blogs.mtdv.me Open in urlscan Pro
2606:4700:3034::ac43:b320 Public Scan

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:02 GMT
an-x-request-uuid: 98656c01-a5a8-406a-9252-3b595deee4ef
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0OTU1MjgxMzEzNjA2NzUw
x-proxy-origin: 178.162.209.131; 178.162.209.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C2A 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3639522409677&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C2A 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3639522409677&version=m202309260101&ct=76&x=1&cor=13195352392753814000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C2A 16 KB
12 KB 309ms
308ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMGaADvkqh_DBd9XD4SnCtBFWUTe-4vmKEet3Fd5wdNvidUfSTIiXLCTU66Iid_9gj6d1y14S5WpJZ3X52nckzHIwnaqp4x-a8ohyfIura4QsfjiYAtbHcUYXocbiQP2p7nSQy7rdMFy86dsURjyFbR-nvlfPjaL5QKpRacnT0HMLa5Ao&cry=1&dbm_d=AKAmf-DUt7dHmS6ADaF1K_zhFW-KKBESQ3b9oeqeQ0uyoBVfFr0HRTn_o4NEAQKCCszLlWqGjWcI0Je532pCXssm-jp4jcBTxEkb9jGia9J3U_UFNGv4xQ3cjB21AUvDHHuBT2w_e7lzEpUpILSbYoOx1xZQ8T_RMr_tKXuGtS-deGYBoTQErwFQDUcORdAGLlyroYNSv89KNy-Oya1UPZ-8LYU_8lBUrojnoYFj612_AlUxHaWNkxbXReiR0Rsm7ol75_NvwM5GUr7IQyAcqzMSwd_1_-NfXhcP2Aefvj3o5fr11fZ2WABPakkYEt128ZDZ8Ou5hh2uJtINZq2fRMMtOXiqr7drz7A9Lzax_S9uddYhSqLGLuAfZnspwvD8S8ic0INkzXKEGLGdjyvRCxsurVyPVOloggrzUQ8fdGDPJZ24fIhbSYP6HxzVebvH2dJT5yGwrA19j9sE9HedS25HsYGnrkljY_EnBr4tEsfcmuq5hKCdgn-yG3YD0UPIl88iG85yZWEkm99DREJlsQ3InydjWuXJgWq2Flj99GK6kfOEJ9HZItG68htZZsiSA5bV6UPGjNE7sfAPaVliD0n9C0Sf8aT_awXeh0eh9eAAkVG0zFPSH733PNI-deJUfrXIPpaUOQQMjZeQpwijmG410gLgLFx5e4KTlIMZnRxKz0pp1AfqNfKHG2X88tOBbC3yyLI7ToeCRuVqhMWCg-iv_SaIiK-tAgox438E5Cz6mhrg14YMsVUipVCFw20ESTWvq4kwx0y8gQzVHBL5bYdlljtV-qbcZ0eOAy8CPUBYf8BEDj9-vCEyH3oLZ6cfVgpLCAayQ5hkgy9p4Ry5DSm8f3le28ZEW4dnxRaVCcNskveHCN0OKQoElfok98YpYEYkJQk55bwr8xY5S-okERyUliXBnNMTSgEX-edJbhoGnqDmyhcf9kbSaQFzodrhtXzsEMHiBw_sAYRIPtto2cIlB4P-uV_iC_Cueq2KEgDPvEnw_rwNk9EbA2BArISoiOSg4BaPJ04bHi_GHnhzlhueEm8IYpcZB7sS1Cep49zxRBDsncQmejXDSebH2WKYuSZqLxAmsl90fxcDojJynTs6m9sO8unQrrsTHMHypU97kM_HRXmPYHSRfVYLM3bmJH_u6bi26DK0IYSL0-PvTUhMGfgZi5KTdFV3iaVqJXlHfrR7O-CciMcJoBmzm3stdCx34RR3HY9hSHHTfJ9G8mzxXA_nmYuBMx2yIujspYKZS_48tLW64K1cIyykvM4myDPhtjunoeESc43ZYJs1WoTUgdzmI0i6BUerI3o2aBS9WRxZnOXOOIcf_JsOl27zFUEvQq_tG9tWIF6_y5HIG2eAZjOQV4kVk1O1PXKxicE8ZGL3o6dq4KmJKuIrguW1rx7r797yMJVi1zq_Z9rTcpHLPKQxv7jVdg2ni9KkdL3-46f8CvNN8lGNxAUwGh_2r6AOsDSwMhMspwiviLI9lazhmC0lmH26BxO9XZOqylBMFlzgGghtOm03f5_y1EvMs00R7NwcIj1efQ-gvxGy9oZ8X8jHSN0b2bXbXNVmBEJ14F_fzh3dx35kXYAa9g9cJwcmkyF5fUlMGbP7DSgSg7_SGCO8wurqq7k7AeyAIKRjHVxpU6QUhJ-VuF0W8j6YLZCiSgOittBKeqr0rjEBHpJw9K-fyxmEUbTzBat3yx4ZGdGeqQpUE3gbkqyopqY5or-bdr5P1we_LzEpAwLV3DGFdJMz156sHkZK_ww5izcQnVtCnlUpr7edHL4PuUtcbEW8n4F07wf956iN4TDGnT0KWgan63yXM16YfOXQjQF9V4Jg6dCwfnDZoOpD5r5QxwhME6LlDOhMRxlCHsG8fRJD6zM_bmiQHT2sHyjbYIiOdUFI9hL41aTOS9j6M6cJuy_Yu2q3NHZw0B1dSfrqu4DSnfiU8pt8X45cdjKtAOrefpQcIH2XU9Ca3pqh8gKAkmROqfO8hP_Mp4YEf2VpB1B0Uhgg-Soz4FuJCBEQ-2c5EvMENQ-hQ4njCBX6250mBU3phoUQ0fjC-rySFXNKDFAXhi49B3xkWK3qULLevQ7gsOkxKsHvTIo305saeFbWOS7kjSVsCEBK5DoIH7VkD3YcDSsM8VO2RAjbAY6JMR2IBztIQ8IWZf8z0oMY_Z7_irtcvscC0OaRpkEqH9B9M7clt-qN3C8voPKFrWya58tLoLjkR5fsVh8HCZlgrMO6jHxJHjpGAAs0zE4RTs-t3fDsKffy1F99UUY6OAQXQgPJ-OfFX0ZtG2rjVwgmGKS8SaQoD_9yQmEOxQhSdkNkbwCMFD02Bjp1SOxc1YFYyKXtN-NRpvjliuR2zKTFzHaPkKljMSxrQaJF3HJEvNCpr37yXMLYL0_f5YczQ_wE4GIcCwCMlYnSqoiWLhBoYjMd_B3H7Q1OFBLS-jFHQKU92qMpNeFVZF-6NP0SU42EWCniC6NKzPikZYDVmXiN5tLjo__Z78PV5gxB8MwhHFEWslaExzJQ-S_Jn9magzj3BP2z9Wmc5bts1LeUtXFTujLJ-qYDoJoFWIsyWL9O9U-EtuotTcdRtkpmGGA9uGUIKjvMJlEnGtdNlCdYCojZEkNbFwDovhqrOD3EYcOIYZUZ5gtiBcZRLxduI6OLIc2bSpxn_93n-bNrOyg4Fy8bIrUifyExu2A_rKyOOZPRCPJ3D4cEudsSU6YXjhzG-HD62vh7jiRtE8qTwGGi_nfiiifkE4wt5IyEhIfGnNfFc8D6YHAqQUjrSd4Hrg6zqmlwEClHBUT-0shepJcP2gJQVgmk76rvSQecdaiECRto76IcVQ7W-Yn1l6PQOwRwR8m9frLd4Khd0P6WVRW-gnPW6lFtUu4FpikiJqPDNonzjJ6YmXS9K_29bpRnYY6Oda8bYbG_mFsORd1g_8Aio7IZU7HB_Ph5FFkM_8eFgyglchH57Z7NHpLKfF00Rm9x7gTG7nuq4LlIdjcz8k1EIMW85cqvCB52KVFFgANC&cid=CAQSTgDICaaNYsbNJ4YyU0CQNIdT2bDFxh1breHG0cIisdw8O2FmaKskkNpRKo_Py3dZBRzMuBBOFp2S97T6TZvBjvrQd_49SsV5d2eVHw31uBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblogs.mtdv.me%2F&ds=l&xdt=1&iif=1&cor=13195352392753814000&adk=1964084972&idt=108&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13466f86ab3487f0cf37f7027d02db70ca2ac99dee05ac0fd3f97b3a5034f67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12444
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 30E0 0
234 B 364ms
176ms Ping
image/gif 2607:f8b0:4012:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lp8t3uy1&c=6615160944884&slotId=3307580472442&qqid=CMDx9qL71YIDFe5PwgUdDUwGkA&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 76105514 Show response
unified.adsafeprotected.com/v2/1135760/ Frame 30E0 23 KB
6 KB 245ms
89ms XHR
text/xml 34.243.17.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1135760/76105514?mon=76105515&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xsid=[TIMESTAMP]&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-4005810911916944&ias_chanId=1&ias_placementId=20509697656&bidurl=https://blogs.mtdv.me/&ias_dealId=&xsId=ABAjH0gpx_CW5sRGyjEy3BvQ085E&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gpx_CW5sRGyjEy3BvQ085E&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B30857687.379597277%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0gpx_CW5sRGyjEy3BvQ085E%3BEXCHANGEID%3D1%3BSELLERID%3D1683132450869%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://blogs.mtdv.me/%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNzAwNTk5NjIyODcxCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdlVyYWVyY3Y2RnJ2ak92RW9oeU9hem94ZjhXdjRDM3MycTRVNVdvb29RNWdGQm96cGd4TXZwNWRKekxTSFNIc1ZKS1NLRUpybkE0NVE0MFE0OGFIQ1JNTldSS1VYX3VqaGYxRktjdk1NZzBIMjBGczVmY2NyODJsdEk4cDJNRnNOMVVOTHZWRmQ4cTU4YXpaaUZFWkhPN1VrZE94MUg5UEEwMDVjejZQUDNrMG9OYUVNZlRjQi1TZVJxVzVfMUl4LXdTa1M4NE9nQ3R5NVpIYU53bktvZGcyemNlYzY0THJ2VVVIdWZtRW9EWFhoSUU5YklXTzYwbjlxVTE0ZlhXYmxzM2NOSFQyTjBEc3JfZm9MWWFfaDlpYm9QTC1LQzZTT3FfeFdOYVZDWDlXbGtGb0tmQ1o4QVJFVkNZUlU3RXllaEF5T3laRjY5N3gtMzc2czhoRUVXUGxCOXJuUG1SU3dGdXdyUEVnaWVNNkd5dU1aNGdfRzVHZ2lPN2g5TFE3eElQQ0g4Xzl3RjdDQWR1RmZFNFY3aHlySHFjcXFvcWdPTTY1bklSVnd1SUdwbHB4clVDY1pIcFh4SHB3Z2xaYUVyaUhoSlYwV0drV0FPdEhKcEJXaDBrczhBU0ZNWVhQQmd5czlRcUs5Y0o3WU9TdEJTUTRCNzJWd1ZMSlQ2bHVPQWE5UlJTZzJIZzdXb25vMGFlSXJGREt4Zk1QN1pXeU1OYk9BN0FYRTNFS1p4Ym9DWkgwZTNHR1BVX0pfVTFKOGxGUi1mZ3BzemloeXIwTl9WeEwyN2szSWljQUIwTExoRmxlbTh1OGtSZTBlcVFoSHdhSzFHYy1UUmtGOGpMeGl4dWtaMktVQ0dndTE5aGpxc3A0cFAzUlgxbms3a1ZUc2g3bGhBS0dLTHVDZ2lVZFd0OTlWeExFdVRzSTZuVDhiUGtYWmgtMF9rbFhHUGtoWXFKb3ZlUFlnN1RSaF9YVDNleVFsNlJZZ2Z4T0NnUWtuTlJaSC15eE1SYUlGNGpDTllzYnlvR3JGODI4a2EyS0Y2U3hWSG1xWFA2NklFNDJyNlV1QXo3eC0xajZ5VDBtRVpQcGVmNl9zSjBSQW10M0lTZV8wZ0FBYkhFdi1TV2FUcFlyQ1UtaUlFNWNXWXhzT2ZJTXAwUkF2TGI4Slh4S1pEdlM2Y3k4MnlWbDI2YW5RUGRJeHJNU180ZC1EZGU0bEE1MUh2TzVqc0wxNlhuZ091dmlsMkhkbllLUUZZMmtrYUc3OTFtUl9QQVpUSXFpc1dFTUx0S2o4Q0xreV90emlueEN6SXNkSm5Nd3k4eG5DbHBpdjRVQ0FJMVppRUdsYTdxQzd5TUJTdG9sNVl2NEY1OVNmSjltYWY0Z2lQRXpoZzgxd2g5V3NmMHM4TS1SaVFDeHk2WEdjak1TcThqM2hqcXJ4VXExT3doN052SWFrZmJNdzBLT0FVaVVmZ1JkUE9rZkpId1NNXzhrdnI1YTE1SkEyVTJFRnAwU1FlblAwbEhxNzRYYkxiVnFOV3ZTUU1CQ1BacTlSa1ZNOEc1a1JsTndjTmtkUVpULUlHVzJkNmRuNUNRWFFYZW9rc09VOHpyN19NZDBNaVotWi1fMUlZSTNRdTFkWEp1XzdyUU9ZbzQ3OHBEbmJYUlU0Q3hlNTcxR19MUDVlWWZEVEJvUHpOcFpseWxsR3lCbHd1Ny04YS1WQks1czYyS2N5bmNqOFVSMnZaTXItM1ljc2xSUXhQZENNWnZEcmY4bDRGRkRNeG5RZFRMUE4xOTFUM01URXVKcWx2VnJ1czJFY2djc0R6Z1ZRVnU1TkhyYkJFbWpZVVRnJnNhaT1BTWZsLVlSSWZLeUNnX2RUZlZ6VHdTMlZvUkVtNVY4QXpMbHZ6Sy00M21Fbm96bVhTa0F5SkNabXFuZ25GazREV2ZnTXlFYnZnVWQ5YkhyTEJyTnFiZk5VaHlqdFdJdnFxa1k1RkROVmhaZVQ2dTFaY2NmLUtRbWgyM1gtZ2lIZ3VJSk5taDY1T0JlSE9sVnBtSWFNRFI0QTRmMTJBNHVEUjBUdVBIMGwwZ0g4T0hGb19oeUc4TlpmcTRZdHR3M3FVRXMxVDhxNEQxYmgxNXpiR3loek1aWHFCRG1UdW9hVUNOUXlBa2Z2UXVCSEdxaUN0aDdFdGhlak55Z014eHJ2U2VvS29XOXI0RGdPTWlsUDVzMndGcWpheUhjUENrZF9pRWpoTlVZUGNCLVJqT2phRVFLM2dCZjVHUjdNc29nVGVPSEFiX1VBU2RYYm1kUTEmc2lnPUNnMEFyS0pTekR0em11di04RlFfRUFFJmNyeT0xJmZic19hZWlkPVtnd19mYnNhZWlkXSZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5jaXNjby5jb20vYy9kZV9kZS9wcm9kdWN0cy9zZWN1cml0eS9maXJld2FsbHMvZ2V0LXN0YXJ0ZWQuaHRtbCUzRkNDSUQlM0RjYzAwMzA1MyUyNk9JRCUzRHRybHNjMDI3MDU0JTI2RFRJRCUzRHBkaXByZzAwMDAwMSUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D203224912%26dc_adid%3D570667618
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.17.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-17-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 57529c4658334d94196bae0b415ef948558af983cfba538a1ea42722b5474376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Id: clehehpqcfp8d9qsdfgg
Content-Length: 5891

POST
H2 204 csi
csi.gstatic.com/ Frame 30E0 0
54 B 177ms
177ms Ping
image/gif 2607:f8b0:4012:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lp8t3v20&c=6615160944884&slotId=3307580472442&qqid=CMDx9qL71YIDFe5PwgUdDUwGkA&fb=outstream-lima&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 30E0 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-5go7ynlk.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 30E0
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r5---sn-5go7ynlk.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

275ms
196ms

Fetch
video/mp4

2a00:1450:400f:8::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5go7ynlk.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06325B8BD9ABFF1FD66BEC86532A2F9C39FCC9E0.09074DAA945822658182B1CBEBB9C4EB98AB0E03/key/cms1/cms_redirect/yes/mh/06/mip/2a00:c98:2050:a007:2::6/mm/42/mn/sn-5go7ynlk/ms/onc/mt/1700599322/mv/u/mvi/5/pl/57/file/file.mp4

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

HTTP/1.1

Server

2a00:1450:400f:8::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1513496
Last-Modified: Fri, 12 Aug 2022 10:34:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 21 Nov 2023 20:47:03 GMT

