT
Server: nginx
ETag: "64b9661d-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: OpOupu6sOWTUNAkuPr9tQP3pc47XjADTiRRLbzAt17OY4TWlKYH4nw==

GET
H3 200 2761.47bccf008afd0c23ac73.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 6 KB
3 KB 67ms
67ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/2761.47bccf008afd0c23ac73.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/runtime.9cf63b2d21cab353df9d.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9f41c08cdd0e8f08ebd460df9abc193464f1f526250482d8987227893c338e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 1079239
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: c4149561-7ff6-4f0a-9c8f-591e6d69ce9d
x-served-by: cache-iad-kiad7000044-IAD, cache-fra-eddf8230092-FRA
last-modified: Thu, 13 Jul 2023 10:42:02 GMT
server: cloudflare
x-timer: S1690327695.865769,VS0,VE1
fastly-request-backend: fastly
etag: W/"3c8727d093d396f019921d71f70a689c"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9ccb6c0493-FRA
fastly-sie: 86400.000
x-cache-hits: 323, 1

GET
H2 200 member Show response
memberstack-client.getmilla.com/ 13 B
57 B 183ms
182ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?8350

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"d-XXcxLjB/sjfS0AB6+CxvXcLGrm4"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 97

GET
H2 200 member Show response
memberstack-client.getmilla.com/ 13 B
54 B 138ms
137ms XHR
application/json 75.2.96.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://memberstack-client.getmilla.com/member?3071

Requested by

Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.96.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8bdc53f9e74a023c.awsglobalaccelerator.com

Software

Caddy /

Resource Hash

ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-APP-ID: app_cld0tvr7s006a0th30gi8azk6
X-User-Agent: @memberstack/client@1.2.0
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
ratelimit-limit: 100
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
etag: W/"d-XXcxLjB/sjfS0AB6+CxvXcLGrm4"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
origin-agent-cluster: ?1
access-control-expose-headers: ms-mid
access-control-allow-credentials: true
ratelimit-remaining: 98

GET
H/1.1 200
OK listPopular.json Show response
disqus.com/api/3.0/posts/ 30 KB
31 KB 232ms
130ms Fetch
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/posts/listPopular.json?interval=3d&related=thread&limit=10&forum=mtl-blog&api_key=57vgnh1uq1hu0xHgZ8Klq1Ke9iDVAp61XbI825mwrn6hGyanj4nO2JPxOjG8vjvB

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7f5cb70909c4a6c0a0b7c0ef4cd12e749923f50b82b5722f9139066704894f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Age: 8
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 30909
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.mtlblog.com
Access-Control-Expose-Headers: Last-Modified
Cache-Control: stale-while-revalidate=300, public, max-age=300
Access-Control-Allow-Credentials: true

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 182ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6c972e0b5412761cc3fc5e5676577d6ff729a662df7752b0457d04d6ed83f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27766
x-xss-protection: 0
server: cafe
etag: 653 / 19563 / 31076377 / config-hash: 12459770061110055527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 23:28:14 GMT

GET
H2 200 web.mjs Show response
www.rebelmouse.com/pharos/client/v1/mjs/ 10 KB
5 KB 140ms
40ms Script
text/javascript 151.101.1.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rebelmouse.com/pharos/client/v1/mjs/web.mjs
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4a85c07788ee87c5b61add260786658626ebd240a28c5bfab29e2f5c1049a55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: gzip
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
age: 3656559
x-cache: HIT, HIT
x-envoy-upstream-service-time: 1
fastly-swr: 2592000.000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4108
x-request-id: cc372e49-a79e-4f6f-89d3-6f448e4383ca
x-served-by: cache-iad-kiad7000147-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 17 Jan 2023 15:44:18 GMT
x-timer: S1690327695.946384,VS0,VE1
fastly-request-backend: fastly
etag: W/"63c6c252-2995"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: text/javascript
x-rebelmouse-layouts-key: www.rebelmouse.com,(null)
accept-ranges: bytes
fastly-sie: 86400.000
x-cache-hits: 20913, 1

GET
H2 200 social-ux-non-critical.css
static.rbl.ms/static/css-build/roar/runner/ 98 KB
19 KB 51ms
42ms Stylesheet
text/css 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rbl.ms/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassetse8b874e39b339059e338b461576785bb
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3930538047f379661ed2d07ac8e274939d7dfd3e5298aaa0f3a049b400c573de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3062665
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19515
x-served-by: cache-iad-kcgs7200118-IAD, cache-fra-eddf8230055-FRA
last-modified: Tue, 20 Jun 2023 10:17:34 GMT
x-timer: S1690327695.856125,VS0,VE0
etag: W/"64917cbe-188f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 27515, 27

GET
H3 200 2F0BB9A5537C58166D6A3C47AE63077D
www.mtlblog.com/assets/css/non-critical/ 63 KB
13 KB 293ms
293ms Stylesheet
text/css 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/assets/css/non-critical/2F0BB9A5537C58166D6A3C47AE63077D

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d85583de5d6223ffcc448cc3151587624f29000217d334e7d30f5f15aaf4ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 warehouse@3.8.0 canary, 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 2168785
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 529ab214-56ee-4d6f-8f05-b8fb587ef7fa
x-served-by: cache-iad-kiad7000122-IAD, cache-fra-eddf8230121-FRA
server: cloudflare
x-request-category: assets
x-timer: S1690327695.863884,VS0,VE90
fastly-request-backend: fastly
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9ccb730493-FRA
fastly-sie: 86400.000
x-cache-hits: 2726, 0

GET
H3 200 8243.fc06c47a42d0a65db455.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 13 KB
6 KB 61ms
61ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/8243.fc06c47a42d0a65db455.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/runtime.9cf63b2d21cab353df9d.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d4da4909e50a31fe280e9cb1cd0a0d7d7094104108b243cc248899bf0fb2c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 3738538
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 6d839e52-65c6-4d7a-84fc-f20c609889d7
x-served-by: cache-iad-kiad7000179-IAD, cache-fra-eddf8230133-FRA
last-modified: Sun, 11 Jun 2023 09:10:22 GMT
server: cloudflare
x-timer: S1690327695.870336,VS0,VE2
fastly-request-backend: fastly
etag: W/"8313f586d8eda195798517344233fdf5"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9cdb810493-FRA
fastly-sie: 86400.000
x-cache-hits: 2123, 1

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 136 B
545 B 149ms
46ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

54f9893fe6e26c184cd39d23b1d0fec2d9635ae8aacdc89d07d5fc1b1059e948

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mtlblog.com
date: Tue, 25 Jul 2023 23:28:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
338 B 241ms
67ms XHR
text/plain 23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_12989&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:15 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.mtlblog.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 25 Jul 2023 23:28:15 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 183ms
55ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=jo5wht2&fmt=json
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 7052add31452ce94ddbea4a1b7644fd3e979b67d459baeb6a0563579f82b4a39

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 24 Aug 2023 23:28:15 GMT

GET
H2 200 fontawesome-webfont.woff2
static.rbl.ms/static/fonts/fontawesome/4.6.3/ 70 KB
71 KB 423ms
39ms Font
application/font-woff2 151.101.1.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rbl.ms/static/fonts/fontawesome/4.6.3/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: static.rbl.ms
URL: https://static.rbl.ms/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassetse8b874e39b339059e338b461576785bb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://static.rbl.ms/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassetse8b874e39b339059e338b461576785bb
Origin: https://www.mtlblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200092-IAD, cache-fra-etou8220104-FRA
date: Tue, 25 Jul 2023 23:28:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jun 2023 14:43:38 GMT
age: 3504754
x-timer: S1690327695.313399,VS0,VE0
etag: "6489d21a-118d8"
x-cache: HIT, HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 71896
x-cache-hits: 20070, 264

GET
H3 200 5250.46c98bc82eb7670f3753.bundle.mjs Show response
www.mtlblog.com/static/dist/social-ux/ 1 KB
1 KB 204ms
203ms Script
application/javascript 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mtlblog.com/static/dist/social-ux/5250.46c98bc82eb7670f3753.bundle.mjs

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/runtime.9cf63b2d21cab353df9d.bundle.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01287fe2934665504ad7d0617d90fe1dc698d1aefc1764b21a5f5424cae5b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
age: 2455755
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: db8bc9f3-1854-4283-9b33-f746132c2b53
x-served-by: cache-iad-kiad7000082-IAD, cache-fra-eddf8230133-FRA
last-modified: Tue, 27 Jun 2023 11:40:11 GMT
server: cloudflare
x-timer: S1690327695.952413,VS0,VE1
fastly-request-backend: fastly
etag: W/"7d764a5e94be059778a298549594bfd9"
x-rebelmouse-authorization: disabled
vary: Accept-Encoding
content-type: application/javascript
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: public, max-age=82800
cf-ray: 7ec82d9d6bf80493-FRA
fastly-sie: 86400.000
x-cache-hits: 509, 1

GET
H3 200 kit-connor-and-joe-locke-in-a-scene-from-season-two-of-heartstopper-right-gal-gadot-starring-in-her-latest-netflix-film-hea.jpg
www.mtlblog.com/media-library/ 9 KB
10 KB 204ms
203ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/kit-connor-and-joe-locke-in-a-scene-from-season-two-of-heartstopper-right-gal-gadot-starring-in-her-latest-netflix-film-hea.jpg?id=34658078&width=341&height=191&quality=80&coordinates=0%2C0%2C0%2C76

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caf683b28ef7a278da29b9cbf93bf756638668870860c4bcfc3773d878e9c9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:14 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 114305
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 3997354e-a46a-4dbc-a55c-a447019fbd90
x-served-by: cache-iad-kcgs7200048-IAD, cache-fra-eddf8230092-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.950194,VS0,VE1
fastly-request-backend: fastly
etag: W/"1e5f3-GSEzC9Q0rHhKCeap9SfHlgefdrw"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9d6bf90493-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 1