Redirect headers

date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-5go7ynlk.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06325B8BD9ABFF1FD66BEC86532A2F9C39FCC9E0.09074DAA945822658182B1CBEBB9C4EB98AB0E03/key/cms1/cms_redirect/yes/mh/06/mip/2a00:c98:2050:a007:2::6/mm/42/mn/sn-5go7ynlk/ms/onc/mt/1700599322/mv/u/mvi/5/pl/57/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3A4E 23 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 305011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 08:03:32 GMT
expires: Sun, 17 Nov 2024 08:03:32 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C2A 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMGaADvkqh_DBd9XD4SnCtBFWUTe-4vmKEet3Fd5wdNvidUfSTIiXLCTU66Iid_9gj6d1y14S5WpJZ3X52nckzHIwnaqp4x-a8ohyfIura4QsfjiYAtbHcUYXocbiQP2p7nSQy7rdMFy86dsURjyFbR-nvlfPjaL5QKpRacnT0HMLa5Ao&cry=1&dbm_d=AKAmf-DUt7dHmS6ADaF1K_zhFW-KKBESQ3b9oeqeQ0uyoBVfFr0HRTn_o4NEAQKCCszLlWqGjWcI0Je532pCXssm-jp4jcBTxEkb9jGia9J3U_UFNGv4xQ3cjB21AUvDHHuBT2w_e7lzEpUpILSbYoOx1xZQ8T_RMr_tKXuGtS-deGYBoTQErwFQDUcORdAGLlyroYNSv89KNy-Oya1UPZ-8LYU_8lBUrojnoYFj612_AlUxHaWNkxbXReiR0Rsm7ol75_NvwM5GUr7IQyAcqzMSwd_1_-NfXhcP2Aefvj3o5fr11fZ2WABPakkYEt128ZDZ8Ou5hh2uJtINZq2fRMMtOXiqr7drz7A9Lzax_S9uddYhSqLGLuAfZnspwvD8S8ic0INkzXKEGLGdjyvRCxsurVyPVOloggrzUQ8fdGDPJZ24fIhbSYP6HxzVebvH2dJT5yGwrA19j9sE9HedS25HsYGnrkljY_EnBr4tEsfcmuq5hKCdgn-yG3YD0UPIl88iG85yZWEkm99DREJlsQ3InydjWuXJgWq2Flj99GK6kfOEJ9HZItG68htZZsiSA5bV6UPGjNE7sfAPaVliD0n9C0Sf8aT_awXeh0eh9eAAkVG0zFPSH733PNI-deJUfrXIPpaUOQQMjZeQpwijmG410gLgLFx5e4KTlIMZnRxKz0pp1AfqNfKHG2X88tOBbC3yyLI7ToeCRuVqhMWCg-iv_SaIiK-tAgox438E5Cz6mhrg14YMsVUipVCFw20ESTWvq4kwx0y8gQzVHBL5bYdlljtV-qbcZ0eOAy8CPUBYf8BEDj9-vCEyH3oLZ6cfVgpLCAayQ5hkgy9p4Ry5DSm8f3le28ZEW4dnxRaVCcNskveHCN0OKQoElfok98YpYEYkJQk55bwr8xY5S-okERyUliXBnNMTSgEX-edJbhoGnqDmyhcf9kbSaQFzodrhtXzsEMHiBw_sAYRIPtto2cIlB4P-uV_iC_Cueq2KEgDPvEnw_rwNk9EbA2BArISoiOSg4BaPJ04bHi_GHnhzlhueEm8IYpcZB7sS1Cep49zxRBDsncQmejXDSebH2WKYuSZqLxAmsl90fxcDojJynTs6m9sO8unQrrsTHMHypU97kM_HRXmPYHSRfVYLM3bmJH_u6bi26DK0IYSL0-PvTUhMGfgZi5KTdFV3iaVqJXlHfrR7O-CciMcJoBmzm3stdCx34RR3HY9hSHHTfJ9G8mzxXA_nmYuBMx2yIujspYKZS_48tLW64K1cIyykvM4myDPhtjunoeESc43ZYJs1WoTUgdzmI0i6BUerI3o2aBS9WRxZnOXOOIcf_JsOl27zFUEvQq_tG9tWIF6_y5HIG2eAZjOQV4kVk1O1PXKxicE8ZGL3o6dq4KmJKuIrguW1rx7r797yMJVi1zq_Z9rTcpHLPKQxv7jVdg2ni9KkdL3-46f8CvNN8lGNxAUwGh_2r6AOsDSwMhMspwiviLI9lazhmC0lmH26BxO9XZOqylBMFlzgGghtOm03f5_y1EvMs00R7NwcIj1efQ-gvxGy9oZ8X8jHSN0b2bXbXNVmBEJ14F_fzh3dx35kXYAa9g9cJwcmkyF5fUlMGbP7DSgSg7_SGCO8wurqq7k7AeyAIKRjHVxpU6QUhJ-VuF0W8j6YLZCiSgOittBKeqr0rjEBHpJw9K-fyxmEUbTzBat3yx4ZGdGeqQpUE3gbkqyopqY5or-bdr5P1we_LzEpAwLV3DGFdJMz156sHkZK_ww5izcQnVtCnlUpr7edHL4PuUtcbEW8n4F07wf956iN4TDGnT0KWgan63yXM16YfOXQjQF9V4Jg6dCwfnDZoOpD5r5QxwhME6LlDOhMRxlCHsG8fRJD6zM_bmiQHT2sHyjbYIiOdUFI9hL41aTOS9j6M6cJuy_Yu2q3NHZw0B1dSfrqu4DSnfiU8pt8X45cdjKtAOrefpQcIH2XU9Ca3pqh8gKAkmROqfO8hP_Mp4YEf2VpB1B0Uhgg-Soz4FuJCBEQ-2c5EvMENQ-hQ4njCBX6250mBU3phoUQ0fjC-rySFXNKDFAXhi49B3xkWK3qULLevQ7gsOkxKsHvTIo305saeFbWOS7kjSVsCEBK5DoIH7VkD3YcDSsM8VO2RAjbAY6JMR2IBztIQ8IWZf8z0oMY_Z7_irtcvscC0OaRpkEqH9B9M7clt-qN3C8voPKFrWya58tLoLjkR5fsVh8HCZlgrMO6jHxJHjpGAAs0zE4RTs-t3fDsKffy1F99UUY6OAQXQgPJ-OfFX0ZtG2rjVwgmGKS8SaQoD_9yQmEOxQhSdkNkbwCMFD02Bjp1SOxc1YFYyKXtN-NRpvjliuR2zKTFzHaPkKljMSxrQaJF3HJEvNCpr37yXMLYL0_f5YczQ_wE4GIcCwCMlYnSqoiWLhBoYjMd_B3H7Q1OFBLS-jFHQKU92qMpNeFVZF-6NP0SU42EWCniC6NKzPikZYDVmXiN5tLjo__Z78PV5gxB8MwhHFEWslaExzJQ-S_Jn9magzj3BP2z9Wmc5bts1LeUtXFTujLJ-qYDoJoFWIsyWL9O9U-EtuotTcdRtkpmGGA9uGUIKjvMJlEnGtdNlCdYCojZEkNbFwDovhqrOD3EYcOIYZUZ5gtiBcZRLxduI6OLIc2bSpxn_93n-bNrOyg4Fy8bIrUifyExu2A_rKyOOZPRCPJ3D4cEudsSU6YXjhzG-HD62vh7jiRtE8qTwGGi_nfiiifkE4wt5IyEhIfGnNfFc8D6YHAqQUjrSd4Hrg6zqmlwEClHBUT-0shepJcP2gJQVgmk76rvSQecdaiECRto76IcVQ7W-Yn1l6PQOwRwR8m9frLd4Khd0P6WVRW-gnPW6lFtUu4FpikiJqPDNonzjJ6YmXS9K_29bpRnYY6Oda8bYbG_mFsORd1g_8Aio7IZU7HB_Ph5FFkM_8eFgyglchH57Z7NHpLKfF00Rm9x7gTG7nuq4LlIdjcz8k1EIMW85cqvCB52KVFFgANC&cid=CAQSTgDICaaNYsbNJ4YyU0CQNIdT2bDFxh1breHG0cIisdw8O2FmaKskkNpRKo_Py3dZBRzMuBBOFp2S97T6TZvBjvrQd_49SsV5d2eVHw31uBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblogs.mtdv.me%2F&ds=l&xdt=1&iif=1&cor=13195352392753814000&adk=1964084972&idt=108&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A4E 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 1C2A
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-AYA4fOZJ5coeJjqYHsiA50UEa8ZGZbC-QwGyX7fIsjLjJp8ruYpG-...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-AYA4fOZJ5coeJjqYHsiA50UEa8ZGZbC-QwGyX7fIsjLjJp8ruYpG-uhA8y35JyS1p36aMVRE4HFUgRe...

73 KB
25 KB

56ms
55ms

Script
text/javascript

64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-AYA4fOZJ5coeJjqYHsiA50UEa8ZGZbC-QwGyX7fIsjLjJp8ruYpG-uhA8y35JyS1p36aMVRE4HFUgRe3m1g97JpBzSatDC434QNexiwWDE8b_g1HKKxgoVqEWJ06q8R3V7CXWqf2dEF67AQ3Fca8aDeoVJzj0PGFY8onJ8eM5c4pFRjxUSuRUAoCZ_4LtW7NFglNVNWVwh6zWAaeKQkV1eJOj3IcF31z3Rk7O83MHieUXLQkbpiSVtGO8gt0YUcXMdXQvKApLP4Ay4cTbiD9BrN6iPo-SER6SJbF-bumjNy6naUGzoY-byyRmZHKit396FocELehPUfcuhp1QF1Vy37BwnueccsF9HwemJELPu8JJRHQElKdkoeYfdVCnAQoM_csPwbfJ94JryRqrvDPFPT6qXS8KD1Xf7_Su-YHsW2M_HM7kDrZAfIqDsjQAxfq5ZLaFnEz0iKYtzId3Eo8WvqoPYy4dIjgbxfziFDv84mki4PSzEakfK5g0yTXF2D_U4tlmhLp348Pd9dHvzBUaGC1XuoYbVyEfvS4vEK47sBKxuj4MOxcK1FYIzg5PbsnyiE_bWx8r8YqGI9Ih7f8q8W2aVFLxMdjjxe5ySTkuxZIxYKWYyZRPJsY7FeY3AqH94DGbd31F5lELwLG4MLQAx7B_2FiFmrDrXAIoCfxk0Jxki4wKs_c5HvU0LS5yaG5LKxVzWBUCCXy-NODdShYF4EMnTHQaaS92x8ooflyXNY0vI78UvfoAyO4CAkG7Gb7izjBBK-F5HvOx4NJ0oeRSCa3T3w09mvADWlUDoEvSC_mJtfj5nwEWgEzqEK1PSXimm8AS37YoOi9sXrSmyxNHlIJRR2O80Up4l6b8rvFfuEQ9aIXNmM_TBgv2DRlY9kmk-mgywScWD5cxKE8mS6TyA_AimmQhPvQ5KFXCWo6dxP_cIthJ-CHHANaJ0YSC8qgQznhJMpxaUlAeQaXmzjqP2rHpzTYsFAf6WK3gSGqjtVKJA5sX3jGSA2xfXdrzj-gfyoOIuofYtYd_DNA5rKychQDtB9Zpss7lndh0ncBoSJBVAzXNJiih5zKt8nOylogoFz1rbyopIaraOlPpHAntUswQlAuH-UH2tEj2qS3L5t6kGbOan-rmQmmuxx_5CaCW3rcQc2xc6FkGcwOBHbgwtrZvfsuTbtICyadVrSnosOSTQZyFrifS0_ApwawNGgPhloSdfv1nBozSCfh9eEax6vMaH2GWTlpwusoqLn-xdqhYL1NR-yNe_QMt016IaWVzoUODtI6fm7zR3vzy1nKqtyJM43LBoVnHoz1YWHKZL_cEOg0jsp3FCVtQtC2az0-f51VPH3XyNf8JDlbD5qMBbKz3ZcO62aOmvhVXJfrGisnR2hIPpks333xtsbyQkMFQx1izh1gVMsodzWE0DJb0V_fSBZ4SNuc7facXO9JxeU8gqe-WtwiEd_gOYXy_1rnTHlnes4SkR_v0jPlgLMi_5NCX8c9dIVUs383jo2Iw4szpEEV9jdtw69qjVrtCCVK9TsDsG_EYGAL9DT7F4uCrb_hC2hFGbVXFLQ2ZR4zlohYBMV7RfRIZllaqBFuz1_O29YLd0yUVbrZ_hpOv9a8ugRwef-1wjq8KFeghb6reOsE8zqG_HaBQR9-nfCU4NE4C35auPi5MDdpsxu4CZGkcKtUt_Z-i14D6weQB7gLgOU08e9LUX_IQypIBt82T6OCJlq_-iUoEHL7j7SIQm_N37E3pDGxAzFhMRQS-s4Bf7Vj0E9dRu3gJgGw1QcGdaHbfxp_OEaxvXsmeqgxK2Ez4hw84gwetgcTnryqbBqzUo9GBTZtA14x9TTKyZF-rCDHZBxtsp3BT-Hql5Pj0KnlWbFVVUGkhEmfC9K4bJXBm2e8hPXcfFJHc_Sv6aatBCqAPE261U-x05kEkDxXR7k81emzbKDjQdz9ib0C2f89e9Rq8fqljuICeKxLwosaGHbBXDOiDgg6KNVQk1t8wgeQKlpg9Kgt-EB7oXRl1nc-syRZ0i2o15zqH0-qKpRhJ_oCv4aQGPPlQ7Ro7aezmdgK_TqMdx5xz_vGuA1z_CojJC9xJg4K9JIM93Fyj63593nWM5EFKzB81OkTMu1FX56FV77P_w5NdUnMLHB-ojZTT9djMr2cTLO0iyWIaonkbU95fz5WehaHF_Pq7gfDJT7X9Og0GjMi2F1BVQVcJhTVO7XgMgzI-IT3KbMwTYuu2pn3NT_-iOgC1ZMTN7vefHaMp40OCZjQ4rNz8meG43QM4ut1MhaIqvnv_KIt8IaDkMqb1k5BTaciL3ABKJzXjNE2jSHXbNDQ_e1u59wG7p-BNiHPyyuE9MF5IhcHuX-zGwQURnnHyN0eZnD3tMDGOEbVO2Cz_er_8U3OFXfOd3fkUiVJorQzDUCzOKdnmwvYOCZeICWpmdKEpMHpF33loy7G1RCiVb34iB5sogDipXB2VQpqK049GyGEQ2i9PuKWJCKBTAY5yhKDSkAJUcaqwq0T1epUgv9Uc894jppZNdR_Oo7WdCGUYAshRLMS67aaWpz1VbuDYsOCnlMLTBZhY-Zffl1fspeU2j4AG6IQcgDAGaQxoq3jsuGpSKBEkaWOvYTJdWFYvZ0Cg_ZOBeg13Fv7OiLcYjYYk25FJUuJjyYIec0NdtmsnSlJ4sPLFL5XAdQb6huguxiIYPr5kc9cvJ3gy6r9ZSr1OhwUDPKmDgU7lRxRju0yQruSPP1kL2qBbVjv5BA3F80q34aOLfKeiuvcpa3OksYg8xIEXxyxR92sw00w1_VXIE-4hViGbRh_so-c1825EUGxBzFeW5LWBnrdH4aInhjWHnMFDtjqcoJR5uJkSPviF6glSc0RwRHXlJ3pbplOc5z2kaTHOI5TF0HcP-pGtT0avu4Mq6PaJaL3LKnUIGPXP-SciZnzfBYbDuI_Uh-l8fSYm5lAXqCDE165UpDKFS7R3Twb37CgbHvLZphe2lrA7jp9ca6QX1in5B3MTGps3Pwus5e8naylVPsqFTaPHm5kRZjdB1j0LA2V7hVDaQEo9koXYAJDz82RDXcbMjJ8_oEdsJbKdsvuU1npqvWJso6i20Aawqpbi8dDcV6fqAKbrU7LundZwnFJd53tz4HNb1JP1y-soqL-T7YXi2bX1jr52K9S6w09rAwG5fihF3_zMcp9D9r6XuJACdr9CdsIlym_PHKrgzT6SGZG6eU8kmsgzz9QBy3Hwcq5BNjKWL_1_yZI6LN0d0hJk712Tu7mws5dkSeHR-ES2w4px-zgiBFgFuey7TEcfwMIUrQIwzMJOMAJD2hLr7XmovjeNh__LvrGpQd2SbRyFGss_J-HlJKlbqfX1zlycL1Q6enO5PKrufj7SQvyTFbppvgxuZKQ8IducMCA5pWRY84InB0IiYEd8L2ww4YZc4PZf5ANTUJ2jT9KisFeeY3oxQllWXAp5xvKsHZLx1lbD7GnKlCHLkHFaBNbQuJTLSK3NoixxdG6ZSmJiDs5wGdIonih3eaSmbeW0c0ce3l9QlreVJiPuSCPgJ6ySiQSeC5nFqkKoAjxLK1PACToLyxFHOh4pgAboIpx3PNqEMikJn7D9pfb6ISkgfWrKVXQf8-Tbi6F-rmnb4ephFKO7FTwHNdmMzJKzBWRh-gTvzRJPIQCtq8N7I3d3918mv098s_OwaUOMI_BZy4Ufop7tQ9TR_iLrkdX-T4Aye220_av4hsjqGIp6pkOGkGzecT2IVXqTn2lG5OHEZrLb85HAVigW092cjnnHC8Pv5QwIqgK3V8NaKOV3qcNd4Uc63a_mRj0-5Ae1_ihTBv8e4w3EE1Ol4O0kaVAgEEk4AyAmmjWLGzSeGMlNAkDSHU9mwxcYdW63hxtHCIrHcPDthZmirJJDaUSqPz8t3WQUczLgQThadkve0-k2bwY760Hf-PUrFeXdnlR8N9bgYAWAB&bundleId=&ias_xappb=