GET
H2 200 spacer.gif Show response
user-stats.rbl.ms/ 43 B
214 B 372ms
117ms Fetch
image/gif 3.85.250.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://user-stats.rbl.ms/spacer.gif?1690327694938&event=page-view&version=1&format=json&data=%7B%22site_id%22%3A21381795%2C%22roar_id%22%3A21381795%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22user_tracking_id%22%3A%22-5308106848%22%7D
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-250-173.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
last-modified: Sat, 24 Jun 2023 02:50:26 GMT
server: openresty
etag: "649659f2-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK count-data.js Show response
mtl-blog.disqus.com/ 1 KB
2 KB 426ms
426ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mtl-blog.disqus.com/count-data.js?2=https%3A%2F%2Fwww.mtlblog.com%2F12-breathtaking-ontario-waterfalls-you-can-road-trip-to-with-your-partner-this-summer&2=https%3A%2F%2Fwww.mtlblog.com%2F15-energizing-activities-you-can-reach-by-the-rem-just-minutes-from-downtown-montreal&2=https%3A%2F%2Fwww.mtlblog.com%2F50-cent-s-final-lap-tour-is-coming-to-montreal-in-august-it-ll-be-a-trip-down-memory-lane&2=https%3A%2F%2Fwww.mtlblog.com%2F7-unmissable-montreal-comiccon-activities-to-kick-your-pop-culture-passion-into-high-gear&2=https%3A%2F%2Fwww.mtlblog.com%2Fa-3-day-japanese-festival-is-coming-to-montreal-with-homestyle-food-a-kimono-showcase&2=https%3A%2F%2Fwww.mtlblog.com%2Fa-food-truck-festival-will-hit-the-premium-outlets-mall-north-of-montreal-this-weekend&2=https%3A%2F%2Fwww.mtlblog.com%2Fa-huge-pop-up-warehouse-sale-is-happening-in-montreal-this-week-everything-is-15-or-less&2=https%3A%2F%2Fwww.mtlblog.com%2Fa-montreal-snack-bar-is-hosting-a-jarritos-taco-party-with-free-food-drinks&2=https%3A%2F%2Fwww.mtlblog.com%2Fa-new-claw-machine-arcade-is-opening-on-montreals-north-shore-with-cute-prizes-free-sweets&2=https%3A%2F%2Fwww.mtlblog.com%2Fa-new-high-end-lounge-in-montreals-red-light-district-offers-unique-views-music-menu

Requested by

Host: mtl-blog.disqus.com
URL: https://mtl-blog.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a8d1e521f1ac241c5cf1c0b335024f3ef3915fd736769c20b52e40a705d3046f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 98
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1427
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
mtl-blog.disqus.com/ 1 KB
2 KB 220ms
132ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mtl-blog.disqus.com/count-data.js?2=https%3A%2F%2Fwww.mtlblog.com%2Fa-new-quebec-cemetery-literally-feeds-people-to-trees&2=https%3A%2F%2Fwww.mtlblog.com%2Fbest-mexican-restaurants-montreal&2=https%3A%2F%2Fwww.mtlblog.com%2Fbest-new-montreal-restaurants-2023&2=https%3A%2F%2Fwww.mtlblog.com%2Fdunkaroos-and-oreo-cinnamon-buns-are-as-awesome-as-they-sound-good-bites&2=https%3A%2F%2Fwww.mtlblog.com%2Ffree-shows-just-for-aughs&2=https%3A%2F%2Fwww.mtlblog.com%2Fheres-an-exclusive-look-inside-montreals-only-legal-magic-mushroom-farm&2=https%3A%2F%2Fwww.mtlblog.com%2Fi-tried-ganadaras-massive-loaded-27-poutine-it-was-a-lot&2=https%3A%2F%2Fwww.mtlblog.com%2Fif-you-know-someone-affected-by-sexual-violence-here-are-five-ways-to-help&2=https%3A%2F%2Fwww.mtlblog.com%2Fmeet-mtl-blogs-new-ai-powered-concierge&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal%2Fall-the-free-shows-you-can-see-at-parc-la-fontaines-outdoor-theatre-de-verdure-this-summer

Requested by

Host: mtl-blog.disqus.com
URL: https://mtl-blog.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f9289e090fc326e8fa355b4072107f1352eedd2b44fc66d4c944db95db2bc9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 98
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1143
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
mtl-blog.disqus.com/ 1 KB
2 KB 223ms
132ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mtl-blog.disqus.com/count-data.js?2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal%2Fbest-vegan-restaurants-montreal&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal%2Fhow-the-miniatures-in-your-favourite-movies-tv-shows-are-made-in-montreal&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal%2Fst-hubert-vs-ma-poule-mouillee-which-montreal-restaurant-does-rotisserie-chicken-better&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal%2Fwhy-montreal-island-has-no-right-turn-on-red&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal-is-getting-a-cultural-hub-made-of-old-metro-cars-you-can-already-drink-on-the-terrasse&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreal-ranked-among-the-best-cities-in-the-world-for-students&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreals-kickback-comedy-show-is-lighting-up-zoofest-with-free-shots-a-neon-after-party&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreals-rem-is-almost-ready-to-launch-you-can-be-the-first-to-ride-the-train&2=https%3A%2F%2Fwww.mtlblog.com%2Fmontreals-vegan-festival-is-back-in-september-with-tastings-demos-cheap-admission&2=https%3A%2F%2Fwww.mtlblog.com%2Fnetflix-canada-dropped-its-august-2023-releases-heres-what-you-can-binge-watch

Requested by

Host: mtl-blog.disqus.com
URL: https://mtl-blog.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c3d9c78ed105b302b39605edf9b6f8d615c33459df8ec862a622071abae11b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 113
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1468
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
mtl-blog.disqus.com/ 1 KB
2 KB 219ms
128ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mtl-blog.disqus.com/count-data.js?2=https%3A%2F%2Fwww.mtlblog.com%2Fof-montreal-s-best-niche-bookstores-where-to-find-them&2=https%3A%2F%2Fwww.mtlblog.com%2Fquebec-is-turning-reddits-viral-pixel-war-into-a-love-letter-to-the-province&2=https%3A%2F%2Fwww.mtlblog.com%2Fthe-best-aussie-expressions-to-cheer-on-canada-in-the-2023-fifa-womens-world-cup&2=https%3A%2F%2Fwww.mtlblog.com%2Fthe-stm-changed-the-metro-map-you-probably-didnt-even-notice&2=https%3A%2F%2Fwww.mtlblog.com%2Fthese-canadian-cities-will-pay-you-money-and-give-you-a-job-to-move-there&2=https%3A%2F%2Fwww.mtlblog.com%2Fthis-hydroponic-farm-in-montreal-grows-the-best-lettuce-youll-ever-taste-heres-their-secret&2=https%3A%2F%2Fwww.mtlblog.com%2Fthis-montreal-restaurant-has-a-new-terrasse-5-a-7-with-arak-cocktails-lebanese-bites&2=https%3A%2F%2Fwww.mtlblog.com%2Fthis-new-montreal-area-selfie-studio-has-25-unique-photo-perfect-rooms-including-a-ball-pit&2=https%3A%2F%2Fwww.mtlblog.com%2Fthis-wildlife-park-near-montreal-now-lets-you-feed-arctic-wolves-dine-in-their-domain&2=https%3A%2F%2Fwww.mtlblog.com%2Fwell-rated-saq-roses-cheap

Requested by

Host: mtl-blog.disqus.com
URL: https://mtl-blog.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f33ab56a582e52207f9cd43db5e539b457909ea2ccbe686d3c7956f789e1961b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 113
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1430
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
mtl-blog.disqus.com/ 459 B
1 KB 228ms
138ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mtl-blog.disqus.com/count-data.js?2=https%3A%2F%2Fwww.mtlblog.com%2Fwhite-wines-from-the-saq-that-won-t-break-the-bank-or-disappoint-your-taste-buds&2=https%3A%2F%2Fwww.mtlblog.com%2Fzellers-announced-the-opening-dates-for-4-new-montreal-area-locations

Requested by

Host: mtl-blog.disqus.com
URL: https://mtl-blog.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eabdf321a5d4c947570fde0587d8cdf24308da5366d52adbc2be8850d0032fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 113
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 459
X-XSS-Protection: 1; mode=block

GET
H3 200 OneSignalSDK.page.styles.css
onesignal.com/sdks/web/v16/ 81 KB
9 KB 59ms
59ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/web/v16/OneSignalSDK.page.styles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160000

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ea4084ee168ea0db11bfa427f777c8caf762178aa1b1b599824b5501fb6654

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 27772
etag: W/"5aad2e2d8408574fcfcc4d6873ce7e6c"
cf-polished: origSize=82972
vary: Accept-Encoding
content-type: text/css
cf-ray: 7ec82d9dcb633810-FRA
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: OneSignal-Subscription-Id

GET
H3 200 the-interior-of-le-garden-room-mae-sri-in-montreal-quebec-right-a-gluten-free-meat-skewer-served-at-satu-lagi-restaurant-in-m.jpg
www.mtlblog.com/media-library/ 19 KB
19 KB 152ms
152ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/the-interior-of-le-garden-room-mae-sri-in-montreal-quebec-right-a-gluten-free-meat-skewer-served-at-satu-lagi-restaurant-in-m.jpg?id=34658797&width=341&height=191&quality=80&coordinates=0%2C37%2C0%2C38

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577d82f858c7dd462f4320e723ca23cf82672ca2b90c08470eeaeee3a432ec2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 33191
x-cache: HIT, MISS
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 22a47d56-ea44-4d3e-af48-2093e480591e
x-served-by: cache-iad-kjyo7100040-IAD, cache-fra-eddf8230071-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.038644,VS0,VE91
fastly-request-backend: fastly
etag: W/"3559d-NX0HMq0v27AXuYq6Vcb5tBg7dWk"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9dec620493-FRA
fastly-sie: 86400.000
x-cache-hits: 14, 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 142ms
44ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

0cdd1b192eb9de412ec921a350e12033d7394f8a8322331ca34a7f7646bf8edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mtlblog.com
date: Tue, 25 Jul 2023 23:28:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 a-metro-sign-in-montreal-quebec-right-the-2023-updated-version-of-the-stm-metro-map.jpg
www.mtlblog.com/media-library/ 16 KB
17 KB 119ms
118ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/a-metro-sign-in-montreal-quebec-right-the-2023-updated-version-of-the-stm-metro-map.jpg?id=34663571&width=341&height=191&quality=80&coordinates=0%2C37%2C0%2C38

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

609a083e0c71aace979746d8cc0b2fbd6db4abdc411a2e3c35c32cefbc74ab8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 23385
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 0c25cd31-ce86-4c2b-a09b-705939bf4cff
x-served-by: cache-iad-kiad7000036-IAD, cache-fra-eddf8230044-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.072363,VS0,VE2
fastly-request-backend: fastly
etag: W/"28b9b-M/hqy05OA8a+oJDanXKLd1LoQDQ"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9e2c920493-FRA
fastly-sie: 86400.000
x-cache-hits: 7, 1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/ 386 KB
123 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a0c039b98da59b46b0f69878bc661015aaea81e1837030a87d6966cba89c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 17:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22085
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125533
x-xss-protection: 0
server: cafe
etag: 5825135073400313294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Jul 2024 17:20:10 GMT

GET
H3 200 a-person-shopping-at-a-clothing-pop-up-sale-in-montreal-quebec.jpg
www.mtlblog.com/media-library/ 16 KB
17 KB 102ms
101ms Image
image/webp 2606:4700:10::6814:b32d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mtlblog.com/media-library/a-person-shopping-at-a-clothing-pop-up-sale-in-montreal-quebec.jpg?id=34656288&width=341&height=191&quality=80&coordinates=0%2C0%2C0%2C76

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:b32d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e98662f0aec5389b6f244998092ec9736bbb83ea3a350095cf47941ef9c471

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
via: 1.1 ingress@dev, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
age: 117401
x-cache: HIT, HIT
fastly-swr: 2592000.000
alt-svc: h3=":443"; ma=86400
x-request-id: 5aebda92-4ff8-4fc6-bde6-99e475f6b259
x-served-by: cache-iad-kcgs7200113-IAD, cache-fra-eddf8230112-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-request-category: assets
x-timer: S1690327695.111175,VS0,VE1
fastly-request-backend: fastly
etag: W/"330be-NijtJHtH3mQzC6iPOz3Nntrdqgk"
x-rebelmouse-authorization: disabled
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
x-rebelmouse-layouts-key: www.mtlblog.com,(null)
cache-control: max-age=31536000, public, immutable
cf-ray: 7ec82d9e6cd30493-FRA
fastly-sie: 86400.000
x-cache-hits: 11, 1

POST
H/1.1 400
Bad Request cookie_sync Show response
prebid-server.rubiconproject.com/ 49 B
319 B 235ms
41ms XHR
text/plain 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/cookie_sync
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mtlblog.com
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 71
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 496 B
644 B 239ms
44ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 719361060747d42c741594143629f22bab606e4c878c319b16bbb5cb7cf50ba2

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.124.0
Content-Type: application/json
access-control-allow-origin: https://www.mtlblog.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 344
Expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
960 B 263ms
120ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0071490e1e4d8a598e61cfe57779c84820edbfbaebd3a74eac8b6c355a8785d0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:15 GMT
an-x-request-uuid: 8951e1f5-9b7c-4cb8-b21c-95375d3c90f5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 335 B
849 B 393ms
212ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19800&site_id=368954&zone_id=2010014&size_id=2&alt_size_ids=57&eid_pubcid.org=60e5b785-1030-415b-9bc8-d9b15e94ddcc%5E1&rf=https%3A%2F%2Fwww.mtlblog.com%2F&tg_i.page=https%3A%2F%2Fwww.mtlblog.com%2F&tg_i.domain=mtlblog.com&tg_i.pbadslot=top-ad&tk_flint=pbjs_lite_v7.40.0&x_source.tid=987e2a40-402d-4eb9-92ea-17e68796e64c&l_pb_bid_id=6e6fe581b6c75f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23387875410372705
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ed58b1c78fe8aa37adda011c6a2580da4ec9aafdf43cbe8f0690e721422666cf

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 335
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 232ms
109ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mtlblog.com
date: Tue, 25 Jul 2023 23:28:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
543 B 265ms
165ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=301232
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e8f9cac7f843793969fa014919e21729b6b9f05e95de29004dbc60b628f20e6

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UGrWWZS1JsJVdSDA9bT9UQcvJRdimKmMAZeQ4I5et3er1JglgxluxWVOnqjWnHul0Oax46CdvoQZtJ%2FAucMkONUL3cfooQ4K72qHAyq%2BLHR0T5yKsLUL1gLO3JoTmZqhtBWls3x"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ec82d9f7b2d9972-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 163ms
41ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.mtlblog.com
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 25 Jul 2023 23:28:15 GMT
server: ATS/9.1.10.57

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
342 B 131ms
49ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 7ad9c7912837bca50e85a6a177413cef4f731a7be21391b9a6c44658f2b76d76

Request headers

Referer: https://www.mtlblog.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200 1300.json Show response
id5-sync.com/g/v2/ 241 B
650 B 124ms
43ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1300.json

Requested by

Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

d5e144c2299d8446311ffa647f638d3e5e7ee6326c85485c8c3c9f55b4ae332b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mtlblog.com
date: Tue, 25 Jul 2023 23:28:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 1020360 Show response
fundingchoicesmessages.google.com/i/ 148 KB
49 KB 175ms
72ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1020360?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39f7aa758c2a2884d537bea5aea4a57ed7c0152a8bcb491efd90dd3e9bedc4a3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-T1ZylzvyXVYu5IUuTLsbeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-T1ZylzvyXVYu5IUuTLsbeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXiOWgj_LxTsTF0cTH45W4YlDtJ8-USZY_kJxJHAP_VD5qQZIppNh5I25U4UDBkclOBDJaPbpH8aBEdW08woTo= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 134ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXiOWgj_LxTsTF0cTH45W4YlDtJ8-USZY_kJxJHAP_VD5qQZIppNh5I25U4UDBkclOBDJaPbpH8aBEdW08woTo=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mLNANZq4nCk.es5.O/d=1/rs=AJlcJMzc94LtytHpqP2Ricf0JP5_1fXWDg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UHAMtnF_ymXbo-ttzDWy9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-UHAMtnF_ymXbo-ttzDWy9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXYcFbY0-UGfcFSFcJrT5rJ6OWBhZ0t3oE8xxdSbHo4HQzw8FvovzaYOE_P6d7dnN4Vys7ISvb-FozhrcZgd2Y= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 83ms
82ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYcFbY0-UGfcFSFcJrT5rJ6OWBhZ0t3oE8xxdSbHo4HQzw8FvovzaYOE_P6d7dnN4Vys7ISvb-FozhrcZgd2Y=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkwMzI3Njk1LDQ4MjAwMDAwMF0sIkM4M0U5REM0LTZDQzctNDY4Qy04ODkwLThGQjJGQkY1NUY5MSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm10bGJsb2cuY29tLyIsbnVsbCxbWzgsIm1MTkFOWnE0bkNrIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjQiXSxbMTEsIltbXSxbXSxbXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fca3d10d7eab4135f9454ed03d46999909e9a5dda524dc8dbc365c786169204

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gfc87JgFEfizU1O9tmim_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-gfc87JgFEfizU1O9tmim_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 135ms
50ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12512
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGyHNF0tNIf395hnvXpYHk32Wjn2ZcueQyfWQ%2F%2BYplOCx8MiRofntOOQyHNEOxF4z3iXE%2FdZDQV6AUnA%2BKs6%2B2Gn9k2I%2BKppSPYdfX2AdpCmIL7wD%2FF50OR3ntMHT7ooWXeTtrHys3%2FXccMaC3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ec82da17ac19b86-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 150ms
52ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: EQ0977RHP48FT9KC
age: 3101
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ec82da19863918c-FRA
x-amz-id-2: KMrFcklZyn75cMPfTnxiItG8HSYFuSkiOS+1xId12+2RrGWj1m1jpBxDB4L+Gq4dPou3GKA02q+Mf02nyR46EA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 161ms
40ms Script
text/javascript 2600:9000:2250:fc00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 25 Jul 2023 00:56:56 GMT
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 81080
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: FhLA3yfqf3bRWCY5plC_vipVIN76yIXIxvhDvsvZJOusuFDsVVIPZw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
15 KB 385ms
384ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2848840409845935&correlator=1084052635678478&eid=31076377%2C31070233%2C44797784&output=ldjh&gdfp_req=1&vrg=202307240101&ptt=17&impl=fifs&iu_parts=1020360%2CLeaderboard_Master%2CSkin%2Ccustom-featured-partner-mtlblog&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x250%2C1x1%2C320x50&fluid=0%2C0%2Cheight&ifi=1&adks=3834711020%2C2856099063%2C411166652&didk=3159423469~2508672899~74998651&sfv=1-0-40&prev_scp=lazyload%3Dlazyload%26refresh%3Dtrue%7C%7C&eri=1&cust_params=category%3Dsection-homepage%26slug%3D%252F%26lang%3Den&ppid=60e5b7851030415b9bc8d9b15e94ddcc&sc=1&cookie_enabled=1&abxe=1&dt=1690327695564&lmt=1690327695&adxs=436%2C0%2C88&adys=20%2C290%2C940&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.mtlblog.com%2F&frm=20&vis=1&psz=1600x90%7C1600x5256%7C1464x0&msz=1600x90%7C1600x0%7C1424x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1302452251.1690327695&ga_sid=1690327696&ga_hid=760463552&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYhIGH-5gxSABSAghkEhkKCnVpZGFwaS5jb20YhIGH-5gxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiEgYf7mDFIAFICCGQ.&cbidsp=CtIBCAESGQoHbWduaXBicxD8ASACOAJSB21nbmlwYnMSGQoIYXBwbmV4dXMQiQIgAlIIYXBwbmV4dXMSFwoHcnViaWNvbhCNAyACUgdydWJpY29uEhkKCHB1Ym1hdGljEOwBIAJSCHB1Ym1hdGljEg0KAml4EI0CIAJSAml4EhkKCHlhaG9vc3NwEKoCIAJSCHlhaG9vc3NwGAIiJDk4N2UyYTQwLTQwMmQtNGViOS05MmVhLTE3ZTY4Nzk2ZTY0YyoECAMgADIHdjcuNDAuMED0A0oA~~&dlt=1690327694230&idt=965