Requested by

Protocol

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

6964fb11364c191afbf79e9be26fc463cbdceb490b97e48d7a3d0ef4f494f71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25591
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-AYA4fOZJ5coeJjqYHsiA50UEa8ZGZbC-QwGyX7fIsjLjJp8ruYpG-uhA8y35JyS1p36aMVRE4HFUgRe3m1g97JpBzSatDC434QNexiwWDE8b_g1HKKxgoVqEWJ06q8R3V7CXWqf2dEF67AQ3Fca8aDeoVJzj0PGFY8onJ8eM5c4pFRjxUSuRUAoCZ_4LtW7NFglNVNWVwh6zWAaeKQkV1eJOj3IcF31z3Rk7O83MHieUXLQkbpiSVtGO8gt0YUcXMdXQvKApLP4Ay4cTbiD9BrN6iPo-SER6SJbF-bumjNy6naUGzoY-byyRmZHKit396FocELehPUfcuhp1QF1Vy37BwnueccsF9HwemJELPu8JJRHQElKdkoeYfdVCnAQoM_csPwbfJ94JryRqrvDPFPT6qXS8KD1Xf7_Su-YHsW2M_HM7kDrZAfIqDsjQAxfq5ZLaFnEz0iKYtzId3Eo8WvqoPYy4dIjgbxfziFDv84mki4PSzEakfK5g0yTXF2D_U4tlmhLp348Pd9dHvzBUaGC1XuoYbVyEfvS4vEK47sBKxuj4MOxcK1FYIzg5PbsnyiE_bWx8r8YqGI9Ih7f8q8W2aVFLxMdjjxe5ySTkuxZIxYKWYyZRPJsY7FeY3AqH94DGbd31F5lELwLG4MLQAx7B_2FiFmrDrXAIoCfxk0Jxki4wKs_c5HvU0LS5yaG5LKxVzWBUCCXy-NODdShYF4EMnTHQaaS92x8ooflyXNY0vI78UvfoAyO4CAkG7Gb7izjBBK-F5HvOx4NJ0oeRSCa3T3w09mvADWlUDoEvSC_mJtfj5nwEWgEzqEK1PSXimm8AS37YoOi9sXrSmyxNHlIJRR2O80Up4l6b8rvFfuEQ9aIXNmM_TBgv2DRlY9kmk-mgywScWD5cxKE8mS6TyA_AimmQhPvQ5KFXCWo6dxP_cIthJ-CHHANaJ0YSC8qgQznhJMpxaUlAeQaXmzjqP2rHpzTYsFAf6WK3gSGqjtVKJA5sX3jGSA2xfXdrzj-gfyoOIuofYtYd_DNA5rKychQDtB9Zpss7lndh0ncBoSJBVAzXNJiih5zKt8nOylogoFz1rbyopIaraOlPpHAntUswQlAuH-UH2tEj2qS3L5t6kGbOan-rmQmmuxx_5CaCW3rcQc2xc6FkGcwOBHbgwtrZvfsuTbtICyadVrSnosOSTQZyFrifS0_ApwawNGgPhloSdfv1nBozSCfh9eEax6vMaH2GWTlpwusoqLn-xdqhYL1NR-yNe_QMt016IaWVzoUODtI6fm7zR3vzy1nKqtyJM43LBoVnHoz1YWHKZL_cEOg0jsp3FCVtQtC2az0-f51VPH3XyNf8JDlbD5qMBbKz3ZcO62aOmvhVXJfrGisnR2hIPpks333xtsbyQkMFQx1izh1gVMsodzWE0DJb0V_fSBZ4SNuc7facXO9JxeU8gqe-WtwiEd_gOYXy_1rnTHlnes4SkR_v0jPlgLMi_5NCX8c9dIVUs383jo2Iw4szpEEV9jdtw69qjVrtCCVK9TsDsG_EYGAL9DT7F4uCrb_hC2hFGbVXFLQ2ZR4zlohYBMV7RfRIZllaqBFuz1_O29YLd0yUVbrZ_hpOv9a8ugRwef-1wjq8KFeghb6reOsE8zqG_HaBQR9-nfCU4NE4C35auPi5MDdpsxu4CZGkcKtUt_Z-i14D6weQB7gLgOU08e9LUX_IQypIBt82T6OCJlq_-iUoEHL7j7SIQm_N37E3pDGxAzFhMRQS-s4Bf7Vj0E9dRu3gJgGw1QcGdaHbfxp_OEaxvXsmeqgxK2Ez4hw84gwetgcTnryqbBqzUo9GBTZtA14x9TTKyZF-rCDHZBxtsp3BT-Hql5Pj0KnlWbFVVUGkhEmfC9K4bJXBm2e8hPXcfFJHc_Sv6aatBCqAPE261U-x05kEkDxXR7k81emzbKDjQdz9ib0C2f89e9Rq8fqljuICeKxLwosaGHbBXDOiDgg6KNVQk1t8wgeQKlpg9Kgt-EB7oXRl1nc-syRZ0i2o15zqH0-qKpRhJ_oCv4aQGPPlQ7Ro7aezmdgK_TqMdx5xz_vGuA1z_CojJC9xJg4K9JIM93Fyj63593nWM5EFKzB81OkTMu1FX56FV77P_w5NdUnMLHB-ojZTT9djMr2cTLO0iyWIaonkbU95fz5WehaHF_Pq7gfDJT7X9Og0GjMi2F1BVQVcJhTVO7XgMgzI-IT3KbMwTYuu2pn3NT_-iOgC1ZMTN7vefHaMp40OCZjQ4rNz8meG43QM4ut1MhaIqvnv_KIt8IaDkMqb1k5BTaciL3ABKJzXjNE2jSHXbNDQ_e1u59wG7p-BNiHPyyuE9MF5IhcHuX-zGwQURnnHyN0eZnD3tMDGOEbVO2Cz_er_8U3OFXfOd3fkUiVJorQzDUCzOKdnmwvYOCZeICWpmdKEpMHpF33loy7G1RCiVb34iB5sogDipXB2VQpqK049GyGEQ2i9PuKWJCKBTAY5yhKDSkAJUcaqwq0T1epUgv9Uc894jppZNdR_Oo7WdCGUYAshRLMS67aaWpz1VbuDYsOCnlMLTBZhY-Zffl1fspeU2j4AG6IQcgDAGaQxoq3jsuGpSKBEkaWOvYTJdWFYvZ0Cg_ZOBeg13Fv7OiLcYjYYk25FJUuJjyYIec0NdtmsnSlJ4sPLFL5XAdQb6huguxiIYPr5kc9cvJ3gy6r9ZSr1OhwUDPKmDgU7lRxRju0yQruSPP1kL2qBbVjv5BA3F80q34aOLfKeiuvcpa3OksYg8xIEXxyxR92sw00w1_VXIE-4hViGbRh_so-c1825EUGxBzFeW5LWBnrdH4aInhjWHnMFDtjqcoJR5uJkSPviF6glSc0RwRHXlJ3pbplOc5z2kaTHOI5TF0HcP-pGtT0avu4Mq6PaJaL3LKnUIGPXP-SciZnzfBYbDuI_Uh-l8fSYm5lAXqCDE165UpDKFS7R3Twb37CgbHvLZphe2lrA7jp9ca6QX1in5B3MTGps3Pwus5e8naylVPsqFTaPHm5kRZjdB1j0LA2V7hVDaQEo9koXYAJDz82RDXcbMjJ8_oEdsJbKdsvuU1npqvWJso6i20Aawqpbi8dDcV6fqAKbrU7LundZwnFJd53tz4HNb1JP1y-soqL-T7YXi2bX1jr52K9S6w09rAwG5fihF3_zMcp9D9r6XuJACdr9CdsIlym_PHKrgzT6SGZG6eU8kmsgzz9QBy3Hwcq5BNjKWL_1_yZI6LN0d0hJk712Tu7mws5dkSeHR-ES2w4px-zgiBFgFuey7TEcfwMIUrQIwzMJOMAJD2hLr7XmovjeNh__LvrGpQd2SbRyFGss_J-HlJKlbqfX1zlycL1Q6enO5PKrufj7SQvyTFbppvgxuZKQ8IducMCA5pWRY84InB0IiYEd8L2ww4YZc4PZf5ANTUJ2jT9KisFeeY3oxQllWXAp5xvKsHZLx1lbD7GnKlCHLkHFaBNbQuJTLSK3NoixxdG6ZSmJiDs5wGdIonih3eaSmbeW0c0ce3l9QlreVJiPuSCPgJ6ySiQSeC5nFqkKoAjxLK1PACToLyxFHOh4pgAboIpx3PNqEMikJn7D9pfb6ISkgfWrKVXQf8-Tbi6F-rmnb4ephFKO7FTwHNdmMzJKzBWRh-gTvzRJPIQCtq8N7I3d3918mv098s_OwaUOMI_BZy4Ufop7tQ9TR_iLrkdX-T4Aye220_av4hsjqGIp6pkOGkGzecT2IVXqTn2lG5OHEZrLb85HAVigW092cjnnHC8Pv5QwIqgK3V8NaKOV3qcNd4Uc63a_mRj0-5Ae1_ihTBv8e4w3EE1Ol4O0kaVAgEEk4AyAmmjWLGzSeGMlNAkDSHU9mwxcYdW63hxtHCIrHcPDthZmirJJDaUSqPz8t3WQUczLgQThadkve0-k2bwY760Hf-PUrFeXdnlR8N9bgYAWAB&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9C7B 91 KB
23 KB 67ms
15ms Script
application/javascript 2600:9000:20ab:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 7389595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ih8M67YOv7thkTEOq-uMrS89mpwBCNvfWXap1CozjnVqMQDaKnLp7A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C2A 43 B
215 B 582ms
183ms Image
image/gif 2600:1f13:800:7782:5b33:517d:a638:6eba
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=5d06d6a2-8ce3-e065-12e9-f361a48e6ea0&tv=%7Bc:uDNlCF,pingTime:-3,time:41,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWhoI4U+11%7C12%7C13%7C14%7C15*.1474271-76103297%7C151%7C16%7C17%7C1811%7C1812,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:5b33:517d:a638:6eba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C2A 43 B
216 B 573ms
181ms Image
image/gif 2600:1f13:800:7782:5b33:517d:a638:6eba
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=5d06d6a2-8ce3-e065-12e9-f361a48e6ea0&tv=%7Bc:uDNlCM,pingTime:-6,time:48,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWhoI4U+11%7C12%7C13%7C14%7C15*.1474271-76103297%7C151%7C16%7C17%7C1811%7C1812,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&tpiLookup=ao:blogs.mtdv.me*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:5b33:517d:a638:6eba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: nginx
x-server-name: dt34.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F05F 624 B
242 B 57ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNWJWK1tJoRCanFZ2l19OmdBUw6vasRJ0Q4M-rlyxfRRQlXDvcfoQYWdW26-Sq1GYz9z-h3uLsLPiwvmd3F1SDe-A60ZAmO6Vg5RRgzyIvKjqcXIbQyaVsuc7w7OqzXiUWNn1Oz7Xcmb2QnQ70ImpGl2gs-S9Rc7vyLt9pjf2Z2MnmOhriE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:47:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3DF8 89 KB
31 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:47:03 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 3DF8 2 KB
1 KB 117ms
14ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6387941&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jdPZmYG0lecj3DOqtFqCmf&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&turl=https://blogs.mtdv.me/&DVP_PP_BUNDLE_ID=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:24 GMT
Server: UploadServer
ETag: "ecfd819e1e247598f4ed0f18c70f6f53"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 22 Nov 2023 20:47:03 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 3DF8 9 KB
4 KB 118ms
14ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jdPZmYG0lecj3DOqtFqCmf&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&turl=https://blogs.mtdv.me/&DVP_PP_BUNDLE_ID=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 11:58:00 GMT
Server: UploadServer
ETag: "7016a8d85509bc72e9b0db848677035f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Tue, 21 Nov 2023 21:02:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3DF8 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3DF8 20 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3DF8 0
0 62ms
22ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6d0mVb7AhDW9GpT0_IydLXREVq-N9skDGjMW38AT67R5EgVCx7C6OW5jvxnMmsx2vmctOr81wqfRE4YXHL7r_WVhIPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DF8 202 KB
64 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:47:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF8 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKVOKbdaEZ3EPZGSKr4d9zxGVVBqnbnNIqKwd8kqpwrZlEEvdXD-vZiSTMETqBDqIDCV7viMI6uIcJza8SP940Et1NeCdeeJPhxn-p7hXrEocaeRg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF8 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8529809377752921759&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C2A 43 B
215 B 562ms
182ms Image
image/gif 2600:1f13:800:7782:5b33:517d:a638:6eba
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=5d06d6a2-8ce3-e065-12e9-f361a48e6ea0&tv=%7Bc:uDNlD0,pingTime:-2,time:62,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1516,beZ:1517,mfA:1520,cmA:1521,inA:1521,inZ:1524,prA:1524,prZ:1527,si:1533,poA:1534,poZ:1555,cmZ:1555,mfZ:1555,loA:1564,loZ:1566,ltA:1578,ltZ:1578%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:62,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWhoI4U+11%7C12%7C13%7C14%7C15*.1474271-76103297%7C151%7C16%7C17%7C1811%7C1812,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:17,sinceFw:43,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:5b33:517d:a638:6eba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 646A 38 KB
13 KB 18ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 258438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 646A 39 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F05F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLSyN8dlbfPV2o_8Ejm9Lk&google_cver=1

43 B
731 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLSyN8dlbfPV2o_8Ejm9Lk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNWJWK1tJoRCanFZ2l19OmdBUw6vasRJ0Q4M-rlyxfRRQlXDvcfoQYWdW26-Sq1GYz9z-h3uLsLPiwvmd3F1SDe-A60ZAmO6Vg5RRgzyIvKjqcXIbQyaVsuc7w7OqzXiUWNn1Oz7Xcmb2QnQ70ImpGl2gs-S9Rc7vyLt9pjf2Z2MnmOhriE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd67fAWkSnVsNu1AWutCyFq1X%2F6CYQ6y0IrgTmb1aPHgRiWQnrFm8spaB8evPIzWPfHB5aAt0w%2BR7B7hnHkr0IgV8L81Qh7pnQsrVk4Thd1uXxPKIypSrtQZg6jdSLeil7XZgNohyT5aAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bc91e1a6f9214-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLSyN8dlbfPV2o_8Ejm9Lk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F05F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV0XRn8Y.lY2VIOvvUExywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLSyN8dlbfPV2o_8Ejm9Lk&google_cver=1&google_hm=2

43 B
734 B

22ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLSyN8dlbfPV2o_8Ejm9Lk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNWJWK1tJoRCanFZ2l19OmdBUw6vasRJ0Q4M-rlyxfRRQlXDvcfoQYWdW26-Sq1GYz9z-h3uLsLPiwvmd3F1SDe-A60ZAmO6Vg5RRgzyIvKjqcXIbQyaVsuc7w7OqzXiUWNn1Oz7Xcmb2QnQ70ImpGl2gs-S9Rc7vyLt9pjf2Z2MnmOhriE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZazlsdgR4Egv0FoUIayHLgWkYaXUa9TU5bE%2B60Babq5RVEPkxF2A1sLM09d0edDIb65LvuDYvgZbbknfk6uBXg%2B3uvxcQODEbOiHjP4yJx3rZXdTMcv9w5QcKobClpKvne1TelBO%2Bvn%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bc91e4a889214-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLSyN8dlbfPV2o_8Ejm9Lk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F05F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENHHLQKigk09pUMTIU2jaCM&google_cver=1

43 B
840 B

14ms
13ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENHHLQKigk09pUMTIU2jaCM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNWJWK1tJoRCanFZ2l19OmdBUw6vasRJ0Q4M-rlyxfRRQlXDvcfoQYWdW26-Sq1GYz9z-h3uLsLPiwvmd3F1SDe-A60ZAmO6Vg5RRgzyIvKjqcXIbQyaVsuc7w7OqzXiUWNn1Oz7Xcmb2QnQ70ImpGl2gs-S9Rc7vyLt9pjf2Z2MnmOhriE

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
an-x-request-uuid: 66398c9f-06da-4643-82e2-6f24a1465895
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENHHLQKigk09pUMTIU2jaCM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F05F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU4NDM5NTM2MjAwNDI3MzMzNw%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU4NDM5NTM2MjAwNDI3MzMzNw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
an-x-request-uuid: 35dbac16-a51d-43eb-9b59-065589cf8299
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU4NDM5NTM2MjAwNDI3MzMzNw%3D%3D
x-proxy-origin: 178.162.209.131; 178.162.209.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF8 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7740598612609&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF8 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7740598612609&version=m202309260101&ct=77&x=1&cor=8529809377752922000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3DF8 20 KB
13 KB 319ms
319ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYKB1e1XFIklTHGrd2xEHaE6_ANlK8UDSPW4Mgtg2Kg1O0i-1D0DlNLKooQxWxsw9arodVGF3KoTGMRMfk2ZkPgVqoI1ZQP6UzF01XNYiQlYjk83dlShKhbBQzQu-jcPeJx66P4bIZzVqTnZV8QkxGCSWWkBdn2tqJIAOweHS38VhaApo&cry=1&dbm_d=AKAmf-CwnSgRGCECP6em-wFyaf57iBC9uaHFCnu7ED4Q8HkYgejyJLqNcnPVJWDGFvyQ8Q2qy30nW3o7P55qvm-2FNbPCGYeUh8SfBGZaWrzvk2C53-NPpDjICzwKL33lZsDtgHBIl7FQ7KgneRUPztQ-smq8Aqbmw-ifvqPdEPHJH-RoT8ZaaWHjfVONmCSrDvA_9c5V6Vxcs0bspqF6dyTLTL4EDYDhJzKs1k8RScpLnTgaqGXfj8YRqZhEkUeEeJ0lRQKzG_sQKjzdNdCu2jahwYFMeA_om9YpQG8AL5KGmRMiY13KSr0lDh7ry0LD4fdgQNTzY2xCBRbkFuFvtQxJeLoa8aifh1qGriFYui4g4Yn1aQNEUR0PRM6NCm-xPEoE-4vh4CWViLl1gFl8JJqixMXLfLII8l0Ody9vsupsaP1NUVA70J1JKyZ4LxmwpQ_SAqALUG7X3JHYC40GJjwsm2Gbch7hYcuofeqNQpMe-dlU9ojeLp9qc26orOSbyhQkKijwvwn8WUNZJYldSUepgnmon23A4px-UuZEgNKVpbhW5clwpsFjUfyjXPeBNpAmxNoEVg5dyY7GROf7ThOEIN1kAhHVB1wtW4Ll-RCk608LcOsQr9m0GS21G5FtnHZpRmJSXy0dd_QuzV-Tq24gCcGijnxAk1qZU6uAh9XPhFA7462AsDHMAiJbd0xHoFIQFQbPoRjYZTIT2HMhjKaxT0IpS1ERWQsxVZEQ6G0kt0Cpv_ZoCMnQ_Ky-OssIUcuslOIwylZn16lxC4GuQs9ogXVqIo7NwBaCTUOePlQrkeoESOnt-jh-Q1R0bvGVx4xrIpW84BqwCGXw24wZTqeAMAf93t3QBxCdHVewP4nEE0Hn0DQI06VUro71BO6MbNlLVhkU1XnpQkIdjzEZf0XxWKTcXmrYEnkx3xvnfX2FVMYXotpb0l6AUW8qbdOXdRJnIy-BDRtRXmambqUdc_md18jgHYAApufiBxoYC6Kw2SqQR8nW0SmUIEebLlLsZPorRayZ7IZIk0cZmD1ambrYFyU3hiThwopkPFUysRJ4CtpmU2jsgw8SzhG4vT_bxU6ELW2DTgMVakjqdItT9U0M2j6FZxgursVVDcN4ne5M161DOdX8Wx5CJ8Sbkru-xC2C3StkY-o9alZt5y8A79h9p84wi9MHR9irnYOBPae_-wyxbFcmIKqAqcfhyCxFjdsog6TDzc9SyNmzslz31V9QM_C-jDhlxGYHXqGvGaCaLQf_lRryoInCYauFFIX6-JPIYCfgqttHqsBuFpLBBgEaH__hp76Zu6PIt1Pjo2Uk0ANhLMIOLFGzccSf22stLp_KFHm8FDhtvXXf4Lytz_GBgtWT7zPNvgi8ZU3MeVktOvQmRijuokG8EiAHI2Vc8RLAxt_nK4BDLOW15o-ByGeTh_Jk6fF6PCGLsUktvwzyuSg7c6DPGY1Yp4H5rshwE-3ib0lYHNJZoBxv-56JS-AlZjF8kj_TYlyzU3kffFH-W2JQNFZSY_UDVpJofMDnRIRnINKvTGc0gleF7GnUKz6u6QKCnATKMZEH8-GapoNAAdHVw01SV3KLHCcPdDs1UCx1NCraEIUYzG51QdBsdEg947li_MYuNufaXIdN13qiPTU2v8dqOYocXYLw3s6EoGMzlcAjxCY9IxIMI4G6m8-OqhK3h3Ovsm6KGUXI6Px7DOORuhzOgDBibDq2XrBI67Op7qNtMa_pB6fxeq4hJcFocDmwrXOJ1HpEn1O-uhsllqWSToVSLo7NRoB0F7VaeJtAEfgAPEoHADMi_TirO9thvRTm9R2I0QJFDd3HhFuWsB7L2Lg-_-5lJMYoxJAD8DegNgZDQlQho_mFVNDVMgcqrdkLFxdFftXKxNGNFBJCGbri_9n--daZAGbTsMLJAfYfIYczLw331D3xmEVbubZeYk5hhYpkD4o62nytm8fPclPhScP22Cth6bdi_LsU-vwO-JgRLe9rfh-GIQ0hrTpRCwdovuwCY2I0AHYdHTKkOuqAMIag2L3n2HCLODqUyzat9isuKGqwsLOwFZcLSepI-2eMZFbn9ZJtnEeU5rRrTMKChWjLyIqDbtyn1U7Dr9n60UkPtaNeUPMB9BNksByF7wmrqiSKF1O7MwUSxKn5w6KZOf3pQGNtCcOekK2mZMRwxbhn6C99zjaFjyjAFcrAj_w5-jzCedCxFN4zGKbr2gFsxB8GDWMcWbgmTzgxHMUltJ5opCDycTA7xCGQMowEEc8_riv9YdPWvPFOVeidQUc0axZZ_PGlLuhDEIpOUqaV55VN-psNIDCzna3AUn88-vedEyG9R5AKjiTXA-BedPl5cXiB19VcoCbUtCJ1O1fQ3J2dHwmAIRr8En4NSUpsc6k0agrpSv35CQh1LZZmDcstQnAkQVOLabE54odT81Xx9UZ0HMJXKo6bi6AxLWfefNpek1KgSyObFbWQJSZm4xb_wIxQTY6VWzjmWuEN4B1XfQr-ULEvc-xgZOPNXoNden5fclx8oXcdDVu1XL02EtCk6ABt9ecF1g1BT_eBfuWzv8kVMpRWODIThOUWtthxOWTlfz0jquqP16Jb2sDJ9sqtGJeJ4NCyc2QvPfg0QkFNDUcHEcu3RBv3jh8tkqLeqywC_uv5iC22ndt1GQ0CuzEkuBIVqgmfsq5gu-3xxh14mbsj851hUdjTZwVa98Qkt10H8SUnsxn2MTtpQXSCoJ7RnvyBln6WKY5gKtlpuKVWHchDiIuAoPvlqGKOb5LvHuuIZbRKnYhW3w4B5I9BiEoGhTzPEah_CYfhDfe-g5m5ScZ-7F3G04Sal4xF6zzmfR-aEk1-Za8PKeFF9q6F5XpU-__Ca0MmuJmb5CNL3ra8qW2i0rj8XOYdAIyo60CUohm6WYd2bfMFUAcMmeQIepiKPvj2gbI048nIaUuqS2lBQxD_cGUMzbr6vEg7THR0ZIOmHtjs0dHu8wN7rOJrm5yjLSTAscvZEaz-2bQcH1ZWnqSGaqPaYMFMNPgQNUJoKNXJXrHGTjP32REXO6r8-NOrJlKkTzbFTbTNTVuEXTH2b8WLYLkVMiGwPie_odjMCYXScJj_PzJagjbyFl5p6C4xoU7dBvU37kovPLhqNO39jBqmzLEKZarr3vfUweUrsT8SJPSWlYpt9NVuXjlgHO0hZbNhHWnCb5LLDJ4CHvJtfYJH-CEyyxmc2Su_ii_SOraFqRiK3gh4LB-B5ULDsPioIyNHo9O3OIQrL6x03KyBgL22h8Wmeij20oA7ds8u2y4IYCI13h6GNvv4_bgoPcFaHOSf6KxFQ-HD2hZLRAoGdbwjcvE_mIOli0BPIdU1-Jk1y58scfchU4RDOJzZgZOds5KEhPPj5jfGP7AS_rDYQShbV4N8bZv5unFS6OGMWeCR2e25vP3NOOzggjfh8L_hXOmgPBVA-n5gs1BJ8yOa2iJrllWsAQe7QKr4w9Dc_O2vfqgwfcPrypa8WVWExa11T6F8ldtuZMPDZFKH6a09eU1gEeb5SE87xhrWuQobPE2_eXfUWzZSHFkfBViNyiWygbcLMCyjEncQwFUyGbWTnsnm90NPigYfaAf8tKttbvWvAh68ibbgtJTA-mEDIbNPmrMu5B8H3PgMCeaHVR3YIm8YA8oPEGxMiJ8eJMelAcrrWQPCBvV-kuoOn9h3Xp1NZ7Vhwf_I-XnrJlLmdWRP_9-5KZt9sV2VcxoXGK21GS_QcfiGEqgSWN2AOgP3zS6GBt5vLyZZFHGpX6tZvjlSpCQ0bmtB1DThPW78FiWfzQOwrL4vuTPlyy6N05qpH9Anw6gTmngXf6Z3Brm5XudK-mXglmgTBLWAVk6fA-bOaUFhC4q5L77uVFE1sywZGR30-x4RD0ipLpayeC5pedcvee9mkO8&cid=CAQSOwDICaaNIktMc23ohBzmmvV0cTBgkGN3SENhC2L-K51BIgpzL9_qdiGb2fdFaMCUOpVfFBFWI04MsNo3GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblogs.mtdv.me%2F&ds=l&xdt=1&iif=1&cor=8529809377752922000&adk=521587874&idt=99&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

907725a00a1af65d39db32e44b02ead1c2f8c8e1369a8c27745a15a83d97646c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13718
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1C2A 111 KB
39 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1C2A 11 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-AYA4fOZJ5coeJjqYHsiA50UEa8ZGZbC-QwGyX7fIsjLjJp8ruYpG-uhA8y35JyS1p36aMVRE4HFUgRe3m1g97JpBzSatDC434QNexiwWDE8b_g1HKKxgoVqEWJ06q8R3V7CXWqf2dEF67AQ3Fca8aDeoVJzj0PGFY8onJ8eM5c4pFRjxUSuRUAoCZ_4LtW7NFglNVNWVwh6zWAaeKQkV1eJOj3IcF31z3Rk7O83MHieUXLQkbpiSVtGO8gt0YUcXMdXQvKApLP4Ay4cTbiD9BrN6iPo-SER6SJbF-bumjNy6naUGzoY-byyRmZHKit396FocELehPUfcuhp1QF1Vy37BwnueccsF9HwemJELPu8JJRHQElKdkoeYfdVCnAQoM_csPwbfJ94JryRqrvDPFPT6qXS8KD1Xf7_Su-YHsW2M_HM7kDrZAfIqDsjQAxfq5ZLaFnEz0iKYtzId3Eo8WvqoPYy4dIjgbxfziFDv84mki4PSzEakfK5g0yTXF2D_U4tlmhLp348Pd9dHvzBUaGC1XuoYbVyEfvS4vEK47sBKxuj4MOxcK1FYIzg5PbsnyiE_bWx8r8YqGI9Ih7f8q8W2aVFLxMdjjxe5ySTkuxZIxYKWYyZRPJsY7FeY3AqH94DGbd31F5lELwLG4MLQAx7B_2FiFmrDrXAIoCfxk0Jxki4wKs_c5HvU0LS5yaG5LKxVzWBUCCXy-NODdShYF4EMnTHQaaS92x8ooflyXNY0vI78UvfoAyO4CAkG7Gb7izjBBK-F5HvOx4NJ0oeRSCa3T3w09mvADWlUDoEvSC_mJtfj5nwEWgEzqEK1PSXimm8AS37YoOi9sXrSmyxNHlIJRR2O80Up4l6b8rvFfuEQ9aIXNmM_TBgv2DRlY9kmk-mgywScWD5cxKE8mS6TyA_AimmQhPvQ5KFXCWo6dxP_cIthJ-CHHANaJ0YSC8qgQznhJMpxaUlAeQaXmzjqP2rHpzTYsFAf6WK3gSGqjtVKJA5sX3jGSA2xfXdrzj-gfyoOIuofYtYd_DNA5rKychQDtB9Zpss7lndh0ncBoSJBVAzXNJiih5zKt8nOylogoFz1rbyopIaraOlPpHAntUswQlAuH-UH2tEj2qS3L5t6kGbOan-rmQmmuxx_5CaCW3rcQc2xc6FkGcwOBHbgwtrZvfsuTbtICyadVrSnosOSTQZyFrifS0_ApwawNGgPhloSdfv1nBozSCfh9eEax6vMaH2GWTlpwusoqLn-xdqhYL1NR-yNe_QMt016IaWVzoUODtI6fm7zR3vzy1nKqtyJM43LBoVnHoz1YWHKZL_cEOg0jsp3FCVtQtC2az0-f51VPH3XyNf8JDlbD5qMBbKz3ZcO62aOmvhVXJfrGisnR2hIPpks333xtsbyQkMFQx1izh1gVMsodzWE0DJb0V_fSBZ4SNuc7facXO9JxeU8gqe-WtwiEd_gOYXy_1rnTHlnes4SkR_v0jPlgLMi_5NCX8c9dIVUs383jo2Iw4szpEEV9jdtw69qjVrtCCVK9TsDsG_EYGAL9DT7F4uCrb_hC2hFGbVXFLQ2ZR4zlohYBMV7RfRIZllaqBFuz1_O29YLd0yUVbrZ_hpOv9a8ugRwef-1wjq8KFeghb6reOsE8zqG_HaBQR9-nfCU4NE4C35auPi5MDdpsxu4CZGkcKtUt_Z-i14D6weQB7gLgOU08e9LUX_IQypIBt82T6OCJlq_-iUoEHL7j7SIQm_N37E3pDGxAzFhMRQS-s4Bf7Vj0E9dRu3gJgGw1QcGdaHbfxp_OEaxvXsmeqgxK2Ez4hw84gwetgcTnryqbBqzUo9GBTZtA14x9TTKyZF-rCDHZBxtsp3BT-Hql5Pj0KnlWbFVVUGkhEmfC9K4bJXBm2e8hPXcfFJHc_Sv6aatBCqAPE261U-x05kEkDxXR7k81emzbKDjQdz9ib0C2f89e9Rq8fqljuICeKxLwosaGHbBXDOiDgg6KNVQk1t8wgeQKlpg9Kgt-EB7oXRl1nc-syRZ0i2o15zqH0-qKpRhJ_oCv4aQGPPlQ7Ro7aezmdgK_TqMdx5xz_vGuA1z_CojJC9xJg4K9JIM93Fyj63593nWM5EFKzB81OkTMu1FX56FV77P_w5NdUnMLHB-ojZTT9djMr2cTLO0iyWIaonkbU95fz5WehaHF_Pq7gfDJT7X9Og0GjMi2F1BVQVcJhTVO7XgMgzI-IT3KbMwTYuu2pn3NT_-iOgC1ZMTN7vefHaMp40OCZjQ4rNz8meG43QM4ut1MhaIqvnv_KIt8IaDkMqb1k5BTaciL3ABKJzXjNE2jSHXbNDQ_e1u59wG7p-BNiHPyyuE9MF5IhcHuX-zGwQURnnHyN0eZnD3tMDGOEbVO2Cz_er_8U3OFXfOd3fkUiVJorQzDUCzOKdnmwvYOCZeICWpmdKEpMHpF33loy7G1RCiVb34iB5sogDipXB2VQpqK049GyGEQ2i9PuKWJCKBTAY5yhKDSkAJUcaqwq0T1epUgv9Uc894jppZNdR_Oo7WdCGUYAshRLMS67aaWpz1VbuDYsOCnlMLTBZhY-Zffl1fspeU2j4AG6IQcgDAGaQxoq3jsuGpSKBEkaWOvYTJdWFYvZ0Cg_ZOBeg13Fv7OiLcYjYYk25FJUuJjyYIec0NdtmsnSlJ4sPLFL5XAdQb6huguxiIYPr5kc9cvJ3gy6r9ZSr1OhwUDPKmDgU7lRxRju0yQruSPP1kL2qBbVjv5BA3F80q34aOLfKeiuvcpa3OksYg8xIEXxyxR92sw00w1_VXIE-4hViGbRh_so-c1825EUGxBzFeW5LWBnrdH4aInhjWHnMFDtjqcoJR5uJkSPviF6glSc0RwRHXlJ3pbplOc5z2kaTHOI5TF0HcP-pGtT0avu4Mq6PaJaL3LKnUIGPXP-SciZnzfBYbDuI_Uh-l8fSYm5lAXqCDE165UpDKFS7R3Twb37CgbHvLZphe2lrA7jp9ca6QX1in5B3MTGps3Pwus5e8naylVPsqFTaPHm5kRZjdB1j0LA2V7hVDaQEo9koXYAJDz82RDXcbMjJ8_oEdsJbKdsvuU1npqvWJso6i20Aawqpbi8dDcV6fqAKbrU7LundZwnFJd53tz4HNb1JP1y-soqL-T7YXi2bX1jr52K9S6w09rAwG5fihF3_zMcp9D9r6XuJACdr9CdsIlym_PHKrgzT6SGZG6eU8kmsgzz9QBy3Hwcq5BNjKWL_1_yZI6LN0d0hJk712Tu7mws5dkSeHR-ES2w4px-zgiBFgFuey7TEcfwMIUrQIwzMJOMAJD2hLr7XmovjeNh__LvrGpQd2SbRyFGss_J-HlJKlbqfX1zlycL1Q6enO5PKrufj7SQvyTFbppvgxuZKQ8IducMCA5pWRY84InB0IiYEd8L2ww4YZc4PZf5ANTUJ2jT9KisFeeY3oxQllWXAp5xvKsHZLx1lbD7GnKlCHLkHFaBNbQuJTLSK3NoixxdG6ZSmJiDs5wGdIonih3eaSmbeW0c0ce3l9QlreVJiPuSCPgJ6ySiQSeC5nFqkKoAjxLK1PACToLyxFHOh4pgAboIpx3PNqEMikJn7D9pfb6ISkgfWrKVXQf8-Tbi6F-rmnb4ephFKO7FTwHNdmMzJKzBWRh-gTvzRJPIQCtq8N7I3d3918mv098s_OwaUOMI_BZy4Ufop7tQ9TR_iLrkdX-T4Aye220_av4hsjqGIp6pkOGkGzecT2IVXqTn2lG5OHEZrLb85HAVigW092cjnnHC8Pv5QwIqgK3V8NaKOV3qcNd4Uc63a_mRj0-5Ae1_ihTBv8e4w3EE1Ol4O0kaVAgEEk4AyAmmjWLGzSeGMlNAkDSHU9mwxcYdW63hxtHCIrHcPDthZmirJJDaUSqPz8t3WQUczLgQThadkve0-k2bwY760Hf-PUrFeXdnlR8N9bgYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-4005810911916944&ias_chanId=1&ias_placementId=20122942208&bidurl=https://blogs.mtdv.me/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hVZ-ilPG_M3s9spcHS9T_n&adsafe_url=https%3A%2F%2Fblogs.mtdv.me&adsafe_type=y&adsafe_url=https%3A%2F%2Fblogs.mtdv.me%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4005810911916944%26output%3Dhtml%26h%3D90%26slotname%3D2428482827%26adk%3D3785916764%26adf%3D538356251%26pi%3Dt.ma~as.2428482827%26w%3D728%26lmt%3D1700599621%26format%3D728x90%26url%3Dhttps%253A%252F%252Fblogs.mtdv.me%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700599621348%26bpp%3D1%26bdt%3D398%26idt%3D347%26shv%3Dr20231109%26mjsv%3Dm202311130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D3854037993268%26frm%3D20%26pv%3D1%26ga_vid%3D806516975.1700599621%26ga_sid%3D1700599622%26ga_hid%3D1668729163%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D240%26ady%3D204%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44802212%252C31079265%252C31079605%252C44809316%252C31078297%252C31079654%252C44806141%252C44807764%252C44808148%252C44808284%252C44809057%26oid%3D2%26pvsid%3D3923906846655856%26tmod%3D1616098708%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D351&adsafe_type=d&adsafe_jsinfo=,id:5d06d6a2-8ce3-e065-12e9-f361a48e6ea0,c:uDNlCg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5545cd9c68-qd77f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tWhoI4U+11%7C12%7C13%7C14%7C15*.1474271-76103297%7C151%7C16%7C17%7C1811%7C1812,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:1fc396ac-88af-11ee-a5e4-a61be4170e0a,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1C2A 31 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 04:49:49 GMT

GET
DATA 200
OK truncated
/ Frame 1C2A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cc58585f5b2d2ba6f8f21e56b1b10a1cb2a08ea35e102152298e6ee9c9546a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A4E 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BkYs0RhddZdmYNObhkdUP_OW4sAwAAAAAOAHgBAI&bg=!SUqlSgXNAAZxrfrxUa07ADQBe5WfOKFPuMGT94pY2lDer4uASfQb13D8dNYP2YVtvjOpX1YUz_FRcl2Y9NVaH0PY48uoAgAAALJSAAAAA2gBB5kDBwrcZOVTTmMSJEYaOhQeTama-_iNCX3JRLO7StHkGCowAzkSU93BwTHQUEM5c0iGYB23g7HXd2KFEYRNXaJgbyBgeaOWktneVQSxdhbaMm9QVVNFfZRXt7PxaKhfeqCo37kj0U3wLNF0uHBLtO4d4GLmQ1uv3HopPuVB944xle8Nx-daVKcLSFfUXpS3BsGTcxr_YOlEpt4WDnNCohD7szXzGluDP19UQZBQ0iKZAtmv5JfMjnI7QCbno1Tb2f9G48FIzXdODA_ld1KgV3HQT4fs4Np2UOK7Q76YhrebEvQzlsnis2DZmMmORL5wJXa2kDRHhB7hgtn6aA5zX1e_0lyYFVfwYLrJpyEwciskmJ0POg-h5hXBl5RB3FipVtAJWo_7vqHqi5G0qR3FxjHezWJycu7uSmskQ7LJHxD2xjDi1gMG5xokYr0Ij8OCCQAIcYPic9C_7IXFz4SKHdOPxUOIPBqVbDZeSPxEWkYc0UUF1zAtWI0BbN0M0e0abJYGMfbhCa5r6TqBUIbyqjw9DJNIknQcWLRD4rnDOLOacHMCtWpOFZ9XtdykcYkJZTBF1bnMbJnLTQ-a3oDv22UBPUPW_2XvJ8U7miMWZKfMdVKE4Mmj3WW4YqzRNIHkYLPL3trimEplkz2AnfeUcRAvAyVGF2VeO3cuZ4EAp0t59GVcspyZ4qVwU9VeA_ajFSbW3APwsgiv5YGIM-UcEUHBhJXoeFUtU8tZ_Wwu6pANPz8YjSsA4jDyx6yL6wJCqVY9FV-to1VdEesh7JiXs97BGLWbIpJAZSs1GGbhDp_y8SZN4Tkt0nZM3RHJi1IRW05MoOzdVRKklOmGW3JtRMSAKhlu9x_q3AxaKi3o5bYxLyTUQnBGRUTco2ZchuEKUd1Dc63W6iIEYX8DxYk6RmiPywGqYJTbwcJduSH8EsHeVSbaozzIkfFIqPW1fnZxkl7gL5WVCkVhxGHch7rFyjuYfRcu1kguVbgevk6kSCZ4c0uwx-_jeiBCC-qRsK1_DyEckaGRy__poCU

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/ Frame 940C 253 KB
163 KB 64ms
14ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26aabb4e62876889bd998a3bab0eb9ca5c2728e5398c4b32a40518aea494096c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 222945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 166458
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 06:51:18 GMT
expires: Mon, 18 Nov 2024 06:51:18 GMT
last-modified: Tue, 09 May 2023 05:40:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1C2A 0
0 127ms
50ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst09eRJ6JebAlq0rgyE1fuK06nbwegYIwNIFbQGwoa-OULGT8tymw_ldAerq4bB6DfZQR6zR9UTyWZVZT6LTPkiQUdExIPYRERLiZ5cTr6NOS92IfTQPxLw3ZsLodiEq8HZ_IyyjNn-og5ivocIiZGCVg5i4oGgB1FrfdXF3aF6W1cVuUyBBdpG3sQ1N2phVkSHWf841cyb2RYT9quBITqL11x5MRM&sai=AMfl-YQnfSgr-ecAEx5akbgC77Jlqn8IFRguauamXZ6EjGu6Ej5TjG3UT7swliR7ICwDAslV0WirF32JbtJNhG4Xp-xSW1Kwy3BfKsBpxYr-qPUKbJ0drSAWTva9mAjaOKrP4_Zsb5VMzLQsvJTOP6NzsKB0tQ&sig=Cg0ArKJSzIL13Eznqh5rEAE&uach_m=[UACH]&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=87&cisv=r20231109.28446&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 206 file.mp4
r5---sn-5go7ynlk.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 30E0 1 MB
1 MB 69ms
33ms Media
video/mp4 2a00:1450:400f:8::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:8::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