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b848e44f4e3d57dae5a2a98307e59515496456a65eccdebd2130dd9c634166a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15524
x-xss-protection: 0
google-lineitem-id: -1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mtlblog.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F9C 6 KB
3 KB 206ms
47ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 23:28:15 GMT
expires: Wed, 24 Jul 2024 23:28:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
213 B 116ms
116ms Fetch
image/gif 3.85.250.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1690327695763&event=section-page-view-duration&version=1&format=json&data=%7B%22site_id%22%3A21381795%2C%22roar_id%22%3A21381795%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22duration%22%3A1000%7D
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-250-173.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
last-modified: Sat, 24 Jun 2023 02:06:34 GMT
server: openresty
etag: "64964faa-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK 32wcagurfrgv Show response
cdn.onthe.io/io.js/ 68 KB
21 KB 177ms
80ms Script
text/javascript 142.93.164.216
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/32wcagurfrgv
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 142.93.164.216 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c7175fe090770b2065581cb818c8b1055a219b7b6320d3f0fe9003fd6c9e9725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Jul 2021 08:09:44 GMT
Server: nginx
ETag: W/"60e80448-11190"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 26 Jul 2023 23:28:15 GMT

GET
H/1.1

200
OK

am.js Show response
www.yceml.net/am_gen/8067236/impressions/page/
Redirect Chain

https://www.anrdoezrs.net/am/8067236/impressions/page/am.js
https://www.yceml.net/am_gen/8067236/impressions/page/am.js

3 KB
1 KB

214ms
45ms

Script
text/javascript

23.212.222.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yceml.net/am_gen/8067236/impressions/page/am.js
Protocol: HTTP/1.1
Server: 23.212.222.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-222-60.deploy.static.akamaitechnologies.com
Software: Resin/4.0.66 /
Resource Hash: 9113af967ca8173cbc64c7c9b62793bfdc5a82217ca215e6a02fa2722e9e03f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:16 GMT
Content-Encoding: gzip
Server: Resin/4.0.66
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
X-VC-HTTPS: On
Cache-Control: max-age=67385
Connection: keep-alive
Content-Length: 1009
Expires: Wed, 26 Jul 2023 18:11:21 GMT

Redirect headers

Location: https://www.yceml.net/am_gen/8067236/impressions/page/am.js
Date: Tue, 25 Jul 2023 23:28:16 GMT
Server: Resin/4.0.66
Content-Length: 97
Content-Type: text/html; charset=utf-8

GET
H2 200 sdk.js Show response
widget.beop.io/ 4 KB
3 KB 195ms
43ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/sdk.js

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDE) /

Resource Hash

7af817ba32f555e2964c178b1be5ce173da135250b2e5cfd7ad801cf35f6db1d

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com fonts.gstatic.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-ocdn-accept-language: de
content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com fonts.gstatic.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
date: Tue, 25 Jul 2023 23:28:15 GMT
age: 116
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2295
last-modified: Tue, 25 Jul 2023 23:26:19 GMT
server: ECAcc (frc/4CDE)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUDE201011
etag: "10b4-TRyveoyEFl6gSpYtfKANxamQQQ0+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Tue, 25 Jul 2023 23:33:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 195ms
87ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1374665d6fff0ebb3d2953f4280cd5fc58361f39a59322b26a37a34fe232ee47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11747
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 63BE 222 KB
62 KB 168ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 109056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 63BE 15 KB
5 KB 255ms
128ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 109056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 63BE 94 KB
28 KB 257ms
131ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 109056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 63BE 5 KB
2 KB 247ms
121ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 109056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 63BE 40 KB
13 KB 249ms
122ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 109056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 63BE 14 KB
1 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 23:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 22:13:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 23:28:16 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 63BE 2 KB
3 KB 173ms
40ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 10:39:29 GMT
x-content-type-options: nosniff
server: cafe
age: 46127
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 26 Jul 2023 10:39:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 63BE 295 B
664 B 172ms
39ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.mtlblog.com
URL: https://www.mtlblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 10:39:26 GMT
x-content-type-options: nosniff
server: cafe
age: 46130
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 26 Jul 2023 10:39:26 GMT

GET
DATA 200
OK truncated
/ Frame 63BE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc44b0a7aa6be6c68ad34542b3b59f062301a2dd8a3d3b5a7c5a3a08258b81ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 302ms
184ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240101/pubads_impl.js?cb=31076377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 23:28:16 GMT

GET
H2 200 d53a58189af6f981830d.js Show response
widget.beop.io/en/public/chunks/10.2.11/ 52 KB
15 KB 51ms
51ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/10.2.11/d53a58189af6f981830d.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCE) /

Resource Hash

816e62a0b0e8533a143d173c2f9c0d01029e2ae61298d25b831bd5b97d957fef

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com fonts.gstatic.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Wed, 24 Jul 2024 23:28:16 GMT
content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com fonts.gstatic.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
date: Tue, 25 Jul 2023 23:28:16 GMT
age: 636178
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14988
last-modified: Tue, 18 Jul 2023 14:45:18 GMT
server: ECAcc (frc/4CCE)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUDE201011
etag: "d1bc-XyGndq4YQkunYMy429AZJrh5950+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-ocdn-accept-language: de

GET
H2 200 fd1a69f2a34264047397.js Show response
widget.beop.io/en/public/chunks/10.2.11/ 110 KB
30 KB 41ms
41ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/10.2.11/fd1a69f2a34264047397.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD5) /

Resource Hash

05a662e24739d7ae5454e3732abaca2a624badd26391bd88861d0c53f9e04692

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src .beop.io .beopinion.com fonts.gstatic.com;frame-ancestors .beop.io *.beopinion.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Wed, 24 Jul 2024 23:28:16 GMT
content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com service.mtcaptcha.com service2.mtcaptcha.com;font-src *.beop.io *.beopinion.com fonts.gstatic.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
date: Tue, 25 Jul 2023 23:28:16 GMT
age: 636178
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30734
last-modified: Tue, 18 Jul 2023 14:45:18 GMT
server: ECAcc (frc/4CD5)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUDE201011
etag: "1b613-Lft1Z9QULEILbggiGFTnv3tks9c+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-ocdn-accept-language: de

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 63BE 33 KB
33 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mtlblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:43:59 GMT
x-content-type-options: nosniff
age: 247457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:43:59 GMT

OPTIONS
H2 200 serve
s.beop.io/ Frame 0
0 194ms
54ms Preflight
application/json 52.51.98.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.beop.io/serve?nuid=fe240950-a1f1-44d8-9a56-2f28d24e0902&sdk_version=10.2.11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.98.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-98-179.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-method: POST
access-control-allow-origin: https://www.mtlblog.com
content-length: 0
content-type: application/json
date: Tue, 25 Jul 2023 23:28:16 GMT
server: nginx/1.22.1

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 serve Show response
s.beop.io/ 135 B
326 B 167ms
56ms XHR
application/json 52.51.98.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.beop.io/serve?nuid=fe240950-a1f1-44d8-9a56-2f28d24e0902&sdk_version=10.2.11
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/10.2.11/d53a58189af6f981830d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.98.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-98-179.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 6f87ed92ea7a3fbfc1d0d23364c5923a6bdfb87d317c7399cb4274ae47f28459

Request headers

Accept: application/json
Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.mtlblog.com
date: Tue, 25 Jul 2023 23:28:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.22.1
access-control-allow-method: POST
content-type: application/json

POST
H2 204 i
t.beop.io/ 0
139 B 213ms
54ms Ping
text/plain 52.215.101.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=db2b32e078a77dfdc5f023b6df6763db
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/10.2.11/fd1a69f2a34264047397.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-250.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.mtlblog.com
date: Tue, 25 Jul 2023 23:28:16 GMT
access-control-expose-headers
access-control-allow-credentials: true
server: http-kit

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 63BE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

143ms
55ms

Image
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H2
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Redirect headers

date: Tue, 25 Jul 2023 23:28:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 63BE 0
0 87ms
86ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLbPtj1rAZPm5JtL0gAedi6DIBYGI971xmNafmPMQwImUmEMQASCPh9BjYJWCgICwB6AB3ODmrSnIAQapAkyyo14_iLI-4AIAqAMByAMKqgTvAU_QKXXFcuuAiAJSmqCmKWCqP4mfXHizYrsv5wDK7F60TxH_mVqceavjte_ZYQNQQoZpCs-FjNCQZ5dE5me2rvtOjQFrq1g2FpKH3MlmSR4R7IAbrrXC-tNcI1wDEuVHLNOeMnwJQx_Yl8IHXgyd2eb50mAUCf0OQ-n7fUL8tTJTc-pNdlcwG0QaIOnPnGhnCogSOjySoEsw1VnT4apO-UVpHlcxjQA1lD8Y3J1XJTyL-mNme3Iy37qSz-0wwdzzTk1p5grqQyJeJ6d56eSg9bMbMEBAtqK4Gx6uAUoffl58xAFUx_sBeGhwhMr_h5DfwASSj5zxrgTgBAGAB9yYt40EqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmcIQ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTA4gUAtAVAYAXAbIXHgocCAASFHB1Yi03Mjg5OTg2NTI0NDk2OTM5GJjeBg&sigh=CcB_fd424nQ&uach_m=[]&cid=CAQSXgBpAlJWWq5uTlUZJFbTNVRbCeekMg2fsuto0Tm_l0Hyr6iqisCalcTttmHgqg3HUy2iH8ctdt4_hMFWJt0A1tFbmJaNvaSvKArR-Wjw6e2TXZXiIidWGafNV9spt1wYAQ&template_id=492&cbvp=2
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D3E 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:25:59 GMT
expires: Wed, 24 Jul 2024 20:25:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC8C 783 B
955 B 51ms
50ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d2dcc9ca9fa8e980be0bb33601126a2a838cfd9d0de54bd3f598cee77a0ed99

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iQSlvsLbQpTUdMiVsQIdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 509
content-security-policy: script-src 'report-sample' 'nonce-iQSlvsLbQpTUdMiVsQIdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 23:28:16 GMT
expires: Tue, 25 Jul 2023 23:28:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC8C 0
0 73ms
72ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307240101&jk=2848840409845935&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D3E 38 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:24:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D3E 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vEsWdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 93ms
93ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.4795563161449352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vM6ayxxImH5xTEDBN5GEMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-vM6ayxxImH5xTEDBN5GEMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 63ms
62ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.9550628659518985