11d8979e574565926525a6b71ef868c163eb760c566324365a11b3e72c8c2b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 21 Nov 2023 20:47:03 GMT
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1513495/1513496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1513496
last-modified: Fri, 12 Aug 2022 10:34:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 646A 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIghzRhddZaDEOOPB9u8P56uf-AEAAAAAOAHgBAI&bg=!gYKlgs3NAAZxrfrxUa07ADQBe5WfOLTSdiU-iPt9o0XZvZQCpeeX_eHJvAY1cGtpulb94lg8v2tcpaPoBmc2BcTye1ENAgAAALpSAAAAA2gBB5kC7PX9L_ds6eZKU8xh1hCvDvoSZX0lenhRK_mZfPI-v9lK8enARzx-f26qKd0yuPyG217MP8HdY7oAI5sD0_2QN-5-Nrau1N-LpmYQWzi9Vh6YUT4w4EMefspZcTz0n0FCt8rEOQtVO8II3FdoR0RBx1lgJvcoOKIvWCcEiWbSkgtOZq10u7kDl2VniSvL1pX-fAj9a2WTJ7ARlU41_VrVfSX11sw_yQtDmnqJOuwv6JwCmp3aXYa76rk_QPlJHEPkioNBm_2m2mInmjBZkykBFiHf3x8aTvAPq7GYMBEEwT7ilojr9B9BNhCANWxBvAGHFP5DAM32jtltqQftaFks6HZOrwArNNj9r0cJCIGoTKRSA9goK706JLQ6r7dWqyPxWblwrS71Peuwvrr_PtOULWnEc-Fa8vSGv-kFe8EA_hUysUm6vr-ItCLgeaez3pSsGNdVFInN4gRvV3Od4w0Oc4qXXPmpsIEGg283fyNmx_9t8OcQriPBsBUDfXg_vk5DKJA8GD4NSnH477-JSvAEG0Kudu2O59O5XXRpVC_MsBOQXu2QP_m04i1qstP964Q-P_QK-q-dDOx-fFu8TLQbEHwI1PtGbyZ86VDLPZbs0H-SSPhA-O5qGKYoGUaLbnvWeiBzNpxaRr-VUor1nAucH1Lmj6wMgDVYpESl8aZJRCDJhVDUT9uJVbGyA-MKAOqyTNQlmQ4Rbr63jE0FK81PfYuSxTWkfWFKNKSIbVj3zOqagtTwLoRwwbVCgBrPN_w9p7Y9YeuFgMXks-zW1nRWGgI5MRD-P1EbI3FZ9WFRLVCYc__GQ5RkUAazLV6uCqCUOrNibLZrcOl0ciBAeh7ZxtfE52TeF-se5MJmoHR2_z9jRcEicdvK5m4lMChnoRMQVztPi7pVniUDqY0OMSRdFlDM7cmewl2CH-_ZCYeDtIAriNdIO0eaN7TnsC29EdCT8zhRURQ30FgH_3TQ-WQrWRpjgub-U953twL-3oA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C2A 43 B
215 B 185ms
183ms Image
image/gif 2600:1f13:800:7782:5b33:517d:a638:6eba
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=5d06d6a2-8ce3-e065-12e9-f361a48e6ea0&tv=%7Bc:uDNlJ5,pingTime:-10,time:439,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700599623654%7C%7Cd02e085f2430ab87301c5f6f17c3e23e%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C27c65fbd61a309d436c103b7b0da465d%7C%7C79f363a9a41999a4fdacc872541363ed%7C%7Ce782a3a0a68c7658fea60a09d6c81888%7C%7C610a8f9563af588ba7d8220e72d680ea%7C%7C0282784360ada650405017310f04327e%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=90&slotname=2428482827&adk=3785916764&adf=538356251&pi=t.ma~as.2428482827&w=728&lmt=1700599621&format=728x90&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599621348&bpp=1&bdt=398&idt=347&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:5b33:517d:a638:6eba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 940C 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 940C 71 KB
71 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1C2A 0
0 55ms
51ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst09eRJ6JebAlq0rgyE1fuK06nbwegYIwNIFbQGwoa-OULGT8tymw_ldAerq4bB6DfZQR6zR9UTyWZVZT6LTPkiQUdExIPYRERLiZ5cTr6NOS92IfTQPxLw3ZsLodiEq8HZ_IyyjNn-og5ivocIiZGCVg5i4oGgB1FrfdXF3aF6W1cVuUyBBdpG3sQ1N2phVkSHWf841cyb2RYT9quBITqL11x5MRM&sai=AMfl-YQnfSgr-ecAEx5akbgC77Jlqn8IFRguauamXZ6EjGu6Ej5TjG3UT7swliR7ICwDAslV0WirF32JbtJNhG4Xp-xSW1Kwy3BfKsBpxYr-qPUKbJ0drSAWTva9mAjaOKrP4_Zsb5VMzLQsvJTOP6NzsKB0tQ&sig=Cg0ArKJSzIL13Eznqh5rEAE&uach_m=[UACH]&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&vt=11&dtpt=157&dett=3&cstd=87&cisv=r20231109.28446&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GettyImages-953048832_RP221.png
s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/ Frame 940C 51 KB
51 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/GettyImages-953048832_RP221.png?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e19ccf7b0b0795180c2f00c00490390b28fd20b1b809c14ff675afc4968ea66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:13:03 GMT
x-content-type-options: nosniff
age: 455640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52150
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:40:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 14:13:03 GMT

GET
H3 200 LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/ Frame 940C 1 KB
1 KB 14ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/LogoLockup_Vert_RGB_white.png?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 06:51:20 GMT
x-content-type-options: nosniff
age: 222943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1502
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:40:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 06:51:20 GMT

GET
H3 200 LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/ Frame 940C 1 KB
1 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/LogoLockup_Vert_RGB_white.png?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 06:51:20 GMT
x-content-type-options: nosniff
age: 222943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1502
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:40:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 06:51:20 GMT

GET
H3 200 GettyImages-953048832_RP221.png
s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/ Frame 940C 51 KB
51 KB 14ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/GettyImages-953048832_RP221.png?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e19ccf7b0b0795180c2f00c00490390b28fd20b1b809c14ff675afc4968ea66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7464622502011920493/EMEA-DE_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-JourneytoCloudNetworkManagementWhitepaper-CIO_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:13:03 GMT
x-content-type-options: nosniff
age: 455640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52150
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:40:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 14:13:03 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DF8 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYKB1e1XFIklTHGrd2xEHaE6_ANlK8UDSPW4Mgtg2Kg1O0i-1D0DlNLKooQxWxsw9arodVGF3KoTGMRMfk2ZkPgVqoI1ZQP6UzF01XNYiQlYjk83dlShKhbBQzQu-jcPeJx66P4bIZzVqTnZV8QkxGCSWWkBdn2tqJIAOweHS38VhaApo&cry=1&dbm_d=AKAmf-CwnSgRGCECP6em-wFyaf57iBC9uaHFCnu7ED4Q8HkYgejyJLqNcnPVJWDGFvyQ8Q2qy30nW3o7P55qvm-2FNbPCGYeUh8SfBGZaWrzvk2C53-NPpDjICzwKL33lZsDtgHBIl7FQ7KgneRUPztQ-smq8Aqbmw-ifvqPdEPHJH-RoT8ZaaWHjfVONmCSrDvA_9c5V6Vxcs0bspqF6dyTLTL4EDYDhJzKs1k8RScpLnTgaqGXfj8YRqZhEkUeEeJ0lRQKzG_sQKjzdNdCu2jahwYFMeA_om9YpQG8AL5KGmRMiY13KSr0lDh7ry0LD4fdgQNTzY2xCBRbkFuFvtQxJeLoa8aifh1qGriFYui4g4Yn1aQNEUR0PRM6NCm-xPEoE-4vh4CWViLl1gFl8JJqixMXLfLII8l0Ody9vsupsaP1NUVA70J1JKyZ4LxmwpQ_SAqALUG7X3JHYC40GJjwsm2Gbch7hYcuofeqNQpMe-dlU9ojeLp9qc26orOSbyhQkKijwvwn8WUNZJYldSUepgnmon23A4px-UuZEgNKVpbhW5clwpsFjUfyjXPeBNpAmxNoEVg5dyY7GROf7ThOEIN1kAhHVB1wtW4Ll-RCk608LcOsQr9m0GS21G5FtnHZpRmJSXy0dd_QuzV-Tq24gCcGijnxAk1qZU6uAh9XPhFA7462AsDHMAiJbd0xHoFIQFQbPoRjYZTIT2HMhjKaxT0IpS1ERWQsxVZEQ6G0kt0Cpv_ZoCMnQ_Ky-OssIUcuslOIwylZn16lxC4GuQs9ogXVqIo7NwBaCTUOePlQrkeoESOnt-jh-Q1R0bvGVx4xrIpW84BqwCGXw24wZTqeAMAf93t3QBxCdHVewP4nEE0Hn0DQI06VUro71BO6MbNlLVhkU1XnpQkIdjzEZf0XxWKTcXmrYEnkx3xvnfX2FVMYXotpb0l6AUW8qbdOXdRJnIy-BDRtRXmambqUdc_md18jgHYAApufiBxoYC6Kw2SqQR8nW0SmUIEebLlLsZPorRayZ7IZIk0cZmD1ambrYFyU3hiThwopkPFUysRJ4CtpmU2jsgw8SzhG4vT_bxU6ELW2DTgMVakjqdItT9U0M2j6FZxgursVVDcN4ne5M161DOdX8Wx5CJ8Sbkru-xC2C3StkY-o9alZt5y8A79h9p84wi9MHR9irnYOBPae_-wyxbFcmIKqAqcfhyCxFjdsog6TDzc9SyNmzslz31V9QM_C-jDhlxGYHXqGvGaCaLQf_lRryoInCYauFFIX6-JPIYCfgqttHqsBuFpLBBgEaH__hp76Zu6PIt1Pjo2Uk0ANhLMIOLFGzccSf22stLp_KFHm8FDhtvXXf4Lytz_GBgtWT7zPNvgi8ZU3MeVktOvQmRijuokG8EiAHI2Vc8RLAxt_nK4BDLOW15o-ByGeTh_Jk6fF6PCGLsUktvwzyuSg7c6DPGY1Yp4H5rshwE-3ib0lYHNJZoBxv-56JS-AlZjF8kj_TYlyzU3kffFH-W2JQNFZSY_UDVpJofMDnRIRnINKvTGc0gleF7GnUKz6u6QKCnATKMZEH8-GapoNAAdHVw01SV3KLHCcPdDs1UCx1NCraEIUYzG51QdBsdEg947li_MYuNufaXIdN13qiPTU2v8dqOYocXYLw3s6EoGMzlcAjxCY9IxIMI4G6m8-OqhK3h3Ovsm6KGUXI6Px7DOORuhzOgDBibDq2XrBI67Op7qNtMa_pB6fxeq4hJcFocDmwrXOJ1HpEn1O-uhsllqWSToVSLo7NRoB0F7VaeJtAEfgAPEoHADMi_TirO9thvRTm9R2I0QJFDd3HhFuWsB7L2Lg-_-5lJMYoxJAD8DegNgZDQlQho_mFVNDVMgcqrdkLFxdFftXKxNGNFBJCGbri_9n--daZAGbTsMLJAfYfIYczLw331D3xmEVbubZeYk5hhYpkD4o62nytm8fPclPhScP22Cth6bdi_LsU-vwO-JgRLe9rfh-GIQ0hrTpRCwdovuwCY2I0AHYdHTKkOuqAMIag2L3n2HCLODqUyzat9isuKGqwsLOwFZcLSepI-2eMZFbn9ZJtnEeU5rRrTMKChWjLyIqDbtyn1U7Dr9n60UkPtaNeUPMB9BNksByF7wmrqiSKF1O7MwUSxKn5w6KZOf3pQGNtCcOekK2mZMRwxbhn6C99zjaFjyjAFcrAj_w5-jzCedCxFN4zGKbr2gFsxB8GDWMcWbgmTzgxHMUltJ5opCDycTA7xCGQMowEEc8_riv9YdPWvPFOVeidQUc0axZZ_PGlLuhDEIpOUqaV55VN-psNIDCzna3AUn88-vedEyG9R5AKjiTXA-BedPl5cXiB19VcoCbUtCJ1O1fQ3J2dHwmAIRr8En4NSUpsc6k0agrpSv35CQh1LZZmDcstQnAkQVOLabE54odT81Xx9UZ0HMJXKo6bi6AxLWfefNpek1KgSyObFbWQJSZm4xb_wIxQTY6VWzjmWuEN4B1XfQr-ULEvc-xgZOPNXoNden5fclx8oXcdDVu1XL02EtCk6ABt9ecF1g1BT_eBfuWzv8kVMpRWODIThOUWtthxOWTlfz0jquqP16Jb2sDJ9sqtGJeJ4NCyc2QvPfg0QkFNDUcHEcu3RBv3jh8tkqLeqywC_uv5iC22ndt1GQ0CuzEkuBIVqgmfsq5gu-3xxh14mbsj851hUdjTZwVa98Qkt10H8SUnsxn2MTtpQXSCoJ7RnvyBln6WKY5gKtlpuKVWHchDiIuAoPvlqGKOb5LvHuuIZbRKnYhW3w4B5I9BiEoGhTzPEah_CYfhDfe-g5m5ScZ-7F3G04Sal4xF6zzmfR-aEk1-Za8PKeFF9q6F5XpU-__Ca0MmuJmb5CNL3ra8qW2i0rj8XOYdAIyo60CUohm6WYd2bfMFUAcMmeQIepiKPvj2gbI048nIaUuqS2lBQxD_cGUMzbr6vEg7THR0ZIOmHtjs0dHu8wN7rOJrm5yjLSTAscvZEaz-2bQcH1ZWnqSGaqPaYMFMNPgQNUJoKNXJXrHGTjP32REXO6r8-NOrJlKkTzbFTbTNTVuEXTH2b8WLYLkVMiGwPie_odjMCYXScJj_PzJagjbyFl5p6C4xoU7dBvU37kovPLhqNO39jBqmzLEKZarr3vfUweUrsT8SJPSWlYpt9NVuXjlgHO0hZbNhHWnCb5LLDJ4CHvJtfYJH-CEyyxmc2Su_ii_SOraFqRiK3gh4LB-B5ULDsPioIyNHo9O3OIQrL6x03KyBgL22h8Wmeij20oA7ds8u2y4IYCI13h6GNvv4_bgoPcFaHOSf6KxFQ-HD2hZLRAoGdbwjcvE_mIOli0BPIdU1-Jk1y58scfchU4RDOJzZgZOds5KEhPPj5jfGP7AS_rDYQShbV4N8bZv5unFS6OGMWeCR2e25vP3NOOzggjfh8L_hXOmgPBVA-n5gs1BJ8yOa2iJrllWsAQe7QKr4w9Dc_O2vfqgwfcPrypa8WVWExa11T6F8ldtuZMPDZFKH6a09eU1gEeb5SE87xhrWuQobPE2_eXfUWzZSHFkfBViNyiWygbcLMCyjEncQwFUyGbWTnsnm90NPigYfaAf8tKttbvWvAh68ibbgtJTA-mEDIbNPmrMu5B8H3PgMCeaHVR3YIm8YA8oPEGxMiJ8eJMelAcrrWQPCBvV-kuoOn9h3Xp1NZ7Vhwf_I-XnrJlLmdWRP_9-5KZt9sV2VcxoXGK21GS_QcfiGEqgSWN2AOgP3zS6GBt5vLyZZFHGpX6tZvjlSpCQ0bmtB1DThPW78FiWfzQOwrL4vuTPlyy6N05qpH9Anw6gTmngXf6Z3Brm5XudK-mXglmgTBLWAVk6fA-bOaUFhC4q5L77uVFE1sywZGR30-x4RD0ipLpayeC5pedcvee9mkO8&cid=CAQSOwDICaaNIktMc23ohBzmmvV0cTBgkGN3SENhC2L-K51BIgpzL9_qdiGb2fdFaMCUOpVfFBFWI04MsNo3GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblogs.mtdv.me%2F&ds=l&xdt=1&iif=1&cor=8529809377752922000&adk=521587874&idt=99&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDU5OTYyMzQxMTQyNQogIHNlcnZlcl9pcDogMTgyNDY3MjY1CiAgcHJvY2Vzc19pZDogMTUyNjc0NTQwNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 3DF8 0
22 B 52ms
51ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDU5OTYyMzQxMTQyNQogIHNlcnZlcl9pcDogMTgyNDY3MjY1CiAgcHJvY2Vzc19pZDogMTUyNjc0NTQwNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogNjY1MDc0Nzk5OTUyNTczNTIwMQpkZWJ1Z19rZXk6IDg3OTI3NjQ5MjcxMzM5NTg5MDMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTIxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMTI0NDkxMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzM5OTQ4OTY2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NTY0NDE2MTMzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDEzMTU2OTM1CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmFtZS5pbyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x99056f434c42aa4f0000000000000000","13":"0x49b79e2a5fe23dd50000000000000000","14":"0x84813f839f1fdae20000000000000000","15":"0x2c3dba6ec793d29b0000000000000000"},"debug_key":"8792764927133958903","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9212252"]},"priority":"0","source_event_id":"6650747999525735201"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal123.js Show response
cdn.doubleverify.com/ Frame 3DF8 60 KB
20 KB 14ms
13ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6387941&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jdPZmYG0lecj3DOqtFqCmf&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&turl=https://blogs.mtdv.me/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:26 GMT
Server: UploadServer
ETag: "c78e1b8588fb1329342920c4bf68cac1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19651
Expires: Wed, 20 Nov 2024 20:47:03 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5C7E 38 KB
13 KB 15ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 258438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 3DF8 1 KB
944 B 167ms
31ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_94406206995&jsTagObjCallback=__tagObject_callback_94406206995&num=6&ctx=1828362&cmp=177894&plc=6387941&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=94406206995&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=119&bridua=3&dup=null&turl=https://blogs.mtdv.me/&chro=1&hist=2&winh=280&winw=500&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jdPZmYG0lecj3DOqtFqCmf&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=9.60&callbackName=__verify_callback_94406206995
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 97ab2c789d9958c6d63d2f391867284b8b2999bd2e3cad927ab2fbabf5109f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/20/2023 20:47:03

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C7E 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A85C 624 B
242 B 60ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNV8Urauvgo9fw1EgEVEF3xwWMX2lk98EPQcA0XKybzwD6P6Hn8-2GSuKZCkb2SJNXHpYBFtwqTlbuk111Rvnxzb-DOTZKiOOygm-IMjA5jw26q172HHq8WGkkleGQwaUObmwMSvDGEfR7MbckIsz6X8yb8ZgQORnQNQ9q-foTfacdvdGqo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:47:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 15EB 89 KB
31 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31498
x-xss-protection: 0
server: cafe
etag: 4296746511219988724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:47:03 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 15EB 2 KB
1 KB 18ms
14ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6387941&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j_f4-DnIMJmnwgQQ5h1eEg&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&turl=https://blogs.mtdv.me/&DVP_PP_BUNDLE_ID=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:24 GMT
Server: UploadServer
ETag: "ecfd819e1e247598f4ed0f18c70f6f53"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 22 Nov 2023 20:47:03 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 15EB 9 KB
4 KB 18ms
14ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j_f4-DnIMJmnwgQQ5h1eEg&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&turl=https://blogs.mtdv.me/&DVP_PP_BUNDLE_ID=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 11:58:00 GMT
Server: UploadServer
ETag: "7016a8d85509bc72e9b0db848677035f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Tue, 21 Nov 2023 21:02:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 15EB 3 KB
1 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 15EB 20 KB
8 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 23:16:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 15EB 0
0 26ms
22ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLRh4a7LJaedjG5a3uOO46ZSQamnkP_FysTlzGv4CS88KuRK6gA2EpYA0DHj8BzRwaqiZb3uVpgypP_q2icWJNpQ0HAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15EB 202 KB
64 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:47:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EB 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bs4PXrOs8RuSNrMKe6FvvDwEhpsuo1W7cezeh1HKafgln3jLwvYmYe65jAdr7HcvzimEe8x5s_N0IRMIAGW7Mx7peXVyyHlcH1m-_lrRcB84SEndY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EB 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5653905020808701276&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A85C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK9Ta4FelkLJiqV6vEzp15M&google_cver=1

43 B
734 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK9Ta4FelkLJiqV6vEzp15M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNV8Urauvgo9fw1EgEVEF3xwWMX2lk98EPQcA0XKybzwD6P6Hn8-2GSuKZCkb2SJNXHpYBFtwqTlbuk111Rvnxzb-DOTZKiOOygm-IMjA5jw26q172HHq8WGkkleGQwaUObmwMSvDGEfR7MbckIsz6X8yb8ZgQORnQNQ9q-foTfacdvdGqo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25mGtodgkbPK2sg3WrKYV5lkcFQ0e8uFe7Q5bU%2BWHJQwYOXMRfLuIqjlEYKAK%2BYRDv0x5%2Ba1fcvyCpnRRvyE6Q41ZCHGearB9X6jwm6MMIbcxipFxECsOKfNxv72s%2FKTrg2xOYc1gJ2YAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bc9215cd69214-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK9Ta4FelkLJiqV6vEzp15M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A85C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV0XRn8Y.lY2VIOvvUExywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK9Ta4FelkLJiqV6vEzp15M&google_cver=1&google_hm=2

43 B
742 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK9Ta4FelkLJiqV6vEzp15M&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNV8Urauvgo9fw1EgEVEF3xwWMX2lk98EPQcA0XKybzwD6P6Hn8-2GSuKZCkb2SJNXHpYBFtwqTlbuk111Rvnxzb-DOTZKiOOygm-IMjA5jw26q172HHq8WGkkleGQwaUObmwMSvDGEfR7MbckIsz6X8yb8ZgQORnQNQ9q-foTfacdvdGqo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSCmZK%2F05hDCIOLzNXXKrhiuPOOVSO4esrbz9g%2BaHSwZCRMg%2FdTkCDSzEm6RaRXKmQqr91DNIBbrj1hswh6ZYHRGJvqJ8xA6%2FLUQElIT1OXFhlLBK%2FAWa9Z%2Fv2apPXK9%2FEZGbGqCSCuyog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829bc9219d099214-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK9Ta4FelkLJiqV6vEzp15M&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A85C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEERbyapnqqliiwM0yfohkMo&google_cver=1

43 B
839 B

15ms
14ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEERbyapnqqliiwM0yfohkMo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYx4yBxQEwAQ&v=APEucNV8Urauvgo9fw1EgEVEF3xwWMX2lk98EPQcA0XKybzwD6P6Hn8-2GSuKZCkb2SJNXHpYBFtwqTlbuk111Rvnxzb-DOTZKiOOygm-IMjA5jw26q172HHq8WGkkleGQwaUObmwMSvDGEfR7MbckIsz6X8yb8ZgQORnQNQ9q-foTfacdvdGqo

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
an-x-request-uuid: f28ed940-573c-40f8-ac62-387eac3af8dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEERbyapnqqliiwM0yfohkMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A85C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU4NDM5NTM2MjAwNDI3MzMzNw%3D%3D

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU4NDM5NTM2MjAwNDI3MzMzNw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
an-x-request-uuid: 1dffbb21-7266-44f7-a0f9-2656f1a6e71a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU4NDM5NTM2MjAwNDI3MzMzNw%3D%3D
x-proxy-origin: 178.162.209.131; 178.162.209.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EB 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3812866828771&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15EB 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3812866828771&version=m202309260101&ct=77&x=1&cor=5653905020808701000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 15EB 20 KB
14 KB 319ms
319ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac32H1n47fQYcWJnK5SLnLgZjWivyY8agG5XvvWJQYyfPI8xHAhWwX-k83rywgK9KS6PqIsL-90SZ1fcbJDAKbq6WTD8K2ni9diBvF5zbxX2XRpJ4c_Mgwp-xrvwxAIJDa4TE4_abizjrh3We29IWRAJSUyrt9mJwTQqcLQxBhr_i7rY8&cry=1&dbm_d=AKAmf-AclVyDKRSVnsJ_ZfIPqBR9Ytevw5LtLcxusoyxhQQnDGGVyxFQb37dDTUx0zwN6tsoZlK2DfLImkklTPgGlUBmoMzxvYaFn2tdxbcw9kmxyBHJ2eT2BWdTnwFFY9laZG-8kewAsJ83FxkKj1cIq1aye3TtBk-baA4UMgbZmjYICFXt7WvhpdwzV4S0xNB564hJcG4IFSX4Dz2FBkTF1f6iBW93ENofFwVGPZ90rIwhG55B0KobDVCNgGeEQwsn1Ucinf94ouGYZUsb4Wz1uhKFEZAp84bhXpRgsCPcV2YH0WSmjZWALudhsnAjbexfuMKEml3deQNIYELLJCO7YCVP8uVPUnieC0FajBIK5oKAuEDTSiy0HG6_zfBGoEevVY05cVuGQvy8Qal23PWDmv1ZB2Tq5g9JyjdKbm9eLXbtVLSCXV70TQ4uFAdgdUmLI3-waFZYdpa_vU9Yo_Ci1WlBGk0XjkbKhN4LC4NHV1WFCJYtc3hbJ0caGpWPRFY8lfzu2rRSA500JzDfz6ginovsz1zu9wz_Qun3W7fhf0CyVybBpD3Tyw0rPMVq5A9w9JTbgDqaPXmeih3IFs8I7EixPHdWBpXoOjgiiyYgSdRb1pyfFX1oEltgGZujgprkFy1UTWqkwd64-_X9e0aWgVDbhlQ-T26nzssyl7plc1FWhetJ3b66xBSLZkm8xUCcjDn0Skt36a-fplvYJXNbFxNcSwUzcOJgg9FK4ZkJdTvMp9MZYFe1R_2G8vdnoR0jxWF1OFrp0Zd7F2h--86UZCMhJit6oANIhEQt2LeLkrRFZaW7OYr9k040ctRxbJqUvYzxWgBSSxan5nHDmD1M5Ce1JGHG26K6VwKFQlvtOuuBL8DKSEaFQQwPeDzU7OFFn69xg6cAeOQ4wVol4qiXSnOZGkWNvqLfMgTUPZnlrEvy8gioDwtLIN4XG7ETAciMq4bv1PG24KrdbFk4MjIbkqgna8KJpRg9rosyIzfDPazu6kmV1MuNNOUpNfBK8RJ0OFP4e4kmMjnIhLS5daEPrm1VI7UDc3RvwY7XUDdO8A5JTfnn3i9af7zYzbhbxfbUklCYPJg8GQeTHCD3SbaMIN6OMQFpBS4_AUgY8-SrAFhu4EW8wjwrB26ZLRpl8kfKD36lheJwjPoSrH3SRAPMc_9wbc0IL5zPVNVWBomkfSgPN45BKQR4Kg-LtK6bGwHUijntwYz-7kR4EeX4E_SNbth9r_3F8GsnnQhtSG_MTZFlTgJ12Q4L1b7MHaNfuhJ7PltkYhF78YxlpzfiVsef3yH3JKDvka_pM7lkkIW0mHA0hs3Fn-DLrn6iKagYG0AkdZ42WSztXMS8ISzUyDW_FS0_ZpaPqihj96NfVe6rHchsIv6JgaOc1s0_zf9DvlX95qsFepQP3-2LLzaL0benh5fiZa2WVUu9WjxaKL1ALTxyH9pqP2JhSa56xFLG0QXfnVxRzzWkX21KmkjU_Idk5X6_dcpD2njAkn9xGhnIYS7bECz5KJeqI-JcJlGM751WeTsuYXnc6jlES9WtaQywFL0h8XXLCRtUMsJLbTO-hevs9iGLXxUxpEpWXAbq-PKV9xPne08fuJFpnjz8etgtOYbmFXJPQvltXT6s5ZJl-jqlozsAk2l8B3OJAoOE8KzJuHWJ_4vfzBOWWWmcGVIKuOaA3wYxXwq4o-tU4cXcwXXgGGXeO3dTyB1_jCXPn6114_94HmUVtq7oeSikIz88cYXzX4NvpQm6qpMJPB-qlA7Ak7JzHKILjUnsJqkN_JxBm_kmjSSUWr-ZCZY5SJDePXJ8y6VVgeuxuG8XM2PnC9DEcQbkXUmpM6b5GECpAmcnvhOy20FIm4KORcVapYqhayAvn2wtVGc4N4ssKVHsLiObw_jpS7WGWA9jVyvuw0keagAsKmgt-MUVpLZOAennjQtUwTRd5o1nLXqfDN5jCoHVkanObJ3ffh9BBbXLLAfB3sG0UarCJ2QezRt2FdiTZdfBP1ba4Cw3ZqUt-jCAN6tBwzOJJk9nfB0PuUt7jdy3ifsavPHXCx1M_DhwLHLIfd6PYiFK_0XLf39iG97F5VE0rZ7xja0fyM6FgKxWDR4syAz1g8oR4vyEIMNUXgb7EEMFSntRUgGmHb72astRxZ83k3fjrGeCIP0f3OjmLp8jVgCTeMWrh3xa1zsoBOBz-iBXLTp7Jou8hzobo4S25fu-i50drbGWZjf86tRCnjf7EnKdaerE1GdDMAN7OvIQpLAp1Tse1uMyueolnwegOg2rfwjNeCgtFJYzsluORrBFk7KBK4RumKX_95T7C88oP9OcIMd5gdS3qqXk7-hms9nLTOk_m99mc98sAAwKuxsXxJLPkj-ffa8ezbo_Fzb1srlSUU2uQ_H4cM7tNi9PKpm6VomMEWRay4hdxAYKBt8HX_m49pDTNf2ZsCwOfMlm-xXT9TQXFX-cPNYKbb-vbGnXbGTdfy60hoKXvaU8pjeHwAhEE0Pep6_fGDoWK9ydIQZE72VMtc_AEcduad40xgElZFeHojCKOzpV8YlIumxf5TFn0qli9C-42Uct97aHcsoXQDaLgSrD7ThF7ur-XlV3Kjkah_wXKY7aZxm1nPHlFZkHfPkzfPB5Gl1V-zUN3ohpQ7ATvr81oKpaBqnjaydVqnJSbroASif3c7EXHo9TurNuJulQW1rOEyftCXG3sVelCmdd0cc2zi5O5Nr1hay2Ye3b92XuSrI_799tP-SXmPZjHdCCD8BjggCVPuKq0DNTeBEAFqxSeawAYGrB-o0lasfdnDpkaUV1d1ese4EsDbIBdjFZ-EwElc9Khp5aIxhxN5QEzEoYHuh3MU4b7Id7JjzgbbWHS52qG-Ytl2-pCPBPuMZkNPbHLfO-HpNm-vDDoNRY4Z52GiBCrrYg0s4n3RqONtTca5p3_Vb2yesILRUXgt9KUbfpQXLkxdTGqsQSlu1iawNgs5ndVfuRvRdEjEyDRet4jJ_GdDY5mhOuJFT6PfOTQo3zFPjGkNdhkqvRyL9QxfzylsQCeoUVNGeKrUT8GlC8mQZ5LOWu9HtPh2JbsPzNznF-OEv9DCHSpP2woSP6L8zM0uQgobKOgg5xbL7TgRkrDu8wROk16U2LstgZRUhJs7HOl48aTaphU4s67BrgE6Mzt6aRED1VyzKPK4LSoyHmd7p3tukNo5qzaS73xlTj_lm2nJKQZYfhxD0n-1slgRxIewHMyI5gPSkM7kDDvY2mgu8-_W7iHa3KwZ14R_hH3DCwbgghCRwlQWW-EONzpRjudKXuMeGUwA80ftGDro1aig-JyPmRCyhOPzlFTPxTV2IySItbMwPL9_62rFB6WJxJ8KkuWgSKhoR7euhQpFH3fAdhmpGK5chgw7DPbFSNWx81RqBW76JbL3_18WNaIFGsqF2iJuJjjNBiqxUg4f87cFo012ttrFWJsMdPEPfHIOE6JlnXbTEIOZSQITi6d_dAsF5VeSIFKZbpQVc0wmPguvebORkhGYKMpn2xJbHXTncmFcFTTSOOu7PSE9fVxeDSMq0zzTTaiKP4c1JfjCVcEvRjPMGJCnYFEndPZBTWwIyXGT8XVCMwCj2tlXhb1mln8vOtiW6jBIq-Bs-UzOK_zB3m5_gJv_c1PpDLwSf778vC0n2czhGEKgpg-QdT997hAd6JbfWGdCZP6QC-VzFbzUjISv3hFqr4pgww7fc3ek6OvKI77z03O3HsI-aLslybmDWey-7DSDTwzoFWf67CL0-xVJHExck_g832tY5zWbq_bqxK1xzJvGQgUYiS330Lzmd9RTfTSI5PdkKxCm8DCwmGNv8c2j-RdIRVa3tHyTo0k-LGgvyxG55MjVa0Q6TYIqTUFXOAZz9mf3VaG40&cid=CAQSOwDICaaNqBukJysK3whGAsJjEi2IvP8uqEXaXRiUwu8WbRz0QQP2opwdDebCGGqkeavIdsoVIVy89nElGAE&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblogs.mtdv.me%2F&ds=l&xdt=1&iif=1&cor=5653905020808701000&adk=1726166460&idt=83&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5446283aa594cfff6e91a7c7b6e3be18c3d9e964336429c7e5a3c30e07b246e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13947
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 30E0 0
54 B 179ms
178ms Ping
image/gif 2607:f8b0:4012:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lp8t3v8x&c=6615160944884&slotId=3307580472442&qqid=CMDx9qL71YIDFe5PwgUdDUwGkA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&msm=1&aits=18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.14o~vil.1kd~vfl.1oe&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:827::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C7E 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcRHcRxddZaGOGcH1gAe_koHYBQAAAAA4AeAEAg&bg=!7e6l7qHNAAZxrfrxUa07ADQBe5WfOH8nhvGeSNneEFcjCLQSH4rpdAgvIRj84P_G2hegJFz93UlWVkzBcBLSDFjWpl5CAgAAAGtSAAAAA2gBB5kDEbeMfKEqBBI8EjV9_7w4Hwoj7Ky6YYCQb1WDW5gUJB0JOJq_5-u0aW-Fpn0sFXvVrS1VfVnI3C2n1xNX3EkWiRz9I8FSDtSV4nRzeENUOSjEZ0o40xSNthce8BcYa5KZP1uaafAAabKD-O6res1TEcCoo-zRUPYi2Ook1uvKGWTv_yXe5PwLGMh7ekfow4cjorLkWyd43Y2b4BugI8DsEJF0b7PQPYsQ7WdS0Mgn5g-nvvu7WF37pKcgFsmRFgXs-qABKqeCAz9cNkgSHL-orolyumOT9KYVz9OHpmZqo30wAAu8uVB8H_sDE3ce0qsHxa6oOVzcfV6Y-NKQAv5W9-mI8oAwyKjjPBS8K9WpXD-eF9PlzwwxU2DLE9QlDu3iMSw6r0_ZpulaI_ozuOcJ-hWkL_Lhtf8y5nReTiGQF1TMFAVFMlLMxj93C6jefKFgFgS1CS4JK9JgAun6ZH8WlgwiiAuOszcbZU5hfWQ1V1LRhtewJCafdto0igSHqHrbzSzd70mXoa7PqsEBu1Tq3mD0kccNjnOPPkgBy6B5WY75kzbN56x5c8hkSmT_4pc09WeuDP4kVXqvVHX33zhgtaXDlgHE1RlfgHXZx9C_nnAylbIEaXcgIAFfFJNLjtvPm98cxkmzeb-ursqFKCX2fsOPJjKmw_oP3qJ_esIcPSAk8sh1uSKfi05-RiQyzlEXsciDd6FVDzWprtsmA_orSAGf3_SAy8V_2AJXmjyMBS_igL5RtWqkFO0mGZytJMGHAocKQ9YFRJYzCLn4ImlRoCQeGN0uiCR-8oLECy5FfeRlQzXQJj9Xmh2X589LP_Hxwzv-zrfHlk14eT7SiurYqLtX_uOIsP4YmhcOblwM84wUbrebfFRVAFi8mWgaNWcCuqFazKbaRz8Y65fMbUeqqf1_rj_JAi9BUKon-IfiBnUGzVGGfhi6Oszw8SwWS86FyTMs_Of2NjEh98GWKym11krFvMyIAHeg9BbjGkyyfCZagOGUeMnJO0fghMgaSsBzVfr6pZfOKmOWqarTMuR-zuFa

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 3DF8 18 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:03:40 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 3DF8 59 KB
23 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 00:21:59 GMT