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-33rYvqZBlbjCfoovoEdtlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-33rYvqZBlbjCfoovoEdtlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK pageImpression
www.qksrv.net/ Frame 0
0 610ms
119ms Preflight
text/plain 159.127.43.10
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qksrv.net/pageImpression
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.127.43.10 Santa Barbara, United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: Resin/4.0.66 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mtlblog.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.mtlblog.com
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 25 Jul 2023 23:28:17 GMT
Server: Resin/4.0.66

POST
H/1.1 200
OK pageImpression Show response
www.qksrv.net/ 2 B
320 B 873ms
398ms XHR
application/json 159.127.43.10
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qksrv.net/pageImpression
Requested by: Host: www.anrdoezrs.net
URL: https://www.anrdoezrs.net/am/8067236/impressions/page/am.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.127.43.10 Santa Barbara, United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: Resin/4.0.66 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 25 Jul 2023 23:28:18 GMT
Server: Resin/4.0.66
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.mtlblog.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 2

POST
H3 204 AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
52ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I6T679DQ-ZV-gKirEJHBGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I6T679DQ-ZV-gKirEJHBGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307240101&jk=2848840409845935&bg=!ERKlEkbNAAZsPphkTD47ADkAdvg8WuhgwcuWz5fjVchhhs2rxdT6WbfIwk6zbGV198irTxHgAhCr5Q3UneAnZBbjG01aLEoaNSACAAAARlIAAAAKaAEHmQLg35MuAux2e_HrR3IkzQ9Cn2C5v9c_gxLPAb7iZYenlCHh2YtSe5rgUXCNMmg1Is01152CBFrTUAVJ4qXP2De8Y7CkdW8Yh2s5w5BKtZruwvNBKGue7Zs-HC7mTjCc_DH33g-D09Y7J6bNYqviY2R93-eIW6pJLMgEp2ScBx2DRhgvvrZuf-4wkqU-1FVEJwXaEErJZhLXcdt8Caa2_V0jsRMJMIUcrDOCKCHzcsqGyX3to9nluYQ32wTVfau03lJb323aPM3X9lDJbwQfnpnF7uJp_bqJK9InedpGvyd55Bv0Nykx89-5DPb3Z01f4cPv3j2DhElo0OLxo7tnoH6u_P248xkbJzXGh09FWfeHsqo9O2L42EiDBcl1ayJt9d3vGtWd3FRN-ZCy01gtAMOOazddsfbBj40zyOTyP3Nbw_zlQyp8qWIARL-syTA1WOKfI7QjbNutnJzC3N07gFZYKwMeEK_UW-QJn9kcZEVTLhrq5MaBfagqYoUSucTrVHLVHQk1eSEcvMzErcxDQ9QUmP-wrAWF-B9VMOJTezp76jQjjF4UFImC5pK2ulQk3MSrE22fjFkLqcgxe55rvwJUI5RZi5Ycvf6AawOebKUISFOB2crB3hzQeNFgTNA8eO46pE2Bx2YTuVxo6Qhw2JYtVIxoz9xHMMgsPHXAFe71JplOEnTeseIs-oA4wMbb6s14xeRCnL5CNRugqRSEjRBFehBiKnxBzQI078WVnXAXZLy1kUuF92nCe2K3T02BH824vSLwOUfdw2TL71RELwif_HSFYzlcTV8ltuAtVZIc7qKlMOBOXLUSfLHU7WZwS7T4YIrKRmmFiKmeYDJ-08y3toi9q797awXi2sj-gAwHucR0to3bwKDXMhgCk70qQtI6lbmC54r_K-Mj09j2v2BfNn49p658RSPYTgoMo4epS4-DMp4wIlb8bagb8WmQ9IsorFIs_LWgqSU2PFd-GPvxZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 adsall._ad3. Show response
fundingchoicesmessages.google.com/f/AGSKWxWXaClompVSVGEmQUlw0lZkgR8t-9ewZSr7uWya660P3Gr2g-Ls0ce4t8TU7VDNxvbvQxo8gxU4nSsX2vi-IKcmAr3nbj8YvfCvuv6e13u4IAoENuhcQ3agtUEJ2d6O8qQuXbKxg8XMXjDw8KDgK9fMKM6Lc... 54 B
108 B 57ms
56ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWXaClompVSVGEmQUlw0lZkgR8t-9ewZSr7uWya660P3Gr2g-Ls0ce4t8TU7VDNxvbvQxo8gxU4nSsX2vi-IKcmAr3nbj8YvfCvuv6e13u4IAoENuhcQ3agtUEJ2d6O8qQuXbKxg8XMXjDw8KDgK9fMKM6Lcj2mn5EqfAZMuXz9F6ZkejgrhXUc_KB9/_/ads/daily_.160x600._ad_desktop_/adsall._ad3.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mLNANZq4nCk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzc94LtytHpqP2Ricf0JP5_1fXWDg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

444cebb41129b3197fdec3c8073cdf03bbe9bb9c588e59a013e9e998240789e5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5dOCsCfi3z7EzXuNeXiUvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5dOCsCfi3z7EzXuNeXiUvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6bcd2086d04e40db07c652e42d6dbcb2d197a5a4a263d1cd8ef4aacb474a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50797
x-xss-protection: 0
server: cafe
etag: 13575542987383980655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 23:28:17 GMT

POST
H3 204 AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lgNjJXdDtabxBW_Ww-e-0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lgNjJXdDtabxBW_Ww-e-0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mtlblog.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 63BE 42 B
64 B 88ms
88ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttqMOM1vdTX26PdwMyXRSaRGHZXeUOjzNAHrK2y768pfAoAYTsC9U1uM5NHr4wJbT9BBhTYQRbhQWEezgwqfvn4sXEzmBRRd4avvKA9nU8IUvcbV_lYvQyvwam7nPvm1j0PwBod832eS44SdfRcGgVnFg1qKMLfpsZ-sLPNyToftm4c0XAldIECQpoOmJ_aOFkAMGsOSI2E1reH2xUat15SFejYwUwwtmPHyMr8eNdMf1WEu44uUe7zIy0V8eWwOYqoHwxlOYMgm_Rcq08Ib38nKqrXFKcytgjAOBhIEdTxUroxoXHz04thYkRbPDVC0BJShv3BiAMJl5g4hCC0GqCaFS5Fy0N8kEq_CvLdFQqkZWEnZSdNUTMzQlvN9PYjHsQSlj5C2eFR7wNQNy2_RhS1ZyW1Hw8q8Y07Z-EJlWf55IT6ALYG5K8r_LjYUofu1vl8Q4Gr-k6iwEteCe_QDaZTm0o79IxJaSW4OcYtPmYyqgyJ_PBnp4qJfXYG5AFwq_wF9j4BGytWgP4Hl19LHWVVKc6F9K4TUAQoRssGErD4LeF9iLlSiwPYQY5G0UGeE6E70h9DuC1-3njYL4Gx9642ShNgfrjwrFGgXTPyRPTABznFP1Xm82CZ_xbT_MQWTNUVxad9gx2DK6oAvOuX_M7zRSrMg8lFWO3vdR03oeGtB5cEIBdE07s9DEgoYaySCR1fyfgV-x-y95joKUVaI6dSnLpgM107m8pasTIDhI3OPK32N2dUb6JEedovl8TPDpnmGpE9jxHu_86vnsse-g6Fmb4BM2ZecHuwK9DuQ-I2ECmBJpnPVotktsy7NmHe_dpMbglnYsi9fA16I8WlyEHJMyCwmnv9S_WAnhEDX_oin1c457qlC0r6J3CTtUvHf9TXKiXtK7ZTi9lpbzEMHuEqg7vgRDRO3vHMc2euufcwfj0jVsYQWMl8lESgpsdiXtin2XkTC-qYAtKkXjcrRTqOPmrXOj00T4ZzrlL0rlRgKY7QVsRHGaIfb32k21p4w1ZfMvpe0OCz7tjmA&sai=AMfl-YRNT2KWkR4sevQXSM_nVbX52yEot_mf7wCM8mkHIGdiXD9iv3RU8Oj11jMTDl01QYeorYU9oB3VlX2pwKDpWvON43dpYMpHU1axN_3sIuTZrJ19ov3vgJFIoVCHybqZwurVsVR1Q3cynBv3k7qWr_GGwdhp31OGuDpasGBtO6mDdxQZq8kEIuqIl9w&sig=Cg0ArKJSzH8o9XAZaFiVEAE&cid=CAQSXgBpAlJWWq5uTlUZJFbTNVRbCeekMg2fsuto0Tm_l0Hyr6iqisCalcTttmHgqg3HUy2iH8ctdt4_hMFWJt0A1tFbmJaNvaSvKArR-Wjw6e2TXZXiIidWGafNV9spt1wYAQ&id=ampim&o=315,20&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=316&tls=1316&g=100&h=100&tt=1316&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zb5UEqqyfvQlS1MozlYhlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-zb5UEqqyfvQlS1MozlYhlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mtlblog.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame FEFE 10 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 23:46:54 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 23:46:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D6xLKeGCUN2-UA635Wwjjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D6xLKeGCUN2-UA635Wwjjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mtlblog.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
88ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVyJFgN_crWH93MdLVF0s_Jr2o-JuMuifqE10V63ArqABD9riwp46pyTlYclXSSPayzAwh425QvhWtrY9RdIKNyep75-s1_4eZ-RBPmK0VqEqVy8vvqvRdPAod1KEvd9RXd9sO03g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JVbA90FskO_ny2P3yaTlEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JVbA90FskO_ny2P3yaTlEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mtlblog.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV3CbCSj3BMRGvv8Te7jrtQVSpn2KNX5E9Z5nuMezJAGDiXdfgOIghpKK49gG_TzY6hSZLz1n4mAzrq4KTCSdQPIMXoNxHXlejRaXxPzc6uG-5K8z8bclL3PH1ssXKHcmfmMzh3CA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV3CbCSj3BMRGvv8Te7jrtQVSpn2KNX5E9Z5nuMezJAGDiXdfgOIghpKK49gG_TzY6hSZLz1n4mAzrq4KTCSdQPIMXoNxHXlejRaXxPzc6uG-5K8z8bclL3PH1ssXKHcmfmMzh3CA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkwMzI3Njk3LDQxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm10bGJsb2cuY29tLyIsbnVsbCxbWzgsIm1MTkFOWnE0bkNrIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjQiXSxbMTEsIltbXSxbXSxbXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e977a83ab26ca2274ca469b53f5205f5bc223c2d6b6f4c8da95156befd9007cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cbdj6a0sf3K0sFin1YKojA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-Cbdj6a0sf3K0sFin1YKojA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW1qVXaY8OoVvwE1imCxf5AkrKlbJDm6t4spvlToM0Z-LPdYbqy2A9hRBVeU85LNIEgnWCSGpsce5gASWHyQeXNHfXOCWkvXWVLw_KVYW4nUiUZRbecXlqTuCJA0yR9TkOUHkzeKg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1qVXaY8OoVvwE1imCxf5AkrKlbJDm6t4spvlToM0Z-LPdYbqy2A9hRBVeU85LNIEgnWCSGpsce5gASWHyQeXNHfXOCWkvXWVLw_KVYW4nUiUZRbecXlqTuCJA0yR9TkOUHkzeKg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DfYqYpGCcFiXh-fYIsT8CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mtlblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-DfYqYpGCcFiXh-fYIsT8CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mtlblog.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
213 B 116ms
116ms Fetch
image/gif 3.85.250.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1690327697763&event=section-page-view-duration&version=1&format=json&data=%7B%22site_id%22%3A21381795%2C%22roar_id%22%3A21381795%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22duration%22%3A2000%7D
Requested by: Host: www.mtlblog.com
URL: https://www.mtlblog.com/static/dist/social-ux/main.10f86943a139e954af93.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-250-173.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:17 GMT
last-modified: Sat, 24 Jun 2023 02:06:34 GMT
server: openresty
etag: "64964faa-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3004 52 KB
17 KB 140ms
39ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 53250
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 25 Jul 2023 23:28:18 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 16 Jul 2023 08:40:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2186, 342312
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230112-FRA
X-Timer: S1690327699.676713,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AD7B 15 KB
6 KB 142ms
40ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=157924
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 25 Jul 2023 23:28:18 GMT
expires: Thu, 27 Jul 2023 19:20:22 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame AB38 3 KB
2 KB 164ms
59ms Document
text/html 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 341
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7ec82db4d88990d6-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 23:28:18 GMT
expires: Wed, 26 Jul 2023 03:28:18 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 722F 281 B
554 B 156ms
39ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.narcity.com
URL: https://static.narcity.com/prebid/prebid7.40.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.mtlblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jul 2023 23:28:18 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AD7B 2 KB
3 KB 167ms
46ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86778143&p=160629&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a01f399a8a93715eaba838eb3d9e7569ccf9355a237965293bf99b022ffd1920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 23:28:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 3004 0
595 B 45ms
44ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:18 GMT
an-x-request-uuid: d8b5f382-fd02-499d-bbff-0f44969fa71e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 722F 34 KB
10 KB 40ms
40ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 06:44:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26149
Connection: keep-alive
Content-Length: 10113
Expires: Wed, 26 Jul 2023 06:44:07 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame F32C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

42ms
42ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: e821599b209f4dd6fb0b5c30a5fb5fd88539af367953d2b2b9f438d6a125aa79

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1836
Content-Type: text/html
Date: Tue, 25 Jul 2023 23:28:18 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Tue, 25 Jul 2023 23:28:18 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 722F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Sn7VZk4fQ22q-Q01a7VYdg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sn7VZk4fQ22q-Q01a7VYdg

43 B
479 B

132ms
131ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sn7VZk4fQ22q-Q01a7VYdg

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J042959EP01KSZZ96YXT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Sn7VZk4fQ22q-Q01a7VYdg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNhOTM3MGE2NTYyNmE3MWViNjA1YjcyZTIzYmRiYTM3OWNiYTRhMQ

170 B
188 B

49ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNhOTM3MGE2NTYyNmE3MWViNjA1YjcyZTIzYmRiYTM3OWNiYTRhMQ

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNhOTM3MGE2NTYyNmE3MWViNjA1YjcyZTIzYmRiYTM3OWNiYTRhMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 722F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/9YPi7QeYHr8HnyL4CbG_WQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-G11FQ7pE2oIND0izcgQUgMSBTZURIsR3rcnlYQ--~A

0
239 B

386ms
185ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-G11FQ7pE2oIND0izcgQUgMSBTZURIsR3rcnlYQ--~A
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 25 Jul 2023 23:28:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-G11FQ7pE2oIND0izcgQUgMSBTZURIsR3rcnlYQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 722F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QW3kOZd7SfeVR_HQr9dCAw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QW3kOZd7SfeVR_HQr9dCAw

43 B
479 B

130ms
130ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QW3kOZd7SfeVR_HQr9dCAw

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MKCSWZ7WC7QG9M1SM6YY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QW3kOZd7SfeVR_HQr9dCAw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 722F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtJWEdUMUItNi1FTzhW
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJYzG0rV6gFqpfE-IYDXchU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJWEdUMUItNi1FTzhW&google_push=

170 B
188 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJWEdUMUItNi1FTzhW&google_push=

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJWEdUMUItNi1FTzhW&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 722F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELC4mA15PcqLyWcihGeO8UM&google_cver=1

0
239 B

752ms
185ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELC4mA15PcqLyWcihGeO8UM&google_cver=1
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELC4mA15PcqLyWcihGeO8UM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 722F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIXGT1B-6-EO8V

0
673 B

366ms
262ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIXGT1B-6-EO8V
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:19 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 12E5B22353B44085B51C9C8D6D642178 Ref B: FRAEDGE1712 Ref C: 2023-07-25T23:28:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBWBYa/Ruq4MlCFcU+4A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIXGT1B-6-EO8V
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 722F 70 B
264 B 56ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 23:28:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D6E9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7821538520863806497

42 B
274 B

69ms
43ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7821538520863806497
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 23:28:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7821538520863806497
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2FD3 43 B
363 B 144ms
42ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 23:28:18 GMT
expires: Tue, 25 Jul 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 267562
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6E6D
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526843645243

42 B
195 B

41ms
41ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526843645243
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 23:28:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Tue, 25 Jul 2023 23:28:19 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526843645243
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 2C7F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

212ms
211ms

Document
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Jul 2023 23:28:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: D6VQEJY80SEEG7494WPT

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 25 Jul 2023 23:28:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6F7F0100-808B-4DCB-8C17-80CA44896C58&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 6S1SX38Q3PSVQAYGD2F6

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3E3A
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ

42 B
571 B

148ms
42ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 23:28:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 25 Jul 2023 23:28:19 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b38BAICLTcuMF4DKRIlsWA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

40ms
40ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:19 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=157923
accept-ranges: bytes
content-length: 5606
expires: Thu, 27 Jul 2023 19:20:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame AD7B 49 B
265 B 174ms
55ms Image
image/gif 3.248.0.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6F7F0100-808B-4DCB-8C17-80CA44896C58&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.0.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-0-230.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.14
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame AD7B
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3006342196
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6F7F0100-808B-4DCB-8C17-80CA44896C58

0
284 B

140ms
48ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6F7F0100-808B-4DCB-8C17-80CA44896C58
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
via: 1.1 google
last-modified: Tue, 25 Jul 2023 23:28:19 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6F7F0100-808B-4DCB-8C17-80CA44896C58
date: Tue, 25 Jul 2023 23:28:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame AD7B
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6F7F0100-808B-4DCB-8C17-80CA44896C58
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDM3NHg2M2RsbTBRLU93LVJCaVhOQUFlUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=8741475592893149168&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

117ms
117ms

Image
image/png

34.224.44.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: HTTP/1.1
Server: 34.224.44.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-44-34.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AD7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkY3RjAxMDAtODA4Qi00RENCLThDMTctODBDQTQ0ODk2QzU4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

137ms
44ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 23:28:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AD7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMRmjRkjoRHRUIXyurcCs4&google_cver=1

42 B
380 B

135ms
43ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMRmjRkjoRHRUIXyurcCs4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 23:28:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBMRmjRkjoRHRUIXyurcCs4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame AD7B 43 B
612 B 153ms
43ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 Jul 2023 23:28:19 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AD7B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8741475592893149168

42 B
473 B

149ms
42ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8741475592893149168
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 23:28:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8741475592893149168
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AD7B 70 B
264 B 57ms
55ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 23:28:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F32C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTD5IpNATQIdP-9QjjE7pc&google_cver=1

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTD5IpNATQIdP-9QjjE7pc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTD5IpNATQIdP-9QjjE7pc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F32C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

128ms
128ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EDXCYEHQH4DB3YBYGM1P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HJE383NX19DVXW368DSK
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F32C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZMBakrHh.0lfTvtxUtsuAAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELx1XzdyKZigAy77t__wSPI&google_cver=1&google_hm=2

43 B
632 B

46ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELx1XzdyKZigAy77t__wSPI&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELx1XzdyKZigAy77t__wSPI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F32C 70 B
264 B 57ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 23:28:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame F32C 43 B
698 B 235ms
60ms Image
image/gif 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1690327699099008-370
Expires: Tue, 25 Jul 2023 23:28:19 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F32C
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d533cc8c-7c35-47f2-9823-cdc54ddd65fb

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d533cc8c-7c35-47f2-9823-cdc54ddd65fb
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d533cc8c-7c35-47f2-9823-cdc54ddd65fb
date: Tue, 25 Jul 2023 23:28:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F32C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5EqTXg5Y1QorrZ5

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5EqTXg5Y1QorrZ5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:18 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-784-g0c0b2cf#rel-ec2-master i-0e28ed9eb62e8b70d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=5EqTXg5Y1QorrZ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F32C
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7291154382728595153

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7291154382728595153
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 23:28:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7291154382728595153
pragma: no-cache
date: Tue, 25 Jul 2023 23:28:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame F32C 43 B
353 B 147ms
45ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZMBakrHh.0lfTvtxUtsuAAAA%263303
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtlblog.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:19 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 14684
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ec82db73951913a-FRA
content-length: 43
expires: Wed, 26 Jul 2023 23:28:19 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 3004 0
593 B 45ms
45ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:19 GMT
an-x-request-uuid: 0a014d39-82b9-428e-929f-60a425222117
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame AD7B 0
260 B 158ms
42ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160629&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160629
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 23:28:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W2SMX41KR6&gtm=45je37o0&_p=760463552&cid=1302452251.1690327695&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1690327694&sct=1&seg=0&dl=https%3A%2F%2Fwww.mtlblog.com%2F&dt=MTL%20Blog&en=ad_impression&ep.transport=beacon&ep.query_id=CLm96K6Bq4ADFVI64AodnQUIWQ&_et=1205
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2SMX41KR6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mtlblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 23:28:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mtlblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mtlblog.com/	1970-01-20 23:08:07	Name: _ga Value: GA1.1.1302452251.1690327695
www.mtlblog.com/	1970-01-20 14:15:19	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mtlblog.com/	1970-01-20 17:51:19	Name: _sharedID Value: 60e5b785-1030-415b-9bc8-d9b15e94ddcc
www.mtlblog.com/	1970-01-20 17:51:19	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-25T23%3A28%3A15%22%7D
.adnxs.com/	1970-01-20 15:41:43	Name: icu Value: ChgIm8taEAoYASABKAEwj7WBpgY4AUABSAEQj7WBpgYYAA..
.adnxs.com/	1970-01-20 15:41:43	Name: uuid2 Value: 8764085606427198981
.rubiconproject.com/	1970-01-20 22:17:43	Name: khaos Value: LKIXGT1B-6-EO8V
.rubiconproject.com/	1970-01-20 22:17:43	Name: audit Value: 1\|hLZGFuTafB1SVCXAKiWBpQNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fcO+T7p6BCIjNUeUt0Kmu3SFL2rIyRN4eOBxGCOXoSK1Joag0xY2aAK+xUA9sgf/4b7FQD2yB//h
.mtlblog.com/	1970-01-20 22:53:43	Name: __gads Value: ID=af0cc1257195aa28:T=1690327695:RT=1690327695:S=ALNI_MbqJym62hEeDTBsj-YXEvpdVS2tFg
.mtlblog.com/	1970-01-20 22:53:43	Name: __gpi Value: UID=00000c47889f9f2f:T=1690327695:RT=1690327695:S=ALNI_MYj6oNd9pgM20zz5cGbqy2NQbAIBw
.mtlblog.com/	1970-01-20 23:08:07	Name: _ga_W2SMX41KR6 Value: GS1.1.1690327694.1.0.1690327695.59.0.0
www.mtlblog.com/	1970-01-20 13:33:34	Name: _io_ht_r Value: 0
.www.mtlblog.com/	1970-01-20 22:17:43	Name: beopid Value: fe240950-a1f1-44d8-9a56-2f28d24e0902
.doubleclick.net/	1970-01-20 22:53:43	Name: IDE Value: AHWqTUmdiohINpZL2SD_1cQd9BlCZgaYi-oAEDpHOsojMFxn3SAWwdjjxdhZJJSRLVc
.onesignal.com/	1970-01-20 13:32:09	Name: __cf_bm Value: AOonX4UmpyxPAXVONDTp8d9cQ3QLT47HZRTFT1LmbCw-1690327696-0-AXA5D+Z8Nb+K6QWBM7CDztVeCB+rzfrTIMrVMRjhZgV9IYLjeH4BQOa+/6EDV/ccMRSOkQZp3jtsBDDWErDTUaE=
.doubleclick.net/	1970-01-20 13:32:11	Name: DSID Value: NO_DATA
.mtlblog.com/	1970-01-20 22:17:43	Name: FCNEC Value: %5B%5B%22AKsRol8w9p-BrjVK2ktTCEUiysgagMcuNoh_PU_O2T5MWMsQouGyDzcCq9cUTlHGPeh1U_SiDDdYOoHbcjPHHMFqqX6P5VVQuPd7AtaWUjbzrr61rzlZu3y-kphZJOUgpoLnYa8RUapueCLUXdUvGp1KqCw7Pfp5SQ%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22800%22%5D%5D%5D
.ads.pubmatic.com/	1970-01-20 13:33:34	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 22:17:43	Name: KADUSERCOOKIE Value: 6F7F0100-808B-4DCB-8C17-80CA44896C58
.pubmatic.com/	1970-01-20 15:41:43	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 13:33:34	Name: pi Value: 160629:2
.pubmatic.com/	1970-01-20 15:41:43	Name: DPSync3 Value: 1691452800%3A201_245_241_235
.pubmatic.com/	1970-01-20 15:41:43	Name: SyncRTB3 Value: 1691452800%3A220_46_54_8_21_13_161_56_251%7C1691539200%3A35
.casalemedia.com/	1970-01-20 22:17:43	Name: CMID Value: ZMBakrHh.0lfTvtxUtsuAAAA
.casalemedia.com/	1970-01-20 15:41:43	Name: CMPS Value: 3303
.casalemedia.com/	1970-01-20 15:41:43	Name: CMPRO Value: 3303
.weborama.fr/	1970-01-20 22:58:02	Name: AFFICHE_W Value: AY4LGW9HSBgB22
.quantserve.com/	1970-01-20 15:41:43	Name: d Value: EK8BCwHGKfijAA
.quantserve.com/	1970-01-20 23:02:22	Name: mc Value: 64c05a93-01a44-c4e32-24719
.adform.net/	1970-01-20 14:16:46	Name: C Value: 1
.simpli.fi/	1970-01-20 22:19:10	Name: suid Value: 712680DF3C494BBFAD1C2BED775C6049
.de17a.com/	1970-01-20 22:10:31	Name: guid Value: 1.7821538520863806497
.adform.net/	1970-01-20 14:58:31	Name: uid Value: 8741475592893149168
.w55c.net/	1970-01-20 23:03:48	Name: wfivefivec Value: 5EqTXg5Y1QorrZ5
.pubmatic.com/	1970-01-20 15:41:43	Name: KRTBCOOKIE_153 Value: 1923-0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ&KRTB&19420-0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ&KRTB&22979-0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ&KRTB&23403-0BG6kNNE4JPLFejB0hH0w9JA6pLLF-2X1xxyEzyQ
.pubmatic.com/	1970-01-20 15:41:43	Name: KRTBCOOKIE_80 Value: 22987-CAESEBMRmjRkjoRHRUIXyurcCs4&KRTB&16514-CAESEBMRmjRkjoRHRUIXyurcCs4&KRTB&23025-CAESEBMRmjRkjoRHRUIXyurcCs4&KRTB&23386-CAESEBMRmjRkjoRHRUIXyurcCs4
.pubmatic.com/	1970-01-20 14:15:19	Name: KRTBCOOKIE_336 Value: 5844-7821538520863806497
.w55c.net/	1970-01-20 14:15:19	Name: matchcasale Value: 5
.ads.stickyadstv.com/	1970-01-20 14:15:19	Name: UID Value: 6de24dcd5c15fa9799fa4db6648cf3c
.ads.stickyadstv.com/	1970-01-20 14:15:19	Name: uid-bp-34673 Value: ZMBakrHh-0lfTvtxUtsuAAAADOcAAAIB
.pubmatic.com/	1970-01-20 14:15:19	Name: KRTBCOOKIE_391 Value: 22924-8741475592893149168&KRTB&23263-8741475592893149168&KRTB&23481-8741475592893149168
.rfihub.com/	1970-01-20 22:53:43	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MrMwMTYzMTUyMRbiM9T1LTepSDdxzUyLKEsCABztT08lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MrMwMTYzMTUyMRbiM9T1LTepSDdxzUyLKEsCABztT08lAAAA
.rfihub.com/	1970-01-20 22:53:43	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmlgbGRuZmlpZGoGAAvhFdYQAAAA
.pubmatic.com/	1970-01-20 15:41:43	Name: KRTBCOOKIE_18 Value: 22947-5133329526843645243
.pubmatic.com/	1970-01-20 14:15:19	Name: PugT Value: 1690327698
.amazon-adsystem.com/	1970-01-20 23:08:07	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 13:53:43	Name: arcki2 Value: l374x63dlm0Q-Ow-RBiXNAAeQ!20220908!1690327699306!ip#80.255.7.109
.audrte.com/	1970-01-20 13:53:43	Name: arcki2_pubmatic Value: 6F7F0100-808B-4DCB-8C17-80CA44896C58!20220908!1690327699309
.turn.com/	1970-01-20 17:51:19	Name: uid Value: 7291154382728595153
.audrte.com/	1970-01-20 13:53:43	Name: arcki2_ddp2 Value: l374x63dlm0Q-Ow-RBiXNAAeQ!20220908!1690327699484
.amazon-adsystem.com/	1970-01-20 19:33:34	Name: ad-id Value: AzMyokP4gE3PkvLC3DP2pNs
.audrte.com/	1970-01-20 13:53:43	Name: arcki2_adform Value: 8741475592893149168!20220908!1690327699678
.yahoo.com/	1970-01-20 22:18:05	Name: A3 Value: d=AQABBJNawGQCELVlSelRpwRXQcV9wHR-uCUFEgEBAQGswWTKZAAAAAAA_eMAAA&S=AQAAAjOuPMbH5mwE1lzNsLqCISU
.linkedin.com/	1970-01-20 22:17:43	Name: bcookie Value: "v=2&aaf89d33-7b22-47a5-8a7c-3fd8ce28186d"
.linkedin.com/	1970-01-20 17:51:19	Name: li_gc Value: MTswOzE2OTAzMjc2OTk7MjswMjHSzWqbXam7gU59yOXNZ4oYOyUHs4zd0nIKllsIypu/wQ==
.linkedin.com/	1970-01-20 13:33:34	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2803:u=1:x=1:i=1690327699:t=1690414099:v=2:sig=AQHouTMLq4Gqe9yyUEuqw-bv-VRnzc0B"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid-server.rubiconproject.com/cookie_sync Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6F7F0100-808B-4DCB-8C17-80CA44896C58&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

697e59244d73234b71191d0bba718ea7.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
assets.rbl.ms
at.teads.tv
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.onthe.io
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
disqus.com
dmp.adform.net
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
js.hcaptcha.com
lb.eu-1-id5-sync.com
match.adsrvr.org
memberstack-client.getmilla.com
mtl-blog.disqus.com
mtlblog.com
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
pages-stats.rbl.ms
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
s.beop.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.memberstack.com
static.narcity.com
static.rbl.ms
stats.g.doubleclick.net
sync.crwdcntrl.net
t.beop.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
user-stats.rbl.ms
widget.beop.io
www.anrdoezrs.net
www.google.com
www.google.de
www.googletagmanager.com
www.mtlblog.com
www.qksrv.net
www.rebelmouse.com
www.yceml.net
104.16.168.131
104.18.10.47
104.18.25.185
13.32.99.21
141.95.33.111
142.93.164.216
15.197.193.217
151.101.1.68
151.101.192.134
151.101.193.68
151.101.65.108
152.199.23.151
159.127.43.10
162.19.138.118
178.250.1.9
184.30.22.30
185.64.189.112
185.64.190.78
185.80.39.216
185.89.211.116
193.0.160.130
193.108.153.18
198.47.127.20
198.47.127.205
199.232.192.134
2001:4860:4802:32::36
209.54.182.161
213.155.156.182
216.58.206.34
23.192.153.28
23.212.222.60
23.32.184.192
2600:9000:2250:fc00:a:e047:753:be1
2600:9000:225e:a000:1f:138b:ce40:93a1
2602:803:c004:200::140
2606:4700:10::6814:b32d
2606:4700:10::ac43:266a
2606:4700::6810:5814
2606:4700::6810:7aaf
2606:4700::6812:d63b
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2004
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9b
2a05:d018:d29:3602:8869:c03a:e9b:25ed
3.120.19.63
3.248.0.230
3.85.250.173
34.111.129.221
34.111.131.239
34.149.87.222
34.224.44.34
34.91.62.186
34.95.81.168
37.157.6.243
46.228.164.11
52.215.101.250
52.28.203.152
52.51.98.179
52.95.122.74
54.243.223.181
69.173.144.137
75.2.96.173
8.39.36.141
8.39.36.142
0071490e1e4d8a598e61cfe57779c84820edbfbaebd3a74eac8b6c355a8785d0
04135f18ff8d10dbdd295d6c8377c3075f8bf01f6029dca0d0d1de420d64de17
05a662e24739d7ae5454e3732abaca2a624badd26391bd88861d0c53f9e04692
05c3fcdae63d86c34610a3441c62a580997080458b1df459277625d5a95deb59
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf81b569820582ddcc5e4a8704b6d7fa926e320482022ac25213be0d266c6ed
0cdd1b192eb9de412ec921a350e12033d7394f8a8322331ca34a7f7646bf8edb
0da2cf4ef625d8c3966a7d1c701433a43ca9bae10970201cb1a2101226c69321
0e8f9cac7f843793969fa014919e21729b6b9f05e95de29004dbc60b628f20e6
1374665d6fff0ebb3d2953f4280cd5fc58361f39a59322b26a37a34fe232ee47
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a0c039b98da59b46b0f69878bc661015aaea81e1837030a87d6966cba89c56
18a42db8905b117bd3891b49de5f450364a0cf2bb67cf4fef5c5aa5e3c767220
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d2dcc9ca9fa8e980be0bb33601126a2a838cfd9d0de54bd3f598cee77a0ed99
1de10717385658ec726601b7d1e4c98e0ec84e6bc1ba18959241267c73a4ab3e
1fe9d2479bd7cddb942df549a6943163a24e39b73f64904105fc37002970af1f
217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ca71411ce52f5d5831d8050c25f9551a45f17296cef65ee1de912e2079d907d
2d4da4909e50a31fe280e9cb1cd0a0d7d7094104108b243cc248899bf0fb2c62
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3930538047f379661ed2d07ac8e274939d7dfd3e5298aaa0f3a049b400c573de
39f7aa758c2a2884d537bea5aea4a57ed7c0152a8bcb491efd90dd3e9bedc4a3
3a1650352af6aa0c7071c540d09e0eb5ddb98790b07fef07fd9ddac162f15e57
3ad75541ba4c43100211368142a5d7b90495059642ce9e2ab25318047784ddf2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
444cebb41129b3197fdec3c8073cdf03bbe9bb9c588e59a013e9e998240789e5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48deb759bbe2dcbd9ec0cf4c261c6a09ba43d2be496fa46161b25d91ca896c29
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50a287059abe8eb06d51868537b3032afc6f722e556cf3a72ef54c15ed0048b0
54f9893fe6e26c184cd39d23b1d0fec2d9635ae8aacdc89d07d5fc1b1059e948
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577d82f858c7dd462f4320e723ca23cf82672ca2b90c08470eeaeee3a432ec2d
586d12435780538bbb2739025d0d509013d9d9949388547805981a1ab9ad6e61
5d85583de5d6223ffcc448cc3151587624f29000217d334e7d30f5f15aaf4ba5
609a083e0c71aace979746d8cc0b2fbd6db4abdc411a2e3c35c32cefbc74ab8b
60dcb09dd4f1a808329c49ef356c286d30c4ffb5f730c8165084dac14714f9e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65434e3702c9794d39142fa073463105eb410ee401087641c351d6108bb76b52
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604
6aa191b19eacc0de52cb5bceb580645ed7bfad03d9a3600bc062a75573e01c61
6f87ed92ea7a3fbfc1d0d23364c5923a6bdfb87d317c7399cb4274ae47f28459
7052add31452ce94ddbea4a1b7644fd3e979b67d459baeb6a0563579f82b4a39
719361060747d42c741594143629f22bab606e4c878c319b16bbb5cb7cf50ba2
7ad9c7912837bca50e85a6a177413cef4f731a7be21391b9a6c44658f2b76d76
7af817ba32f555e2964c178b1be5ce173da135250b2e5cfd7ad801cf35f6db1d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7de270e3495af6f634ad8618e0d4596a7fbf10c806319ba4ed7e3abb44944fb7
7f5cb70909c4a6c0a0b7c0ef4cd12e749923f50b82b5722f9139066704894f90
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816e62a0b0e8533a143d173c2f9c0d01029e2ae61298d25b831bd5b97d957fef
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
876318528d9bcda6f71d58022986a14f0da55852c9c5480b09012a61f19ac0fc
87ea4084ee168ea0db11bfa427f777c8caf762178aa1b1b599824b5501fb6654
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fca3d10d7eab4135f9454ed03d46999909e9a5dda524dc8dbc365c786169204
9113af967ca8173cbc64c7c9b62793bfdc5a82217ca215e6a02fa2722e9e03f1
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9bcf86d726e35fb21013b23a99b86fb4fa31f8778c1ac4b6cd0a217ab30c0120
9c9ecd1d9799486c836fc09fb45340d2b04c983cb4372dc329c2d0817bbcdeef
9d112017ace90fd8a8fa9e0f61eecd5524a88c564ece34cbeadec54867991913
a01f399a8a93715eaba838eb3d9e7569ccf9355a237965293bf99b022ffd1920
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a53bbf997ec817e783e49cec699edec2a5b9d2d7273494b89c9c431f7bb9d97a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8d1e521f1ac241c5cf1c0b335024f3ef3915fd736769c20b52e40a705d3046f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab6bcd2086d04e40db07c652e42d6dbcb2d197a5a4a263d1cd8ef4aacb474a9c
ae2ff1a0bf173a68ecc3781331edf616044fbdd3b1cf3f5a8ea38c8e157507bb
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a85c07788ee87c5b61add260786658626ebd240a28c5bfab29e2f5c1049a55
b848e44f4e3d57dae5a2a98307e59515496456a65eccdebd2130dd9c634166a9
b8e98662f0aec5389b6f244998092ec9736bbb83ea3a350095cf47941ef9c471
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
baa5fa641f4530c392591a0c27bce29a6790f1ca595eb967f3b5fbc90303f898
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d9c78ed105b302b39605edf9b6f8d615c33459df8ec862a622071abae11b3f
c41b6bde2b7d08f61a09085a9c00cfb3b078941b3e2fc6bf6b0dc060b7368d3e
c7175fe090770b2065581cb818c8b1055a219b7b6320d3f0fe9003fd6c9e9725
c9f41c08cdd0e8f08ebd460df9abc193464f1f526250482d8987227893c338e4
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
caf683b28ef7a278da29b9cbf93bf756638668870860c4bcfc3773d878e9c9c5
cc44b0a7aa6be6c68ad34542b3b59f062301a2dd8a3d3b5a7c5a3a08258b81ad
cd3e652277a06712481249796e6e44d081927c0ac2e48465167923e011e0b1d8
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
ce6c972e0b5412761cc3fc5e5676577d6ff729a662df7752b0457d04d6ed83f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01287fe2934665504ad7d0617d90fe1dc698d1aefc1764b21a5f5424cae5b8f
d09c01d58157628a6c6253fd0a9349bcb58a7df7f0d6e537240098a405b883fa
d20146b3e3bfd16f5c21c06d3a15e5a00ed24a6d034538adb6058ef4e9b44834
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
d4e7dfb60bedf1132195a57c06d79029cf20275d6c9dac4cf06412f290b90678
d5e144c2299d8446311ffa647f638d3e5e7ee6326c85485c8c3c9f55b4ae332b
dde88b38e128c27f25e29ad4c33337ce0d7e4c85e7c76cbed6f0e7f8cc43f4f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e821599b209f4dd6fb0b5c30a5fb5fd88539af367953d2b2b9f438d6a125aa79
e977a83ab26ca2274ca469b53f5205f5bc223c2d6b6f4c8da95156befd9007cf
eabdf321a5d4c947570fde0587d8cdf24308da5366d52adbc2be8850d0032fb3
ed58b1c78fe8aa37adda011c6a2580da4ec9aafdf43cbe8f0690e721422666cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33ab56a582e52207f9cd43db5e539b457909ea2ccbe686d3c7956f789e1961b
f9289e090fc326e8fa355b4072107f1352eedd2b44fc66d4c944db95db2bc9de

www.mtlblog.com Open in urlscan Pro 2606:4700:10::6814:b32d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

88 %HTTPS

31 %IPv6

51 Domains

84 Subdomains

64 IPs

11 Countries

1910 kBTransfer

5381 kBSize

57 Cookies

9 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mtlblog.com Open in urlscan Pro
2606:4700:10::6814:b32d Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

88 %
HTTPS

31 %
IPv6

51
Domains

84
Subdomains

64
IPs

11
Countries

1910 kB
Transfer

5381 kB
Size

57
Cookies

178 HTTP transactions
3 data transactions