GET
H3 200 B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=4119432153;ord=r4f4cb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fblogs.mtdv.me%2F$0;xdt=1;crlt=S!uVs(... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 3DF8 67 KB
30 KB 56ms
56ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=4119432153;ord=r4f4cb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fblogs.mtdv.me%2F$0;xdt=1;crlt=S!uVs(itv);stc=1;chaa=1;sttr=27;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a57cbd2c48a2406a8b6eeebeb69e885bae8f0d642d2fc23f437be699f61cade5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30785
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3DF8 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=4119432153;ord=r4f4cb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fblogs.mtdv.me%2F$0;xdt=1;crlt=S!uVs(itv);stc=1;chaa=1;sttr=27;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:35:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DF8 0
0 96ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdls4xG8G4OyXJdHj3s8O-5HhEAw4b_l4TYCsyfMHj3L_wOmtz3-XFokepbaXJ47ccmrCb-7m2uCJxK6B9QwnWxicKbNl3kOeU4AwpvWeU_oSLSHMjYeelLHrR0dJi__fx4L6KNnTC54c7mqy1K3WB72l4B7PGUQKDqqE&sai=AMfl-YQba0jWOAipIdAqlwAtWYZgcJPCjESn2ElOGX1saHnht4FK-b5VqJhDCJv1_vgP3OAgeXxowMFZ9Y31z2-K3U8d1LME4IFov1Avuw&sig=Cg0ArKJSzKcYYvCUEF4oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.46003&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12224131752392196093
s0.2mdn.net/simgad/ Frame 3DF8 144 KB
144 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:19:13 GMT
x-content-type-options: nosniff
age: 278871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Nov 2024 15:19:13 GMT

GET
H/1.1 200
OK dv-measurements4951.js Show response
cdn.doubleverify.com/ Frame 4095 424 KB
100 KB 17ms
16ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4951.js
Requested by: Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 10:52:29 GMT
Server: UploadServer
ETag: "b47e628f652d93d0e7ba169948af091c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102052
Expires: Wed, 20 Nov 2024 20:47:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 131A 1 KB
643 B 17ms
15ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3DF8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4c808c8f79f4005ca15298f283d8ffd8c336946e75516aa96807fe10a2fed17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D08F 38 KB
13 KB 16ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 258439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DF8 0
0 51ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdls4xG8G4OyXJdHj3s8O-5HhEAw4b_l4TYCsyfMHj3L_wOmtz3-XFokepbaXJ47ccmrCb-7m2uCJxK6B9QwnWxicKbNl3kOeU4AwpvWeU_oSLSHMjYeelLHrR0dJi__fx4L6KNnTC54c7mqy1K3WB72l4B7PGUQKDqqE&sai=AMfl-YQba0jWOAipIdAqlwAtWYZgcJPCjESn2ElOGX1saHnht4FK-b5VqJhDCJv1_vgP3OAgeXxowMFZ9Y31z2-K3U8d1LME4IFov1Avuw&sig=Cg0ArKJSzKcYYvCUEF4oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=70&vt=11&dtpt=69&dett=2&cstd=0&cisv=r20231109.46003&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C2A 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7782:5b33:517d:a638:6eba
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=5d06d6a2-8ce3-e065-12e9-f361a48e6ea0&tv=%7Bc:uDNlQy,time:902,type:e,im:%7Bpci:%7Btdr:786%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:902,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B896~0%5D,as:%5B896~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:357,fm:tWhoI4U+11%7C12%7C13%7C14%7C15*.1474271-76103297%7C151%7C16%7C17%7C1811%7C1812,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:209%7D&br=c
Requested by: Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:5b33:517d:a638:6eba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 131A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGxrG7n34AgVbHs_5U5QhvM&google_cver=1&google_push=AXcoOmTFvnQIw_5X7jMFFOoPrl1P-c1klPkfNKep2SxVXhQwnWgS-62r2eZd0VcMl_bLI6gynznOpFWVMfwMgzw6YSnN1_UJPyAogxY8
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM5Nzc5MTU1NjQzNzkyODI2Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1

43 B
398 B

110ms
64ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1
Requested by: Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 131A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBdSKT3VqyrQ-pcOwxwJF7g&google_cver=1&google_push=AXcoOmQfyPlVq4UPyKL_QaRxQwmnCn_FjSLhpccMbYYexxvOH_ETT2T8To66Rcp38Y-BfZMj9QcuA0DAiu8Z1lR043NWG_V3sKjEn...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdSKT3VqyrQ-pcOwxwJF7g&google_cver=1&google_push=AXcoOmQfyPlVq4UPyKL_QaRxQwmnCn_FjSLhpccMbYYexxvOH_ETT2T8To66Rcp38Y-BfZMj9QcuA0DAiu8Z1lR043NWG_V3sKj...

43 B
420 B

181ms
178ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdSKT3VqyrQ-pcOwxwJF7g&google_cver=1&google_push=AXcoOmQfyPlVq4UPyKL_QaRxQwmnCn_FjSLhpccMbYYexxvOH_ETT2T8To66Rcp38Y-BfZMj9QcuA0DAiu8Z1lR043NWG_V3sKjEnPks&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfyPlVq4UPyKL_QaRxQwmnCn_FjSLhpccMbYYexxvOH_ETT2T8To66Rcp38Y-BfZMj9QcuA0DAiu8Z1lR043NWG_V3sKjEnPks%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829bc9242d7f6943-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 83
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdSKT3VqyrQ-pcOwxwJF7g&google_cver=1&google_push=AXcoOmQfyPlVq4UPyKL_QaRxQwmnCn_FjSLhpccMbYYexxvOH_ETT2T8To66Rcp38Y-BfZMj9QcuA0DAiu8Z1lR043NWG_V3sKjEnPks&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfyPlVq4UPyKL_QaRxQwmnCn_FjSLhpccMbYYexxvOH_ETT2T8To66Rcp38Y-BfZMj9QcuA0DAiu8Z1lR043NWG_V3sKjEnPks%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829bc922fc786943-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 131A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENlY_a2jKWS2KsudnoJY7zE&google_cver=1&google_push=AXcoOmS-sz7MhrYJyJRvnrpdIR8qgfTc_FrRwAA7AxRikIbo9r88-ES3qYL7lrTKFm4DF2HOSmL8BpsePjxfUSg9VQw34DSpBOA1VOY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E40B1C5759DD4F87A096A5881485590E&google_push=AXcoOmS-sz7MhrYJyJRvnrpdIR8qgfTc_FrRwAA7AxRikIbo9r88-ES3qYL7lrTKFm4DF2HOSmL8BpsePjxfUSg...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E40B1C5759DD4F87A096A5881485590E&google_push=AXcoOmS-sz7MhrYJyJRvnrpdIR8qgfTc_FrRwAA7AxRikIbo9r88-ES3qYL7lrTKFm4DF2HOSmL8BpsePjxfUSg9VQw34DSpBOA1VOY

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 20:47:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E40B1C5759DD4F87A096A5881485590E&google_push=AXcoOmS-sz7MhrYJyJRvnrpdIR8qgfTc_FrRwAA7AxRikIbo9r88-ES3qYL7lrTKFm4DF2HOSmL8BpsePjxfUSg9VQw34DSpBOA1VOY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Nov 2023 20:47:04 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 131A 0
174 B 76ms
28ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEClXQePkkCtQ3HbqjPAcee0&google_cver=1&google_push=AXcoOmSD42gIUlngaYq2alHjIpvdjCZvOZ6Oil6sll9wXJgSDkdsmJ7wjwy7RaXLLKOoSFuCE3mJaT1FGJ-UBCtRHEGFb74jul-8xWhQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 131A 43 B
146 B 194ms
9ms Image
image/gif 3.127.95.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPPmErskfSsGUWaE-SqDJOI&google_cver=1&google_push=AXcoOmQLqgQBiPRxD6BjWk1F8BRjRVj3oGlEnTUK_lbYxm9znp55UcN93DWPm4tZG83NGdne5ALLoY2ZaUNZDc7J6lhAxyI1idHt6eM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=2158463013&pi=t.aa~a.3213093763~rp.3&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=1&bdt=1549&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C500x280&nras=3&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.95.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-95-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 131A 43 B
363 B 62ms
17ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR-CZTGQ3E9X_VItvuEEcMUBAThEW_xmLHQszuErL0wRPs9eW89cKP8Ah7vptqqtSbjaeLpJkIza7AxZ-eMbNs2ccFq4zdUXZov&google_gid=CAESEB9CPRVAIymMRtkWa17eI1U&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 247761
expires: Tue, 21 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 131A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBaIn_inTSNWsArJiyu4mqo&google_cver=1&google_push=AXcoOmRQpTdqL0pXTtNCEY3NJlOScIiDkXIogRLx0Gtm5IgEDrOBIITD6oh0zX4xlTLer2aVdxY09V9aALa4...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRQpTdqL0pXTtNCEY3NJlOScIiDkXIogRLx0Gtm5IgEDrOBIITD6oh0zX4xlTLer2aVdxY09V9aALa4VKjtJNvlYR6B_W4W7DUp

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRQpTdqL0pXTtNCEY3NJlOScIiDkXIogRLx0Gtm5IgEDrOBIITD6oh0zX4xlTLer2aVdxY09V9aALa4VKjtJNvlYR6B_W4W7DUp

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRQpTdqL0pXTtNCEY3NJlOScIiDkXIogRLx0Gtm5IgEDrOBIITD6oh0zX4xlTLer2aVdxY09V9aALa4VKjtJNvlYR6B_W4W7DUp
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 131A 0
12 B 21ms
20ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzMvEO2CSyRyfH_akMJY0Jv40qxc0LAVydwIxXJ2j8mGbHnZQWX249SIkhnGZXwT0J_5ZY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 4095 699 B
733 B 114ms
32ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=99&ttfrms=27&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1700599624156889&jsCallback=dvCallback_1700599624156377&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4951&tgjsver=4951&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4005810911916944%26output%3Dhtml%26h%3D280%26adk%3D2823105954%26adf%3D2158463013%26pi%3Dt.aa~a.3213093763~rp.3%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700599622%26rafmt%3D1%26to%3Dqs%26pwprc%3D6986520281%26format%3D500x280%26url%3Dhttps%253A%252F%252Fblogs.mtdv.me%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700599622499%26bpp%3D1%26bdt%3D1549%26idt%3D0%26shv%3Dr20231109%26mjsv%3Dm202311130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C500x280%26nras%3D3%26correlator%3D3854037993268%26frm%3D20%26pv%3D1%26ga_vid%3D806516975.1700599621%26ga_sid%3D1700599622%26ga_hid%3D1668729163%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D240%26ady%3D2649%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44802212%252C31079265%252C31079605%252C44809316%252C31078297%252C31079654%252C44806141%252C44807764%252C44808148%252C44808284%252C44809057%26oid%3D2%26pvsid%3D3923906846655856%26tmod%3D1616098708%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D6&fcifrms=8&brh=2&dvp_epl=242&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://blogs.mtdv.me/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jdPZmYG0lecj3DOqtFqCmf&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=22501535339.21821&ee_dp_sukv=22501535339.21821&dvp_tukv=97161417224.60593&ee_dp_tukv=97161417224.60593&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=933091615256&jurtd=1314920958
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4951.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: bffe15713d81f1b4ffee799739d4eff1b1335fb60e4a9f865c216f85732675e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 20:47:04 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/20/2023 20:47:04

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D08F 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 15EB 41 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac32H1n47fQYcWJnK5SLnLgZjWivyY8agG5XvvWJQYyfPI8xHAhWwX-k83rywgK9KS6PqIsL-90SZ1fcbJDAKbq6WTD8K2ni9diBvF5zbxX2XRpJ4c_Mgwp-xrvwxAIJDa4TE4_abizjrh3We29IWRAJSUyrt9mJwTQqcLQxBhr_i7rY8&cry=1&dbm_d=AKAmf-AclVyDKRSVnsJ_ZfIPqBR9Ytevw5LtLcxusoyxhQQnDGGVyxFQb37dDTUx0zwN6tsoZlK2DfLImkklTPgGlUBmoMzxvYaFn2tdxbcw9kmxyBHJ2eT2BWdTnwFFY9laZG-8kewAsJ83FxkKj1cIq1aye3TtBk-baA4UMgbZmjYICFXt7WvhpdwzV4S0xNB564hJcG4IFSX4Dz2FBkTF1f6iBW93ENofFwVGPZ90rIwhG55B0KobDVCNgGeEQwsn1Ucinf94ouGYZUsb4Wz1uhKFEZAp84bhXpRgsCPcV2YH0WSmjZWALudhsnAjbexfuMKEml3deQNIYELLJCO7YCVP8uVPUnieC0FajBIK5oKAuEDTSiy0HG6_zfBGoEevVY05cVuGQvy8Qal23PWDmv1ZB2Tq5g9JyjdKbm9eLXbtVLSCXV70TQ4uFAdgdUmLI3-waFZYdpa_vU9Yo_Ci1WlBGk0XjkbKhN4LC4NHV1WFCJYtc3hbJ0caGpWPRFY8lfzu2rRSA500JzDfz6ginovsz1zu9wz_Qun3W7fhf0CyVybBpD3Tyw0rPMVq5A9w9JTbgDqaPXmeih3IFs8I7EixPHdWBpXoOjgiiyYgSdRb1pyfFX1oEltgGZujgprkFy1UTWqkwd64-_X9e0aWgVDbhlQ-T26nzssyl7plc1FWhetJ3b66xBSLZkm8xUCcjDn0Skt36a-fplvYJXNbFxNcSwUzcOJgg9FK4ZkJdTvMp9MZYFe1R_2G8vdnoR0jxWF1OFrp0Zd7F2h--86UZCMhJit6oANIhEQt2LeLkrRFZaW7OYr9k040ctRxbJqUvYzxWgBSSxan5nHDmD1M5Ce1JGHG26K6VwKFQlvtOuuBL8DKSEaFQQwPeDzU7OFFn69xg6cAeOQ4wVol4qiXSnOZGkWNvqLfMgTUPZnlrEvy8gioDwtLIN4XG7ETAciMq4bv1PG24KrdbFk4MjIbkqgna8KJpRg9rosyIzfDPazu6kmV1MuNNOUpNfBK8RJ0OFP4e4kmMjnIhLS5daEPrm1VI7UDc3RvwY7XUDdO8A5JTfnn3i9af7zYzbhbxfbUklCYPJg8GQeTHCD3SbaMIN6OMQFpBS4_AUgY8-SrAFhu4EW8wjwrB26ZLRpl8kfKD36lheJwjPoSrH3SRAPMc_9wbc0IL5zPVNVWBomkfSgPN45BKQR4Kg-LtK6bGwHUijntwYz-7kR4EeX4E_SNbth9r_3F8GsnnQhtSG_MTZFlTgJ12Q4L1b7MHaNfuhJ7PltkYhF78YxlpzfiVsef3yH3JKDvka_pM7lkkIW0mHA0hs3Fn-DLrn6iKagYG0AkdZ42WSztXMS8ISzUyDW_FS0_ZpaPqihj96NfVe6rHchsIv6JgaOc1s0_zf9DvlX95qsFepQP3-2LLzaL0benh5fiZa2WVUu9WjxaKL1ALTxyH9pqP2JhSa56xFLG0QXfnVxRzzWkX21KmkjU_Idk5X6_dcpD2njAkn9xGhnIYS7bECz5KJeqI-JcJlGM751WeTsuYXnc6jlES9WtaQywFL0h8XXLCRtUMsJLbTO-hevs9iGLXxUxpEpWXAbq-PKV9xPne08fuJFpnjz8etgtOYbmFXJPQvltXT6s5ZJl-jqlozsAk2l8B3OJAoOE8KzJuHWJ_4vfzBOWWWmcGVIKuOaA3wYxXwq4o-tU4cXcwXXgGGXeO3dTyB1_jCXPn6114_94HmUVtq7oeSikIz88cYXzX4NvpQm6qpMJPB-qlA7Ak7JzHKILjUnsJqkN_JxBm_kmjSSUWr-ZCZY5SJDePXJ8y6VVgeuxuG8XM2PnC9DEcQbkXUmpM6b5GECpAmcnvhOy20FIm4KORcVapYqhayAvn2wtVGc4N4ssKVHsLiObw_jpS7WGWA9jVyvuw0keagAsKmgt-MUVpLZOAennjQtUwTRd5o1nLXqfDN5jCoHVkanObJ3ffh9BBbXLLAfB3sG0UarCJ2QezRt2FdiTZdfBP1ba4Cw3ZqUt-jCAN6tBwzOJJk9nfB0PuUt7jdy3ifsavPHXCx1M_DhwLHLIfd6PYiFK_0XLf39iG97F5VE0rZ7xja0fyM6FgKxWDR4syAz1g8oR4vyEIMNUXgb7EEMFSntRUgGmHb72astRxZ83k3fjrGeCIP0f3OjmLp8jVgCTeMWrh3xa1zsoBOBz-iBXLTp7Jou8hzobo4S25fu-i50drbGWZjf86tRCnjf7EnKdaerE1GdDMAN7OvIQpLAp1Tse1uMyueolnwegOg2rfwjNeCgtFJYzsluORrBFk7KBK4RumKX_95T7C88oP9OcIMd5gdS3qqXk7-hms9nLTOk_m99mc98sAAwKuxsXxJLPkj-ffa8ezbo_Fzb1srlSUU2uQ_H4cM7tNi9PKpm6VomMEWRay4hdxAYKBt8HX_m49pDTNf2ZsCwOfMlm-xXT9TQXFX-cPNYKbb-vbGnXbGTdfy60hoKXvaU8pjeHwAhEE0Pep6_fGDoWK9ydIQZE72VMtc_AEcduad40xgElZFeHojCKOzpV8YlIumxf5TFn0qli9C-42Uct97aHcsoXQDaLgSrD7ThF7ur-XlV3Kjkah_wXKY7aZxm1nPHlFZkHfPkzfPB5Gl1V-zUN3ohpQ7ATvr81oKpaBqnjaydVqnJSbroASif3c7EXHo9TurNuJulQW1rOEyftCXG3sVelCmdd0cc2zi5O5Nr1hay2Ye3b92XuSrI_799tP-SXmPZjHdCCD8BjggCVPuKq0DNTeBEAFqxSeawAYGrB-o0lasfdnDpkaUV1d1ese4EsDbIBdjFZ-EwElc9Khp5aIxhxN5QEzEoYHuh3MU4b7Id7JjzgbbWHS52qG-Ytl2-pCPBPuMZkNPbHLfO-HpNm-vDDoNRY4Z52GiBCrrYg0s4n3RqONtTca5p3_Vb2yesILRUXgt9KUbfpQXLkxdTGqsQSlu1iawNgs5ndVfuRvRdEjEyDRet4jJ_GdDY5mhOuJFT6PfOTQo3zFPjGkNdhkqvRyL9QxfzylsQCeoUVNGeKrUT8GlC8mQZ5LOWu9HtPh2JbsPzNznF-OEv9DCHSpP2woSP6L8zM0uQgobKOgg5xbL7TgRkrDu8wROk16U2LstgZRUhJs7HOl48aTaphU4s67BrgE6Mzt6aRED1VyzKPK4LSoyHmd7p3tukNo5qzaS73xlTj_lm2nJKQZYfhxD0n-1slgRxIewHMyI5gPSkM7kDDvY2mgu8-_W7iHa3KwZ14R_hH3DCwbgghCRwlQWW-EONzpRjudKXuMeGUwA80ftGDro1aig-JyPmRCyhOPzlFTPxTV2IySItbMwPL9_62rFB6WJxJ8KkuWgSKhoR7euhQpFH3fAdhmpGK5chgw7DPbFSNWx81RqBW76JbL3_18WNaIFGsqF2iJuJjjNBiqxUg4f87cFo012ttrFWJsMdPEPfHIOE6JlnXbTEIOZSQITi6d_dAsF5VeSIFKZbpQVc0wmPguvebORkhGYKMpn2xJbHXTncmFcFTTSOOu7PSE9fVxeDSMq0zzTTaiKP4c1JfjCVcEvRjPMGJCnYFEndPZBTWwIyXGT8XVCMwCj2tlXhb1mln8vOtiW6jBIq-Bs-UzOK_zB3m5_gJv_c1PpDLwSf778vC0n2czhGEKgpg-QdT997hAd6JbfWGdCZP6QC-VzFbzUjISv3hFqr4pgww7fc3ek6OvKI77z03O3HsI-aLslybmDWey-7DSDTwzoFWf67CL0-xVJHExck_g832tY5zWbq_bqxK1xzJvGQgUYiS330Lzmd9RTfTSI5PdkKxCm8DCwmGNv8c2j-RdIRVa3tHyTo0k-LGgvyxG55MjVa0Q6TYIqTUFXOAZz9mf3VaG40&cid=CAQSOwDICaaNqBukJysK3whGAsJjEi2IvP8uqEXaXRiUwu8WbRz0QQP2opwdDebCGGqkeavIdsoVIVy89nElGAE&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblogs.mtdv.me%2F&ds=l&xdt=1&iif=1&cor=5653905020808701000&adk=1726166460&idt=83&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDU5OTYyMzkyNTc0NgogIHNlcnZlcl9pcDogMTI2MDYwOTg5CiAgcHJvY2Vzc19pZDogMzUyMzY1MTg0OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 15EB 0
22 B 64ms
63ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDU5OTYyMzkyNTc0NgogIHNlcnZlcl9pcDogMTI2MDYwOTg5CiAgcHJvY2Vzc19pZDogMzUyMzY1MTg0OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTE1MzI0MDg5NjA5NjY1NTc4OTYKZGVidWdfa2V5OiAxMzg3NzQ4NjY4Mjk3NzA0NTMzMAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMxMjQ0OTEwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3Mzk5NDg5NjYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY1NjQ0MTYxMzMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTMxNTY5MzUKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZyYW1lLmlvIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x99056f434c42aa4f0000000000000000","13":"0x49b79e2a5fe23dd50000000000000000","14":"0x84813f839f1fdae20000000000000000","15":"0x2c3dba6ec793d29b0000000000000000"},"debug_key":"13877486682977045330","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9212252"]},"priority":"0","source_event_id":"11532408960966557896"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal123.js Show response
cdn.doubleverify.com/ Frame 15EB 60 KB
20 KB 15ms
15ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6387941&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j_f4-DnIMJmnwgQQ5h1eEg&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&turl=https://blogs.mtdv.me/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:26 GMT
Server: UploadServer
ETag: "c78e1b8588fb1329342920c4bf68cac1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19651
Expires: Wed, 20 Nov 2024 20:47:04 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 15EB 1 KB
926 B 33ms
32ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_957560809004&jsTagObjCallback=__tagObject_callback_957560809004&num=6&ctx=1828362&cmp=177894&plc=6387941&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=957560809004&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=119&bridua=3&dup=null&turl=https://blogs.mtdv.me/&chro=1&hist=2&winh=280&winw=500&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j_f4-DnIMJmnwgQQ5h1eEg&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=3.30&callbackName=__verify_callback_957560809004
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b8331e50ea7c1d18e0542c2deb6a8f855de64ff8882f8ad5502c938d71c4c225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 20:47:04 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/20/2023 20:47:04

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4549 38 KB
13 KB 16ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 258439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 15EB 18 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:03:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D08F 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbPieRxddZb-SPNyk9u8PgeOROAAAAAA4AeAEAg&bg=!t7SltPvNAAZxrfrxUa07ADQBe5WfOLuHsLsg0nMb_soSgBBRkOxoMBO9saDE1ljkm3dxHmNxeev8-P3SLZX4E1EQyI3NAgAAAGlSAAAAA2gBBwoAhRRq5EOsWnpD8JncDeTk5q5LXz4xUvULFeXeo20-qMqdeqTZa8Bl5b0owLM4dInImGNZnACXj7Rvi21g7Y3CsfjK4E2cpqlf0cuy2Vz5QOLjwDmkC7BlXlGYG5rcdsD9uxuB0570nh1wk_6xfZHJeZkMJvwKAYXu3HEug3PeY6eGdhaEnhCZAwCkbMUPVzrMK6FMM1jvA07ad_JOEJZND9q4BUV5_jr9FhTglZLXvzjxTGKZncgrP1A2xMk_Jcja0CgQvmcdJ9g7p1x2lEOscJ5Hm2k0cLQvkUp9mF9rm9UsujtgFD6_9QgUgRAS_IbwYs94JEGLKlk2FVGm8R6dG7X2u3Af5KzL6vZwWWdDzB_Z4CG76DXlDmn7MtcQkNV-h3iJQB3doZ7jK_GDXmVm5vFBDmX4Me0aktDZ1ZbKG3obQnc5XN2ykqRCwS9az09qh5YMDhOnj0sQzPUCVS1ZAWIMcyCNtcYdRAiw6gMFt5WgeteHC_4P7E6RpnhQc3X62sLAPQoWavfCnbkTgdqB0A4pWxXCHUWxYpRWOjB79M4KsVoayfB0-D3mM97HlQBVcObtQV2xfM2vaVNqsUFu4rER6tMpBYYO044d6HDP2JPE_ppzDbjGGeq9Q8J_PPA45IMs6myEXqMOmr7qp2_gior6w6GWwlqUTvPfmotAC8X5x9xHcTl6dkI2tnbSbx-5czcu5Ja3r3dp1dAaE0gVN57rMnEeTCR0-ViH-H5wRyLkdgHuorWBcapGti6Mpe334Eei0R1VwDbIrTqvL1lvEXFSRmtp7ryOsg_0KnO30W3by-vqXOg0ZhjB_nttG3l6TDqUKkoRCgsYudb2xie1N3gBnv2qw4tMNdE8yV3fEhc7ItQDVTwLJo35TaNLePILlf4OVEje8To_uWnzzF8oVsW1PEeLLJRblti8OLPZyCSWWMexDLZuaT09GWC_yYw2zxXUEw6BiESRtzj4HfNl1QnjKj77OFOz4fLtGBC_nIdIVg1w4nKHU9fpG4t94HeCMgrfbPIDFo5NXpq0s2_P63ySvrZo8d_wKfeX2426CiR4keoxGRbIFQ9SyM-vXp3_h9RrMNicpp2jF7vGeX8XNhnLBztT5DP8H8JC3A_7fRD9XFCP7T8LbL1QIzmuC7lxW2r0-FLMZZf0A_-E51kOTsj3ExVgDwvrnWiM2QilLl0S-dgiCGHn2lk

Requested by

Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C2A 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss72i53mbw1HFOJ9t7RL2bxMRhiCHHPVPOf-9S-GseawDCTr73v51zJgfcsXZw8tFsiV4PEbhd9-wE5mhY_3AEHM8gMb4yWB7f6T-ZiHirMYLVH39ZawS98hocp3C9AM74FNcKmwFozO7E6&sai=AMfl-YSbP4n_A2WtZ7Cbpi0Wl0jMIRfUixxfeE-n4BNFSN3Fdejh58XPJ95CqkPRg12Swp_9M-aPPkNu56v7Xal2ysI_y55Vxc7hFzXHgDFA-liz3wyM0zj5WXEeoq-o2UpHXJgMJUx2GFa8_w-RkjOx&sig=Cg0ArKJSzMtLobAZuz2tEAE&cid=CAQSTgDICaaNYsbNJ4YyU0CQNIdT2bDFxh1breHG0cIisdw8O2FmaKskkNpRKo_Py3dZBRzMuBBOFp2S97T6TZvBjvrQd_49SsV5d2eVHw31uBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3785916764&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700599621700&rpt=1761&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 15EB 59 KB
23 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 00:21:59 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4549 39 KB
15 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 B9689862.280410797;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2432479424;ord=k3ngnk;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fblogs.mtdv.me%2F$0;x... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 15EB 67 KB
30 KB 62ms
62ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2432479424;ord=k3ngnk;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fblogs.mtdv.me%2F$0;xdt=1;crlt=S!uVs(itv);stc=1;chaa=1;sttr=33;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8766a43995c0b0980da1cad3f8aeab362b867b29b8ad8d757bea94b03b8630b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30869
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 12224131752392196093
s0.2mdn.net/simgad/ Frame 15EB 144 KB
144 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2432479424;ord=k3ngnk;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fblogs.mtdv.me%2F$0;xdt=1;crlt=S!uVs(itv);stc=1;chaa=1;sttr=33;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:19:13 GMT
x-content-type-options: nosniff
age: 278871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Nov 2024 15:19:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 15EB 11 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:35:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15EB 0
0 52ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq5llWa_sxruZw6W2Z35lWSSVb1tpI9E8EfXpTp6lu3hx02z4y5Yfkp0gD6J4wwuspOkNkJXYM7XQxx4GXlORFI0CvRP9UrC9Eyx_yCl3PVNmWKUNBau1UjhuhN7Zc5C86tNyLEudsJ5KzzjMU5c7k4LpszrHl6u5A7C4&sai=AMfl-YSs9ZtLjITv912oITuOVjlh6UXgav61VoPt1moVTfQOnjtKSp3lPs3rwP_2PCcZpLEBqnw9yq4tYiY23D5udvYuz-y_Ltwag-kqbw&sig=Cg0ArKJSzPxPoKHBEuynEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.88583&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements4951.js Show response
cdn.doubleverify.com/ Frame 078C 424 KB
100 KB 15ms
14ms Script
application/javascript 2a02:26f0:1700:14::b856:fb5e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4951.js
Requested by: Host: blogs.mtdv.me
URL: https://blogs.mtdv.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 21 Nov 2023 20:47:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 10:52:29 GMT
Server: UploadServer
ETag: "b47e628f652d93d0e7ba169948af091c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102052
Expires: Wed, 20 Nov 2024 20:47:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 27B1 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 15EB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70b7633747b4a8879f5059043e37201b539735b7363b1cb7e46bf87e0b3926ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E1A6 38 KB
13 KB 163ms
162ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 258439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15EB 0
0 193ms
193ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq5llWa_sxruZw6W2Z35lWSSVb1tpI9E8EfXpTp6lu3hx02z4y5Yfkp0gD6J4wwuspOkNkJXYM7XQxx4GXlORFI0CvRP9UrC9Eyx_yCl3PVNmWKUNBau1UjhuhN7Zc5C86tNyLEudsJ5KzzjMU5c7k4LpszrHl6u5A7C4&sai=AMfl-YSs9ZtLjITv912oITuOVjlh6UXgav61VoPt1moVTfQOnjtKSp3lPs3rwP_2PCcZpLEBqnw9yq4tYiY23D5udvYuz-y_Ltwag-kqbw&sig=Cg0ArKJSzPxPoKHBEuynEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&vt=11&dtpt=80&dett=2&cstd=0&cisv=r20231109.88583&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 078C 699 B
732 B 193ms
193ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=104&ttfrms=9&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau3%3D%408D%5D%3EE5G%5D%3E6Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1700599624735636&jsCallback=dvCallback_1700599624735674&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4951&tgjsver=4951&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4005810911916944%26output%3Dhtml%26h%3D280%26adk%3D2823105954%26adf%3D317953380%26pi%3Dt.aa~a.752978351~rp.4%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700599622%26rafmt%3D1%26to%3Dqs%26pwprc%3D6986520281%26format%3D500x280%26url%3Dhttps%253A%252F%252Fblogs.mtdv.me%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700599622499%26bpp%3D2%26bdt%3D1549%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D2%26correlator%3D3854037993268%26frm%3D20%26pv%3D1%26ga_vid%3D806516975.1700599621%26ga_sid%3D1700599622%26ga_hid%3D1668729163%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D240%26ady%3D1666%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44802212%252C31079265%252C31079605%252C44809316%252C31078297%252C31079654%252C44806141%252C44807764%252C44808148%252C44808284%252C44809057%26oid%3D2%26pvsid%3D3923906846655856%26tmod%3D1616098708%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D3&fcifrms=8&brh=2&dvp_epl=242&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://blogs.mtdv.me/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j_f4-DnIMJmnwgQQ5h1eEg&DVP_DBM_1=3060631&DVP_DBM_2=22886460&DVP_DBM_3=16564416133&DVP_DBM_4=413156935&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1683132450869&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=197392177.93225637&ee_dp_sukv=197392177.93225637&dvp_tukv=75036316673.60803&ee_dp_tukv=75036316673.60803&dvp_strhd=0.09999847412109375&dvpx_strhd=0.09999847412109375&dvp_tuid=1468553087128&jurtd=279910347
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4951.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b020b0d9b2584f3968f0c670081316af729d5e006de28716078dc719b92c6983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 20:47:04 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/20/2023 20:47:04

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 27B1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1&google_push=AXcoOmRjS7y3-FTIvBm7VjVH_Dk3A9wG9jv9yBjyuy3z8BhkoLKeNUbJg9a-5zi9c_Nx4ZvLGRgBa6EjQyrAeHcPfU_ZerCpRMILEN0v
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM5Nzc5MTU1NjQzNzkyODI2Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1

43 B
398 B

66ms
65ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcxDbVH3VomuY8zeu6Coas&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 27B1 0
104 B 186ms
26ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAgEa--DmvPzDTNfy5Ka1Yo&google_cver=1&google_push=AXcoOmTnCyiazCZk9vb_tZ1HYORWuTBv4PD1ZmCV5NA3f53NEfcia_6s5yIx6u5-vlNPj9EMeO6OOQH5DXkodym2SPHv3V9lQt8TVJ02
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 27B1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGT-QQlxENhnlKtguEdr62Y&google_cver=1&google_push=AXcoOmTUHlKJuWEJk5vut-4pIXq7wh1_z-CwjQLwv2z3pcc2-M6_xuNi0oqV6cz2KqSbKJ-1zAEaafwv2VYX1fzM0wqn7s_eHMgkxyoz
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E40B1C5759DD4F87A096A5881485590E&google_push=AXcoOmTUHlKJuWEJk5vut-4pIXq7wh1_z-CwjQLwv2z3pcc2-M6_xuNi0oqV6cz2KqSbKJ-1zAEaafwv2VYX1fz...

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E40B1C5759DD4F87A096A5881485590E&google_push=AXcoOmTUHlKJuWEJk5vut-4pIXq7wh1_z-CwjQLwv2z3pcc2-M6_xuNi0oqV6cz2KqSbKJ-1zAEaafwv2VYX1fzM0wqn7s_eHMgkxyoz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 20:47:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E40B1C5759DD4F87A096A5881485590E&google_push=AXcoOmTUHlKJuWEJk5vut-4pIXq7wh1_z-CwjQLwv2z3pcc2-M6_xuNi0oqV6cz2KqSbKJ-1zAEaafwv2VYX1fzM0wqn7s_eHMgkxyoz
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Nov 2023 20:47:04 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 27B1 70 B
149 B 202ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM0v36dNGT13Rn-VanBeZOM&google_cver=1&google_push=AXcoOmRkYFL1pWI2plBJACIHlYykuBLxgIlfwuDvcHa5iUWsKvbJBqOWJaAm0UzkEL6uo1dZ1W-jLexrlN64NTaQSUU3nr0ElHIhEfU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 20:47:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 27B1
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEJiMv66dOGgNC1ZAdOokQyc&google_cver=1&google_push=AXcoOmTk10fzKbnES401bQc5QOzJ-t1c1Ez23SG2PW3xzZ1QVmw3vfoLPRwQXFXT3HZU0jERu0R4w8Z...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTk10fzKbnES401bQc5QOzJ-t1c1Ez23SG2PW3xzZ1QVmw3vfoLPRwQXFXT3HZU0jERu0R4w8ZtzmH0NwdHCAw-zQ3xLKnScSvy&google_hm=s7OELiUdRzysi...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTk10fzKbnES401bQc5QOzJ-t1c1Ez23SG2PW3xzZ1QVmw3vfoLPRwQXFXT3HZU0jERu0R4w8ZtzmH0NwdHCAw-zQ3xLKnScSvy&google_hm=s7OELiUdRzysim59pWUT-oM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTk10fzKbnES401bQc5QOzJ-t1c1Ez23SG2PW3xzZ1QVmw3vfoLPRwQXFXT3HZU0jERu0R4w8ZtzmH0NwdHCAw-zQ3xLKnScSvy&google_hm=s7OELiUdRzysim59pWUT-oM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 27B1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENDT5gKcIp7pJ-HPCqBjuNU&google_cver=1&google_push=AXcoOmRcAijIo_hdUcaYGPgX6t9ORFF9fhW5J2nxeeqpoKh5NJZ3AT3J8eakrU4SvGGPr0nDX_7qBCTh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENDT5gKcIp7pJ-HPCqBjuNU&google_cver=1&google_push=AXcoOmRcAijIo_hdUcaYGPgX6t9ORFF9fhW5J2nxeeqpoKh5NJZ3AT3J8eakrU4SvGGPr0nDX_7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5MjIwMDMxNTAwNjkyODQ1Mw&google_push=AXcoOmRcAijIo_hdUcaYGPgX6t9ORFF9fhW5J2nxeeqpoKh5NJZ3AT3J8eakrU4SvGGPr0nDX_7qBC...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5MjIwMDMxNTAwNjkyODQ1Mw&google_push=AXcoOmRcAijIo_hdUcaYGPgX6t9ORFF9fhW5J2nxeeqpoKh5NJZ3AT3J8eakrU4SvGGPr0nDX_7qBCThnqgq3UDCaXfxi0-Es4qpDsI

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5MjIwMDMxNTAwNjkyODQ1Mw&google_push=AXcoOmRcAijIo_hdUcaYGPgX6t9ORFF9fhW5J2nxeeqpoKh5NJZ3AT3J8eakrU4SvGGPr0nDX_7qBCThnqgq3UDCaXfxi0-Es4qpDsI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 27B1
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKJ3j3yYUb-r...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS7mR4UWnQCcxbI5pWOaF_9FQ8lvThG_-ym5kv49bn6Iz55Jp1cV8x-P71ZKNCy34Y3_VD2VgJN5jMOZSx9dTMbd3PR6I5JWOeGxQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

36ms
35ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 20:47:04 GMT
pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 20:47:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 27B1 0
12 B 123ms
123ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0e2UE0P29Zba010kqSmxHDfxfTrQneMGqZjD2jxy22chSuM8axk93Pe1DIabXNXjPOQmYig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&adk=2823105954&adf=317953380&pi=t.aa~a.752978351~rp.4&w=500&fwrn=4&fwrnh=100&lmt=1700599622&rafmt=1&to=qs&pwprc=6986520281&format=500x280&url=https%3A%2F%2Fblogs.mtdv.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700599622499&bpp=2&bdt=1549&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3854037993268&frm=20&pv=1&ga_vid=806516975.1700599621&ga_sid=1700599622&ga_hid=1668729163&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C31079265%2C31079605%2C44809316%2C31078297%2C31079654%2C44806141%2C44807764%2C44808148%2C44808284%2C44809057&oid=2&pvsid=3923906846655856&tmod=1616098708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS