blogr.my Open in urlscan Pro
103.10.78.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://blogr.my/
Effective URL:
https://blogr.my/
Submission: On August 29 via manual (August 29th 2023, 4:08:02 pm UTC) from MY — Scanned from DE

Summary HTTP 188 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 12 domains to perform 188 HTTP transactions. The main IP is 103.10.78.30, located in Klang, Malaysia and belongs to STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY. The main domain is blogr.my.
TLS certificate: Issued by R3 on July 14th 2023. Valid for: 3 months.

This is the only time blogr.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	103.10.78.30 103.10.78.30	150172 (STSB-AS-A...) (STSB-AS-AP Serverfreak Technologies Sdn Bhd)
39	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5 9	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	63.34.215.180 63.34.215.180	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	2600:9000:238... 2600:9000:238d:9000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:1f18:1ac... 2600:1f18:1aca:4280:e4b5:5a4b:14:3110	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:818::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:e::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
188	23

18 103.10.78.30 (Klang, Malaysia) 1 redirects

ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY)
PTR: xenon.sfdns.net

blogr.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.141 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.34.215.180 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-215-180.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:238d:9000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:818::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:e::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edn6r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	692 KB
29	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 bid.g.doubleclick.net — Cisco Umbrella Rank: 825	315 KB
21	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net — Cisco Umbrella Rank: 1220 r5---sn-4g5edn6r.c.2mdn.net	2 MB
19	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 914 static.adsafeprotected.com — Cisco Umbrella Rank: 632 dt.adsafeprotected.com — Cisco Umbrella Rank: 586	201 KB
18	blogr.my 1 redirects blogr.my	598 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	160 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	6 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 510	137 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	5 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	461 B
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	340 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
188	12

	Domain	Requested by
39	pagead2.googlesyndication.com	blogr.my pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
36	tpc.googlesyndication.com	googleads.g.doubleclick.net blogr.my tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
18	s0.2mdn.net	blogr.my s0.2mdn.net googleads.g.doubleclick.net
18	blogr.my	1 redirects blogr.my
16	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	dt.adsafeprotected.com	googleads.g.doubleclick.net blogr.my
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	www.googleadservices.com	blogr.my
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	blogr.my
4	fw.adsafeprotected.com	2 redirects blogr.my
3	fonts.gstatic.com	fonts.googleapis.com
2	r5---sn-4g5edn6r.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
188	24

This site contains no links.

Subject Issuer	Validity	Valid
blogr.my R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-22` - `2023-10-31`	2 months	crt.sh

This page contains 28 frames:

Primary Page: https://blogr.my/
Frame ID: B6F2655BC86BFE1A58A090AFF5680F00
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: DD3D5DAD5A67182551CDBFB7E08DDF0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&adk=1812271804&adf=3025194257&lmt=1693318077&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblogr.my%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276884&bpp=4&bdt=333&idt=193&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1817676986952&frm=20&pv=2&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: 8E2B1E69B0C1B9F37CB2C163151C5F88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=1240201226&adk=2639309505&adf=1096043579&pi=t.ma~as.1240201226&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276904&bpp=1&bdt=353&idt=206&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h3r19MQNtW&p=https%3A//blogr.my&dtd=210
Frame ID: 1EE0FF9FCB32BA5A111F695AB33C7067
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=4111004620&adk=3656320041&adf=1491903238&pi=t.ma~as.4111004620&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276908&bpp=1&bdt=357&idt=213&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8wJ0GNFsSN&p=https%3A//blogr.my&dtd=215
Frame ID: 1319849226FFE7EBEA1B9401F9D9E136
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=3782604081&adk=231165002&adf=1017458563&pi=t.ma~as.3782604081&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276911&bpp=1&bdt=360&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=954&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DpSXp1DszJ&p=https%3A//blogr.my&dtd=217
Frame ID: 255208BF7F6B1B274DA4082C20BD70AA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Frame ID: 8C42246ECB30164B474CB9E0769DB036
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Frame ID: 5776E896ECC0A71F9189C6F69C1527B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNVeaOaQ4oDoowSwM7iXu8EdDIEWeX97VB1hZGGej4VJ1b5gN8H-t6HKF-XfsKrsLUZ5XT_Z9Atviulzvy08KO9TpmN1-i8XVa2ufJFUb1jDdxtdATd2fBhmV0_nBCidTuh3eyzV1cZ_yVhcx_rS5Hiv50BX5Dyb-Nb-pHcj5xU3rWSvI_8
Frame ID: 8B5F71066C21707D150E25732E20D22F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 965A1A3A145E7097DBC5FCC01EBBA329
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1on9xAEwAQ&v=APEucNWJuL4Tu9v1zARcVf0sFhn34fZEFaH02io0jtkb3FlU6B4CVbhs_xE3OiIO7-9rKadZvNfxU2qUQ9rWkUXfyvJIyi_IXRBgE9OyohqV2rGkB4oWx4QvncWyEMIhUQo6hkCQU1D8ysfZsb_vsTEV-CA5amez1nrjjbkx5GIdo3y2GzcEZZc
Frame ID: 9D49CBDC2C24CAC465A7584724A7D70B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 43D6B15AC0C87EEA2BE9AA1EB09FDA4B
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 312748620DB13FAE731F0E019521C16A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: D6E34A2A2A0B77300BFC8D41D559C6A9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 03B6A5FEB9C5C2187BF3A93CBF49E700
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
Frame ID: 2D17EDBB3374BB5EFE0770965F1B11C5
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B73F6BBF3816733178F3450CC28BC6EA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7B2F58D6EFF19823994DAEFCBE746750
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: 52A063D8AE399249334F18E5B1BBC861
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2F23395449399F6C2768CC55777CC3A7
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js
Frame ID: 93087BFAF2333ECFFEB20402C35E05DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js
Frame ID: 49C9E181A6CF5BC2AE61266CAF418D50
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js
Frame ID: 5898EE262358B77791D543B423A30212
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js
Frame ID: 6B8188336DCBC94DEA1BE2D1CF09D8FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js
Frame ID: 5029B57CCF00EF507DEF5EFC668CC70F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3B058AA3FBA9BD125A20D1B889EA40CA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3D8315B3D98A5F3D1CFFBCBFC2AD323
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F31A213587C2E3F7DE169FCC5DFEA1E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BLOGR.MY - Bantuan Rakyat Malaysia

Page URL History Show full URLs

http://blogr.my/ HTTP 301
https://blogr.my/ Page URL
https://blogr.my/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

188
Requests

93 %
HTTPS

65 %
IPv6

12
Domains

24
Subdomains

23
IPs

6
Countries

4824 kB
Transfer

9182 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://blogr.my/ HTTP 301
https://blogr.my/ Page URL
https://blogr.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://blogr.my/ HTTP 301
https://blogr.my/

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1&C=1

Request Chain 48

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO4X3bwLh6PH09DAx59PowAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKy_xnBfgXrzwt6cU2nFbt8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKy_xnBfgXrzwt6cU2nFbt8%26google_cver%3D1

Request Chain 50

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1

Request Chain 52

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO4X3bwLh6PH09DAx59PowAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKy_xnBfgXrzwt6cU2nFbt8&google_cver=1

Request Chain 54

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2

Request Chain 84

https://fw.adsafeprotected.com/rfw/st/987057/61527023/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5965847349382843&ias_chanId=1&ias_placementId=20343401411&bidurl=https://blogr.my/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j3IuZV-bbn_eiuWsxSuikY&adContainerId=brand_safety_3RfuZKHKOLbAx_APsOCtqAM&cbFunctionName=goog_wrapCb_3RfuZKHKOLbAx_APsOCtqAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fblogr.my&adsafe_type=g&adsafe_url=https%3A%2F%2Fblogr.my%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5965847349382843%26output%3Dhtml%26h%3D100%26slotname%3D7145104337%26adk%3D746720826%26adf%3D3999027082%26pi%3Dt.ma~as.7145104337%26w%3D320%26lmt%3D1693318077%26format%3D320x100%26url%3Dhttps%253A%252F%252Fblogr.my%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693325276914%26bpp%3D1%26bdt%3D363%26idt%3D215%26shv%3Dr20230828%26mjsv%3Dm202308240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D28c2e92ab9d45a79-220fda0b60de009b%253AT%253D1693325277%253ART%253D1693325277%253AS%253DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA%26gpic%3DUID%253D00000c69d44fd965%253AT%253D1693325277%253ART%253D1693325277%253AS%253DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ%26prev_fmts%3D0x0%252C300x600%252C300x600%252C300x600%26nras%3D1%26correlator%3D1817676986952%26frm%3D20%26pv%3D1%26ga_vid%3D38835051.1693325277%26ga_sid%3D1693325277%26ga_hid%3D2114086089%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31077318%252C44799956%252C31076996%252C31077451%26oid%3D2%26pvsid%3D3826488355452675%26tmod%3D1653958735%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fblogr.my%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfnEr%257C%26abl%3DCF%26pfx%3D0%26fu%3D32768%26bc%3D31%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26xpc%3DQH0q101AV4%26p%3Dhttps%253A%2F%2Fblogr.my%26dtd%3D217&adsafe_type=bed&adsafe_jsinfo=,id:2ba4a4aa-5d65-b915-762d-5695a8558ced,c:mHuWaM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-4jtl8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161*.987057-61527023%7C1611%7C16121%7C1613%7C1711%7C17121%7C1713,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:19,oid:3861cf1c-4686-11ee-b3fc-5297989f80a1,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZKHKOLbAx_APsOCtqAM&cbFunctionName=goog_wrapCb_3RfuZKHKOLbAx_APsOCtqAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js

Request Chain 86

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5965847349382843&ias_chanId=1&ias_placementId=20343401207&bidurl=https://blogr.my/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h20afM4z_fLSUfj4HJfY_I&adContainerId=brand_safety_3RfuZNTQN7nDx_APrvqsmAw&cbFunctionName=goog_wrapCb_3RfuZNTQN7nDx_APrvqsmAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fblogr.my&adsafe_type=g&adsafe_url=https%3A%2F%2Fblogr.my%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5965847349382843%26output%3Dhtml%26h%3D90%26slotname%3D1865691642%26adk%3D2030624934%26adf%3D1283340349%26pi%3Dt.ma~as.1865691642%26w%3D970%26lmt%3D1693318077%26format%3D970x90%26url%3Dhttps%253A%252F%252Fblogr.my%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693325276918%26bpp%3D1%26bdt%3D367%26idt%3D216%26shv%3Dr20230828%26mjsv%3Dm202308240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D28c2e92ab9d45a79-220fda0b60de009b%253AT%253D1693325277%253ART%253D1693325277%253AS%253DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA%26gpic%3DUID%253D00000c69d44fd965%253AT%253D1693325277%253ART%253D1693325277%253AS%253DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ%26prev_fmts%3D0x0%252C300x600%252C300x600%252C300x600%252C320x100%26nras%3D1%26correlator%3D1817676986952%26frm%3D20%26pv%3D1%26ga_vid%3D38835051.1693325277%26ga_sid%3D1693325277%26ga_hid%3D2114086089%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D315%26ady%3D1099%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31077318%252C44799956%252C31076996%252C31077451%26oid%3D2%26pvsid%3D3826488355452675%26tmod%3D1653958735%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fblogr.my%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D6%26uci%3Da!6%26fsb%3D1%26xpc%3DPXdP1aIX5a%26p%3Dhttps%253A%2F%2Fblogr.my%26dtd%3D218&adsafe_type=bed&adsafe_jsinfo=,id:1bca9599-b62d-5210-9c3b-bf29df6b7bb2,c:mHuWbp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-kqdsv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tOl6iE2+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:3861cec3-4686-11ee-9e0b-8aeb38f077ae,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZNTQN7nDx_APrvqsmAw&cbFunctionName=goog_wrapCb_3RfuZNTQN7nDx_APrvqsmAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 142

https://googleads.g.doubleclick.net/pagead/adview?ai=CSqdu3RfuZI2HCbrB1fAPsKOCiAyf4-LuatKL7Y7wEaig-v-ACRABILi1qXJglfrwgYwHoAHx1I6SAsgBCakCLAj9bDMhsj6oAwHIA8sEqgTSAU_QpphvEEfcjlLmEbmoIG5k7_Nvhvn7fbWVrPOiYBBNWCqvhnVgrpLtMQX-G8cTVaOFTYXQVi2fv3sbMt_57o3lr3yDtYGeFLiUtAcgHBiWRXlhQCiTOSZzML1NQgVYKO0TeyHYcyPXdSkIZscvxf-ST6Oh12wbrB8zSXI7bURE-VzNP-sNF5NXQhv6_nWw4Nco1CtdcEjkJrZCrma5Pi18bpL4A4-WWjb4q0rPiBscc1flb24V7lKfrQAbTDObe0hzfIFyasnL9M5SzrOWeqmba8AEk6y5gLADiAXPwNHxKZIFBAgEGAGSBQQIBRgEoAYugAf3qvHtAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOLTGNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSBodHRwczovL3d3dy5zdW5ueXNpZGUtZmFzdGVuLmRlL4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi01OTY1ODQ3MzQ5MzgyODQzGAA&sigh=QCyXjY0Ls7g&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW1-d9h5Wzcn-5HFbOFFqUiEJH76R6IBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213393424773592936783%22,%22debug_reporting%22:true,%22destination%22:%22https://sunnyside-fasten.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22574859889%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228639144509886079825%22}&andc=true

Request Chain 151

https://googleads.g.doubleclick.net/pagead/adview?ai=CkS2q3RfuZKb8CPaE1fAP3vyUSMugqfZxgpKpts8Q5saMhcQ2EAEguLWpcmCV-vCBjAegAaOw-fMCyAEJqQIsCP1sMyGyPqgDAcgDywSqBL8BT9DERee2l_c9zRMDI1DXzzjn4ek3cRRFOLJlBJw5uEuLFDfciUIWrAsoma4M2Rn2RVKdeHT-3DsivNIZRvH2c8l4KK7OiK_g_ANbFal5yFvACYASpUSHkjhNynUq-iaptRn0ipL4AkIZoA_-hpQ-rlNSMmVLsa3y_C-hNKWhuL59ouqKpfZCPO74CGClKFuKGsd073FNOW-SCa2KHXs5wwG0jVAcyTpebe5lMXN1nLRvuLcFL7zSrbf1rk0sX-PABJ_dx8iiBIgF4J2JjUqSBQQIBBgBkgUECAUYBKAGLoAHxc-GjAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDG4RnSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk_aHR0cHM6Ly93d3cudGllcnNjaHV0emJ1bmQuZGUvaGVsZmVuL2RhdWVyaGFmdC1oZWxmZW4vdGVzdGFtZW50gAoByAsB2BMNiBQG0BUBmBYBgBcBshccChoIABIUcHViLTU5NjU4NDczNDkzODI4NDMYAA&sigh=vrdKpR5utpI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW6OeQQLsT9rohzqFU8ncE4y14E2LWyxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221247429210566298800%22,%22debug_reporting%22:true,%22destination%22:%22https://tierschutzbund.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22780032035%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211589379098121692065%22}&andc=true

Request Chain 165

https://googleads.g.doubleclick.net/pagead/adview?ai=CTiiu3RfuZIWmCfKV1fAP2b2-4APLoKn2cZzn1eHdEebGjIXENhABILi1qXJglfrwgYwHoAGjsPnzAsgBCakCLAj9bDMhsj6oAwHIA8sEqgS_AU_Q-aX8RnXzM_0GbNW_wj1_oFVpP4OoTm5TmgQaeJHBnCTWR9O24v5x1in9cHNcqNCovtUiAIFfeJFWgon2YDn_lMDtXVxtbam8BEBEZkxSlaYdvEoQMjpgZ36RkRzgaSsrvo_xzEIxm4QqUQ08jBbO8JYDvEYv3vd8m9IyXS9bhC2cyhDYEVLGBxNVfKKUZOZ1FxsZlRVyHY0lt_QMygge4sS5dh3SVfhedJTViCq3hIE-SwwVwIVyiwHVeKCwwASf3cfIogSIBeCdiY1KkgUECAQYAZIFBAgFGASgBi6AB8XPhowBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp8gc0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJT2h0dHBzOi8vd3d3LnRpZXJzY2h1dHpidW5kLmRlL2hlbGZlbi9kYXVlcmhhZnQtaGVsZmVuL3Rlc3RhbWVudC9iZXN0ZWxsZm9ybXVsYXKACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTk2NTg0NzM0OTM4Mjg0MxgA&sigh=tfoPSXIUFPE&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWXh4ioU5DOFfu9MjmpKtOYA8k8xhEdhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225416968729535200044%22,%22debug_reporting%22:true,%22destination%22:%22https://tierschutzbund.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22780032035%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222883074336247060977%22}&andc=true

Request Chain 181

https://gcdn.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/38CFD950C0638DF13F0B33918B04DA075391920F.7F4016589EA28B72E1959818C9967F02682FCB2B/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5edn6r.c.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66EB8F06BC2AD1B5D61EF28FC23A09703C065D59.2867EBE06BD0AE3F1958471851D4D0B5C3FC800F/key/cms1/cms_redirect/yes/mh/kr/mip/2a02:6ea0:c71b:0:1011:27f2:92ba:88d6/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1693324025/mv/u/mvi/5/pl/48/file/file.mp4

188 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
blogr.my/
Redirect Chain

http://blogr.my/
https://blogr.my/

63 KB
15 KB

626ms
311ms

Document
text/html

103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed / PHP/7.4.33
Resource Hash: a972887227ba0b62e8846c488acd7f4989a23ef68c83fdba8d32f3bb4373139e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 16:07:54 GMT
etag: "12627-1692885794;br"
link: <https://blogr.my/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33
x-ua-compatible: IE=edge

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 16:07:54 GMT
location: https://blogr.my/
server: LiteSpeed
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
x-ua-compatible: IE=edge

GET
H2 200 1b488d760314465f9ba6ed0c050b03ce.css
blogr.my/wp-content/litespeed/css/ 231 KB
40 KB 158ms
158ms Stylesheet
text/css 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-content/litespeed/css/1b488d760314465f9ba6ed0c050b03ce.css?ver=7e35f
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 99499332c932e5aa9060dd742b6536c6a2ee6e89560384a22398406a8a244751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:55 GMT
content-encoding: br
last-modified: Tue, 22 Aug 2023 11:29:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 40991
expires: Wed, 28 Aug 2024 22:07:55 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79466104689850b5e6ba09317bcdc829e1ed83efd1f0b1d37b6235e9b17e3208

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
blogr.my/wp-content/themes/fredd/font-awesome/webfonts/ 147 KB
147 KB 158ms
157ms Font
font/woff2 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-content/themes/fredd/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: blogr.my
URL: https://blogr.my/wp-content/litespeed/css/1b488d760314465f9ba6ed0c050b03ce.css?ver=7e35f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Request headers

Referer: https://blogr.my/wp-content/litespeed/css/1b488d760314465f9ba6ed0c050b03ce.css?ver=7e35f
Origin: https://blogr.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:55 GMT
last-modified: Wed, 02 Aug 2023 13:27:42 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 150124
expires: Wed, 28 Aug 2024 22:07:55 GMT

POST
H3 200 guest.vary.php
blogr.my/wp-content/plugins/litespeed-cache/ 16 B
213 B 855ms
855ms Fetch
text/html 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
content-length: 20

GET
H3 200 EGUMIS-Cara-Semak-Wang-Tak-Dituntut-Secara-Online-2023.jpg
blogr.my/wp-content/uploads/2023/08/ 16 KB
16 KB 164ms
163ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/EGUMIS-Cara-Semak-Wang-Tak-Dituntut-Secara-Online-2023.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 6d5dda96bdc1de2d8bda7a2f90d5907bfa82bdb5a6f09a4878ff0d8adda7ee62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Thu, 24 Aug 2023 09:16:07 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 15932
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 Pantun-Merdeka-4-Kerat-Sempena-Bulan-Kemerdekaan-Malaysia.jpg
blogr.my/wp-content/uploads/2023/08/ 18 KB
18 KB 167ms
166ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/Pantun-Merdeka-4-Kerat-Sempena-Bulan-Kemerdekaan-Malaysia.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 92ef47f6586f999efc4c2ea84218c348c9889df21a7f58a7695da6a2df9d8be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Thu, 24 Aug 2023 05:38:18 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 18286
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 Primary Request / Show response
blogr.my/ 58 KB
14 KB 159ms
158ms Document
text/html 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 40a57fd86b3449a701c9c69553f28a26385361b14c748ed94c72776a697f4abf

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 14492
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 16:07:56 GMT
etag: "12632-1692886156;br"
link: <https://blogr.my/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33
x-ua-compatible: IE=edge

GET
H3 200 1b488d760314465f9ba6ed0c050b03ce.css
blogr.my/wp-content/litespeed/css/ 231 KB
40 KB 158ms
158ms Stylesheet
text/css 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-content/litespeed/css/1b488d760314465f9ba6ed0c050b03ce.css?ver=7e35f
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 99499332c932e5aa9060dd742b6536c6a2ee6e89560384a22398406a8a244751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
content-encoding: br
last-modified: Tue, 22 Aug 2023 11:29:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 40991
expires: Wed, 28 Aug 2024 22:07:56 GMT

GET
H3 200 jquery.min.js Show response
blogr.my/wp-includes/js/jquery/ 85 KB
29 KB 221ms
221ms Script
application/javascript 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-includes/js/jquery/jquery.min.js
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
content-encoding: br
last-modified: Tue, 08 Aug 2023 23:08:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 29712
expires: Wed, 28 Aug 2024 22:07:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 76ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5965847349382843

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98e19db725b717d6e69870c4832fd86e2fa491fa4ca181568198dba45c605323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Origin: https://blogr.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51315
x-xss-protection: 0
server: cafe
etag: 17165057121897146976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:56 GMT

GET
H3 200 EGUMIS-Cara-Semak-Wang-Tak-Dituntut-Secara-Online-2023.jpg
blogr.my/wp-content/uploads/2023/08/ 16 KB
16 KB 223ms
223ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/EGUMIS-Cara-Semak-Wang-Tak-Dituntut-Secara-Online-2023.jpg
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 6d5dda96bdc1de2d8bda7a2f90d5907bfa82bdb5a6f09a4878ff0d8adda7ee62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Thu, 24 Aug 2023 09:16:07 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 15932
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 Pantun-Merdeka-4-Kerat-Sempena-Bulan-Kemerdekaan-Malaysia.jpg
blogr.my/wp-content/uploads/2023/08/ 18 KB
18 KB 158ms
158ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/Pantun-Merdeka-4-Kerat-Sempena-Bulan-Kemerdekaan-Malaysia.jpg
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 92ef47f6586f999efc4c2ea84218c348c9889df21a7f58a7695da6a2df9d8be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Thu, 24 Aug 2023 05:38:18 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 18286
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 Sajak-Merdeka-Terbaik-Oleh-Sasterawan-Negara-Malaysia.jpg
blogr.my/wp-content/uploads/2023/08/ 17 KB
17 KB 158ms
158ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/Sajak-Merdeka-Terbaik-Oleh-Sasterawan-Negara-Malaysia.jpg
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 84edcb775f3c54921db573d8e452e02b5ab48307db22965f87e81e0326a2576e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Tue, 22 Aug 2023 09:24:30 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 17658
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 21370dcdc0d4e638f1673b1aa837865a.js Show response
blogr.my/wp-content/litespeed/js/ 15 KB
4 KB 173ms
173ms Script
application/javascript 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-content/litespeed/js/21370dcdc0d4e638f1673b1aa837865a.js?ver=7e35f
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 1faf4fc4c8989275a805a7e37ab04e24aa2b370ff4c012d9396722b361955feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
content-encoding: br
last-modified: Tue, 22 Aug 2023 11:29:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4077
expires: Wed, 28 Aug 2024 22:07:56 GMT

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 191 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7abed2865980f5e28cd61e2c5d9dbb3b5ec1657ffedaacef478101fcfa625a70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 319 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac17929cb54b4d8074a7e3823fbe14193ecf2a0b5ff247f7fc7c175534e5b14b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 259 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2909117400dcc95f99cbcc62930bce751a820266f346a6e676aa573f71e922c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 122 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17b767f85a14d9d6e5ec49c39498113f8453bbcf4abf90153034a0704f20faa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 fa-solid-900.woff2
blogr.my/wp-content/themes/fredd/font-awesome/webfonts/ 147 KB
147 KB 170ms
169ms Font
font/woff2 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogr.my/wp-content/themes/fredd/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: blogr.my
URL: https://blogr.my/wp-content/litespeed/css/1b488d760314465f9ba6ed0c050b03ce.css?ver=7e35f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Request headers

Referer: https://blogr.my/wp-content/litespeed/css/1b488d760314465f9ba6ed0c050b03ce.css?ver=7e35f
Origin: https://blogr.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Wed, 02 Aug 2023 13:27:42 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 150124
expires: Wed, 28 Aug 2024 22:07:56 GMT

GET
H3 200 Senarai-Cawangan-CU-Mart-Di-Seluruh-Malaysia.jpg
blogr.my/wp-content/uploads/2023/08/ 14 KB
14 KB 261ms
261ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/Senarai-Cawangan-CU-Mart-Di-Seluruh-Malaysia.jpg
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 393dfd473febbee00ac032047d37f8bf2664ddbc900d2aa27ad2977728f03c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Tue, 22 Aug 2023 03:03:21 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 14450
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 Pengeluaran-kwsp-Untuk-haji.jpg
blogr.my/wp-content/uploads/2023/08/ 38 KB
38 KB 269ms
269ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/Pengeluaran-kwsp-Untuk-haji.jpg
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 36b9588247bcd90896742f6eafdf314a972f935346cec80259d6aa373f01b866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Mon, 21 Aug 2023 16:28:05 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 38922
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 4-Jenis-Pengeluaran-KWSP-Yang-Dibenarkan.jpg
blogr.my/wp-content/uploads/2023/08/ 24 KB
24 KB 293ms
293ms Image
image/webp 103.10.78.30
STSB-AS-AP Server...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogr.my/wp-content/uploads/2023/08/4-Jenis-Pengeluaran-KWSP-Yang-Dibenarkan.jpg
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.10.78.30 Klang, Malaysia, ASN150172 (STSB-AS-AP Serverfreak Technologies Sdn Bhd, MY),
Reverse DNS: xenon.sfdns.net
Software: LiteSpeed /
Resource Hash: 27a6d90cfadd7ab802442584d5950b5e4a16bcd01f6ce40b34fa501fdf538c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
last-modified: Mon, 21 Aug 2023 16:31:59 GMT
server: LiteSpeed
vary: Accept
content-type: image/webp
cache-control: private
accept-ranges: bytes
content-length: 24654
expires: Wed, 28 Aug 2024 16:07:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 387 KB
131 KB 91ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5965847349382843&plah=blogr.my&bust=31077451

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5965847349382843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be31fa9be7263303f5cd0d6ef2ba3cf61de57e0dea683afd335c761588c89eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134177
x-xss-protection: 0
server: cafe
etag: 2404487242788580207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame DD3D 10 KB
5 KB 27ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5965847349382843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 18:01:26 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 18:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
461 B 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blogr.my&callback=_gfp_s_&client=ca-pub-5965847349382843

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5965847349382843&plah=blogr.my&bust=31077451

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38d3961a6d6eda621092d295d704d963f12570d01179d7edf0dc336ed4b1cae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E2B 279 KB
65 KB 1332ms
1331ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&adk=1812271804&adf=3025194257&lmt=1693318077&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblogr.my%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276884&bpp=4&bdt=333&idt=193&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1817676986952&frm=20&pv=2&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96ed373c16ce1eeb243114d79bcb828417ed889a9bba81931b98b48ae89ec34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66079
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:58 GMT
expires: Tue, 29 Aug 2023 16:07:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
106ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=iklan_terapung_desktop&cls=ads-floating-desktop&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EE0 120 KB
40 KB 1353ms
1353ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=1240201226&adk=2639309505&adf=1096043579&pi=t.ma~as.1240201226&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276904&bpp=1&bdt=353&idt=206&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h3r19MQNtW&p=https%3A//blogr.my&dtd=210

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108c1a01d5cdd4a71caea88fd9a369d2a7b58d9e178a905c2e9f7f72544efa20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40834
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:58 GMT
expires: Tue, 29 Aug 2023 16:07:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1319 120 KB
40 KB 1462ms
1462ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=4111004620&adk=3656320041&adf=1491903238&pi=t.ma~as.4111004620&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276908&bpp=1&bdt=357&idt=213&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8wJ0GNFsSN&p=https%3A//blogr.my&dtd=215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702d5924e83a746e7a6bac12d1e284d22adaaf1b338c6721ceaf3dad49f8f032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40899
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:58 GMT
expires: Tue, 29 Aug 2023 16:07:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2552 120 KB
40 KB 1113ms
1113ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=3782604081&adk=231165002&adf=1017458563&pi=t.ma~as.3782604081&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276911&bpp=1&bdt=360&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=954&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DpSXp1DszJ&p=https%3A//blogr.my&dtd=217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

134f1c5bc31238ae7e78f9a57839d386ff681a9b6f6526741b54e2940e137adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:58 GMT
expires: Tue, 29 Aug 2023 16:07:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C42 24 KB
10 KB 649ms
649ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fac84500fb48995abc36547a605db01af304853fbfa53ec7b940281c4a44c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10099
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:57 GMT
expires: Tue, 29 Aug 2023 16:07:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5776 24 KB
10 KB 585ms
584ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc0db1eb23ddf4de49650ecd53810fa4b26bfdae84a73a5e9ad2d3d2e8845c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10076
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:57 GMT
expires: Tue, 29 Aug 2023 16:07:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B5F 624 B
246 B 49ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNVeaOaQ4oDoowSwM7iXu8EdDIEWeX97VB1hZGGej4VJ1b5gN8H-t6HKF-XfsKrsLUZ5XT_Z9Atviulzvy08KO9TpmN1-i8XVa2ufJFUb1jDdxtdATd2fBhmV0_nBCidTuh3eyzV1cZ_yVhcx_rS5Hiv50BX5Dyb-Nb-pHcj5xU3rWSvI_8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:57 GMT
expires: Tue, 29 Aug 2023 16:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 965A 86 KB
29 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 965A 3 KB
1 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:49:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 965A 20 KB
8 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 965A 181 KB
57 KB 73ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 965A 42 B
63 B 105ms
104ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DH2CJqCR9dlGFg9vXf8KKgV25lMqwuzR4hiox1aUG2UUd22z_8ycIhjlJS8HOYTmUWJEXBbL7dwlbv3bplYCOMmZrjtR4J0ajlhbS-YFILrz5S0Ow

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 965A 0
20 B 106ms
105ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9577482515067244757&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9D49 624 B
242 B 48ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1on9xAEwAQ&v=APEucNWJuL4Tu9v1zARcVf0sFhn34fZEFaH02io0jtkb3FlU6B4CVbhs_xE3OiIO7-9rKadZvNfxU2qUQ9rWkUXfyvJIyi_IXRBgE9OyohqV2rGkB4oWx4QvncWyEMIhUQo6hkCQU1D8ysfZsb_vsTEV-CA5amez1nrjjbkx5GIdo3y2GzcEZZc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 43D6 86 KB
29 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 43D6 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:49:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 43D6 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43D6 181 KB
57 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43D6 42 B
63 B 107ms
106ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcPpEcGxxzu1UioNR0-1eYX7WjYnbKRayvU6G4ODLhOEM3hPv42ihJM8ptuRk5do6LTEMImhYCMihLRMaXFVnt-6RwiwZ255qHXfDLubEKwXsoZ0g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43D6 0
20 B 107ms
106ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12245579201213463526&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8B5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1&C=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNVeaOaQ4oDoowSwM7iXu8EdDIEWeX97VB1hZGGej4VJ1b5gN8H-t6HKF-XfsKrsLUZ5XT_Z9Atviulzvy08KO9TpmN1-i8XVa2ufJFUb1jDdxtdATd2fBhmV0_nBCidTuh3eyzV1cZ_yVhcx_rS5Hiv50BX5Dyb-Nb-pHcj5xU3rWSvI_8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 16:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 16:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8B5F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO4X3bwLh6PH09DAx59PowAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNVeaOaQ4oDoowSwM7iXu8EdDIEWeX97VB1hZGGej4VJ1b5gN8H-t6HKF-XfsKrsLUZ5XT_Z9Atviulzvy08KO9TpmN1-i8XVa2ufJFUb1jDdxtdATd2fBhmV0_nBCidTuh3eyzV1cZ_yVhcx_rS5Hiv50BX5Dyb-Nb-pHcj5xU3rWSvI_8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 16:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 8B5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKy_xnBfgXrzwt6cU2nFbt8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKy_xnBfgXrzwt6cU2nFbt8%26google_cver%3D1

43 B
891 B

13ms
13ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKy_xnBfgXrzwt6cU2nFbt8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNVeaOaQ4oDoowSwM7iXu8EdDIEWeX97VB1hZGGej4VJ1b5gN8H-t6HKF-XfsKrsLUZ5XT_Z9Atviulzvy08KO9TpmN1-i8XVa2ufJFUb1jDdxtdATd2fBhmV0_nBCidTuh3eyzV1cZ_yVhcx_rS5Hiv50BX5Dyb-Nb-pHcj5xU3rWSvI_8

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
an-x-request-uuid: 653211e8-5eb5-4380-a433-7114c3edb67b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
an-x-request-uuid: 1102523b-eb14-48a5-83fc-54fc70b98145
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKy_xnBfgXrzwt6cU2nFbt8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B5F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
an-x-request-uuid: 111ca9e5-0ceb-4dab-85c5-bff96d803b54
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2
x-proxy-origin: 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9D49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1on9xAEwAQ&v=APEucNWJuL4Tu9v1zARcVf0sFhn34fZEFaH02io0jtkb3FlU6B4CVbhs_xE3OiIO7-9rKadZvNfxU2qUQ9rWkUXfyvJIyi_IXRBgE9OyohqV2rGkB4oWx4QvncWyEMIhUQo6hkCQU1D8ysfZsb_vsTEV-CA5amez1nrjjbkx5GIdo3y2GzcEZZc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 16:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9D49
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO4X3bwLh6PH09DAx59PowAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1on9xAEwAQ&v=APEucNWJuL4Tu9v1zARcVf0sFhn34fZEFaH02io0jtkb3FlU6B4CVbhs_xE3OiIO7-9rKadZvNfxU2qUQ9rWkUXfyvJIyi_IXRBgE9OyohqV2rGkB4oWx4QvncWyEMIhUQo6hkCQU1D8ysfZsb_vsTEV-CA5amez1nrjjbkx5GIdo3y2GzcEZZc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 16:07:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFHUM4SROcsu_U4EUlwq6sM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9D49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKy_xnBfgXrzwt6cU2nFbt8&google_cver=1

43 B
840 B

36ms
36ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKy_xnBfgXrzwt6cU2nFbt8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1on9xAEwAQ&v=APEucNWJuL4Tu9v1zARcVf0sFhn34fZEFaH02io0jtkb3FlU6B4CVbhs_xE3OiIO7-9rKadZvNfxU2qUQ9rWkUXfyvJIyi_IXRBgE9OyohqV2rGkB4oWx4QvncWyEMIhUQo6hkCQU1D8ysfZsb_vsTEV-CA5amez1nrjjbkx5GIdo3y2GzcEZZc

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
an-x-request-uuid: 9131109b-c877-4b08-8793-e3c455c0342f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKy_xnBfgXrzwt6cU2nFbt8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9D49
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
an-x-request-uuid: 32533551-28aa-4926-b13a-86ab412af1aa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5ODAwOTM2MTYyMzAzODI2
x-proxy-origin: 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 965A 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1081750675586&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 965A 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1081750675586&version=m202307240101&ct=76&x=1&cor=9577482515067245000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 965A 103 KB
39 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7mUeZX95M62ozB7kmZpEJkh52W7FoI1m7n9Xm6e5zGTW23WvAx4oLAAKvZDrplh7tD2WYFOHvj5Canw7Oh1MO4A3DyqGgKB-m22vHKv-xM7gcFbxtifWq72x-Lhi16gOszV1zRo7DkL3SXDZekt9Dj0k07AEX_K-V_ao940viratvS8s&dbm_d=AKAmf-BIjJmWbiizYWEkiap74z_yJcwS6OQ75gIKaYVxJHz6HX_4q9U0aKAoB6UtT9iVoc4WTIi8vfF2OAhnnvQfL-saKsdISrzD9eVuiQLnVoqtPXJ1XemVQLs7Rm_QSUEY4gsxe-5fldV1haRooPbumxQBwKSEby3dFvxupsJJO_Uv14dSWE_24h4J99u7eBE7xdhNS6R9dioI_pkrBlIlJqgq0i6nvjRMjd8kq1wnad-bKWNaOFsYpxVf6F23Tn74cvViMGu5oQvtql2MdNR_Hkz_ZmuJFOX1z7ueLnJPpPeJ_SasmF-3cdfGkT1cC00YR1Vl9Bh2Sy-uts5b00P0q2Vg6S1icnPvpFMvjpbIp8AMQ_3iewRIof4kPdOUNMAmMdTzr2Qu6LASYRPCEQtJfqet9lmF63kZ5lhCgD5_PU8uK2Uo2dKl_sJIF_tS6zdQO7G09P2aTLXYJlg3hWhzeG37vLnEE1IwweTevQZ-FA6pWmZ0Wnc0fxvnoyI8dpGzYDuvC9Jp9sJx8-p-ss4wSkuOoqd-z8Oh83z2ikFGFerj5Nt_mFbkAq5bggr2I5-j2GwaEX96tB1n1HZsEvN21OP9Z6ujU7ZFesXoQQDw4mpd_Kxz8tN6sm9jHialFEkDKuc69LxQVLt0cihuxast3HTUXOVT4K1F7WzFf_RQwV3r0MIZQnzdcU4N39DTloAvubArrLg6ZdRxb1DsDESy-GBFxrm64OseE9r1ZnKxTg7GI7HPFHA1v8YuvponaO5KJqdkVVJ02Xy48TFmxP6qlpyoJChPKBXCqwldI9KMUKG6PnpSYlm8_sFbO9LymoH5Le1ljIi-CYC1HDYx-EbHc00kZWy956yYTN7z8Kq58UmR0sEGqBx433-i9Re7S_DnXQNzPjjeWM7NtNsG0HWbZDOh8LOVO4pUzh-l0CJDS70EMcd4Pms0DnOJOX2fwhqDiHTqzqu59p22ycDrJQZ1z_Cmg_XFNXnBbWlBQQNOFDDswS6P_4aStanqbmrFYa-WXDf30XVdqx_MqeRtDoyeyiJ3dBkmcnSaQbS7OoFJu6aldxzqgqN1pl6VFuhVkkYMfGW5qUg8dmlNO3hj-4plmouNd52cGf5NXWuYIWz1bIIQ03yxJ-ItKxDE26QtuEFIgQ6Lbgftigj9urC8GWYBq2CKfVPDmXkzjED2mSGcGMxueMTekyyuRQ2fJirhX0poyxFpYOs0XVQ-Ggx7WPGKM-hxWiL3PIRa2HqmOScFhrINF98f3znX4yw371-Fb9m1qhP3EwXhOxlAwKpfthMUhYz2bbBmV96GhZ7vetifsJ22oOvPkqsKPHvGDljcBI7qW3-c6EWHLGFUoyh603UBE_ofg4z3s4wMAWfhOhVHf9rLYYDyMJ9sQM5W3-Fh2JqDzWM04a1X7xsDIRLI_T-8EDnH7IXUS3g5ArU_zgFMjo3rrcz-GpMf84OBJZJkSX0Lv3dLQT0C2PU_TGa_RFUiLApfc09E_Tr7nA49D5ZFK5hTvkQmkabziDBBtZashkSGjEwFthDjsn21PKqK5HqX-pjJS-bZT0tclp4krxPkvjWFjZe86pqQQKDH-iZs8ca7MGyALe3taGWy_PLA4-AoZLToIDJMZwuJl-wN5IRcXwEvfjPuEO6xdBPXbSSGOfK3esRWzhXomEeT7c0dbCk7WY4SlpsCJD1l5rsovoc6_8_1ISrEit19KPB-HJKoU3suD_oBQ5CFkSxMiTSembBey1h_3qxtFLjsGD0Zc7X2Y6C6sfGZEvIaotcp_Q2zfDAryDANNTLA9gX4sdiSExtedXkVNpnWh20Is7DdMZUiX-D1a_pa-HLVlONIHIVPnooL54ykrAjhOJtolYV4Mazzr2krDBAVBkmLcZPb_uQdDUuSwqgPi3ttGX4OxbjmOHjgrN_Shbe_n5bjh2jXKjBVHH0oEFWin8nMoJw7uFs5w2S9dlkj6LStGDlYe9sjvA3F42izm13ORM0WLwnHFYblsb8id-ZjRSAiQYgyEDQlCW29I551tBlTmlhxZ8Qu4aooW1tU0-xGMvlSc-gRriOf-xd5uHZp7D1kvNQ2he3B3mBlIAbR7eVxLlK2YGDyrh5gTWmuop5RDxY7JbN2SFfln5pVoQz8pLAK8_Splqowd__m6tse8SEKKz1roNbQ9ljWb9TMtoPU0k-PI61yBmsli5w5SDML_iE3mdE0BpTpDp2FmHWXrgVyUuxzDB2OerqhX040mEFVbSitONWQwVCEnzjH5jBD-oXOvJh16OPOIGvZUw1Msgu4BMIMC2aCMqGZUIxvWoHoL_CNgcsq7yCFEa4Q_wZKBHj6iOCDzCrEIPwkk8eRiwb209DirSw4Nkw9_ZKCcLhQqM2l1npJ0i8ysmjH8EIgWH8fbLk1aiagwwxeiVFF39dCGSvWZGqCkwFMXSvZkYWranI2meaEo4KiWheujy-nRCR_k5CjCRuv838jxaTBNj35-DZumivwl2TF6CV9hon_LgxsHiUqEjWY6zD5YzEUqAupD5fojO1XQbQO7jXSKgOHBjiksmERjj2LsbYLVqJwBMExMfwm-huI4tdNbKWfv40sK5QuebVMedNt-M7muZO9U_oqIDQlB88DJ-BmAbZ0qfaDozzoGGYILjgdOaOZMESCgqzQsITUS_o0SnhslQD-PV_dKRPZzTwEhRun-ftKBIzyaZYxvpsoncOiik4o4aIYMneXx4NlzE5NponypSAdArHPG2qJatc9d2gMWIarUK7whlX2JEJdZHm3i8FzE_p6rHQ4W6-uyCoDLMakLi-nQWh4a50lZCkjLQd0zQK_2v-87DmsjxgBBH48j8xyABuDGXMvleZxUUUrlAPns5fpwLI6zLx_8TtGfhWsbLMpX4r7DQI8pRrHLZIt3FRMWhA8fjdmMnbElRui2MBEYgvr3OAWH31fV9fT4YLjweGaSTqyebHKUAmrW9PvjTwCK8qRd4n50TSYmsxZmwKWHx5FjzO9YaBaRBVBI0igWe6magbdXk4sX2NAAmwntaKb5no1nJwBbBN_gc1Wc7UhtAmvjsTMxj2J_meUkLIGqGGb6nS4MNUiGfQA1Xf_zbSeDstasvDt4V2EcypZxf7YLAxI6m-kV23QN9aE5uarDMJnQ3MnWqy76kvjFP0_CnakWOyhu4eUix64L1LJur86fLgKpHdmxYbq6Z3hLnZTadok9zPPCaAYe1PzwMEmGiTflIfMgDBdX2Tzu7DK6RdpdJ9i4t2vFPtisB6aBuLKNOwN_k4IQ8r3cuVKkkR_etTDouF7JrapKOnL535FyjARSms1KQ25Ms-B63Sf6VnfMxXUBbvCpAMHufKgWrRZw3IWcxjTdxpwztE1LCTnoXFMAJSRhfYYTZhO32rMT9VIdXVfIBSFNc4LNxeQAoRcI9Wt4Xn9epfBiVsT5vVa1INYwdkcmBtyhCm_PBQQFaAFjkhNuh6nIPzezkUlgdfIGgN0NZZzjzzewIHgJaopXfxeq8cHyiHEOKbtlrKbzu92FcsMLCfcu93xpaESctvGpnWbAQ&cid=CAQSSwBpAlJWOkAF0_zc7ArMw8d6o-RGn7xfugt6gFKzzBpmfpJH0r0g0Dfwib_IZqUteS786QCnk9MlA95xq1HSWnluXpSK5WTulij7IxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fblogr.my%2F&ds=l&xdt=1&iif=1&cor=9577482515067245000&adk=521587874&idt=113&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7279efe6212acc84644c9d14de971796bc5b3959a8ce51326e876edf35f73844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40350
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43D6 0
20 B 105ms
104ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=630479291425&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43D6 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=630479291425&version=m202307240101&ct=76&x=1&cor=12245579201213463000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 43D6 104 KB
40 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK9ZcVVWT86pVcGRMW4l1BAi0V3a3xC0EChrRxxCcJZnReI4N14hkhd1fk4mzpvFPNDCB2HdrR_RcWLoPAUVBjoNQ6N6k_RxcoRvTtug69u5kiFafmlBsmaukMsDCK8hg2Z9GLxBuH6nFEGh2yAq_3BwqMMUy1kDNePwx897ueZve7CTM&dbm_d=AKAmf-DMuZOvC-1EcsuAxk6FXSFrM8qelEnGV9BHhnVLqUfjYKRkWtaBym6fDVSKf9pwL1OIR3bhbiQv0a9CePFGlexUOoERJHdxF5mOMfh0T4c4a7wk8Ch5-pEc94J2R2Bh7HBqxbM83reBOKK71vV_BtWxDuUQADyaHeV7eObj2n5FLrNtdVqU0Xl8JtG4cbx-Y9-OClzZRRY95JtXaRUw0TIOIgxb652Bd4vHm0R6ilPqGPoJd8jsZEGTcOiiilhMO258ZNnGnqcV6jvg9B_s2lkdJJH6Ez4KnVLclgw_rFejKrsOaMfYFHGYGwNfZS0BkYpXBZIzK6rFdV2tPKrFPCuO7hzgOR5BQoBYn-SgHJxuzkIbeIgKOjFY3D9WvVvcPEmt5CtJ7p1C4Gt5pG2BNzrxLoYH9OhMXluT6GQiECX1xlWvAAKjFY7GS4gEm9-XVFGVB3-P4IE6ySyO9ZQChA5mNv99VikB5BtWdjCDYM6DWUv1RuxZYH1ZqbuAmAiK6VP3VgLACUM0gLNP975tnjHu6q8a5QjBNIvcbbUYO4CuzZF_DYizdDFcEeiUXPWu02zj3f6hCUS8l2CE5QSearlX8DCgfzqvCbSkyasGA1Et01jz3LPXGWhg8OGAU3mqE7p57jFNjKbQKsmMa7Yv8oTogkZRTJdjs51ij-SkqsqHANRY447rPMi1G_725BTG6tWxnZ1ztfQ1oot1hjl7vMgZcQzjACsqxxto_V5kqon75_cCkCsJBNiuMr8QPY-wg3PZsuHVcYblDaglucw-kooa_Ar6OfAaMI7ObH27e_WcgvR6HZ2jodb5k0zG2fgF8VroaQKeRChn2o0HmS8akF2WQYgEnfExHimW-xBlW3YQ1HR45zFbJvo8RixhzYEXjpij8UCq7effptM8miXnci3T9EFxZ_IyB4c8_s9Orw5nQljTldaB7QWN_fz2h0yFcjOwLLy-_1CxC5-2sZ3dpDh4R6ptuRS9CYadxpDoJa1n9jAceobeZgY5A4pHIdLodcXDe21ImQ2tL-gPLfcdz53i725yQXOSXbxNulGq5nWV8dDR-isILRwaR8Z8OsIeTFva61rAxYYJt26h94Npn3jg6fvCnF4u8-n5_YoJzD0q4HDaLo0kn1LEshOBXe7YMo81BB6GSZ9PWJfIxv7M8Ttn5J378iUzlQ2HEvNSI-7jCMcc5OueMZj0ahfwX4XetrUB6zrBTKdtN8L4otAjk1rTeBlFMmCkoRiD20b7ka-lWyUDCcdlQFL77bzL85LnWz6_kV5q4LavfiuwkcO5-MOMf2L13kKNC_4pWGGL3A7F0nXs-5MCt1cld-lcS6DICtvACT5qafC_tgayi8RVFDi0Ts-MZ12gc5npGIpsqkvWY7Jm2eAZp1Kdkg2ZUjAJMa7BvN6xt9j4GjZtkLn7bUqMkPUVGX3TKk7BjOTbU7uTlTjUf7zuoPbUeyiE3ROHdOPaNYNNXXbfqgq49RaNrgNmjnoVmmH0y1DndZqdbksxO-29N0kvjf-vPVZvIhZm3kFOygmxMsxuQO3cV2jWV-jWLBsFuF3UJyVWNkzik1rljLPVaLS7hGevm8yTM0x-5Qo-w6NZDdXzFIpfnMRo5og4yy50sb_yc9RxrYpIhg0z18W8U0-c9OKZQQSsLA-Kg_Lmm7Aj2lzlJNW6An9MbQwzQv2Z5mTctm-p95Gw2ZWGghFVmkYAkpopeAMwiPuR7fagXuJkyiXFVSOA9fuOQ4C9N5hFwav0PeidoUl7pQ-60k4hqdmqViLLRdkArqzBTF4vNX-bkiMbVa4CDfrtucG9Ss9xIJRkC31I64mmcer_c0F1w7Z_E2TcSlwCtL0kcWvNpg8onfjwHr4P6CkdzN3w_mLxeID0iRu57EnBlyAupuEDaVPcXBHazdQ_h2gqiQLKKlye_ycSoMA3ZL7Ai7HmAdyhLhkrHt20SO7VkNTaBhDTrqslg6dqEyxT_P5IEX4iujr8Wz7cWfBIxy8czyrZJJGeHa1euJMvEo5NJ25rZpm4ru7QP2a77z1HGMCQgRdBtYbRuDK-vFYln6sMgA6pTRUT8_rw6e5n3nz3n4LynviBqOyUK5NNhj03pqm8KUGvYRwDoTW5gHzQI52nx7m21FDXIYWWzr5pwyyswYmqBNZusf0r69RCNHNhoKhK2EFyFlSHLgCvpvkI8kw3QsCdOxSPtpAym_CjxM-HmfLBy3OMDJCEQLA2aO6BRAg1QEXh9xbJuNu7VdL7FRxfuUg-tFi7LMV-LnqjTUqWALUc3ZN5501mDo7MzX4sVE5nM-qygz7rNTrJ8tG3Om6Up4c6FFH_xKr_U4ywKrZnrY6jZJHohtpMNt1owsSAoUQ2y_41dUFMSd4s6iGAeZ9eSog1eMRZjhHGvOEFDNseYY-D6RVuLteaNiatM0VSf_3Om7_a_j8OtsQJWmlqnq1jAJF69dxsLx_mLS0WVAfaP6zn-17GE-B20QZ8ziB2Di8WYCrbM_jMhQG1mH9rL1EwH8S3kpmY9Yu5dmdUfiLtcoa16uRBGLTHItyB8SSxCL4Sy1vbzAztaMeKiult5kxEvFXW5Qg3QJlAvyFT1t7wpxQ2TnCnPun-oH8-cGAcvQTKibV6ArDizEzGnfWKIzoD27yTsIhlJHxgVLnibVHGkHBQzfO6_SiFTE6CWRwQ2QMkLO5qaAf-L-sul_L3BMV8iVVidSYsYPTpLdTunvc22ObkavZ6lIz5zmxueZaIXdW9VIr1UHAaPc6P5bJgNNapviY2irK2cNrZVLTnGgKeI_4MRa4PVYmX02fY7ie8vkSYO1TX-lO1i_pBjQQ9fSvLDsRWJs7_B5oyDZfAn1hUUFAFoJOC2Dt558ltuKCPszWk7-P_Sjq8mfB4G-j2pWVIWDhVCIG3FcKJMA_yaktgK385iXFR57IzQ3ytD5klrlfF2AktusLdI-mYML79d_hwvODMVDmDTSO0lyGWDkLkWwhtIt0V6qeSeKFJSRiyDwQAeSVdPRloMdH5AWV-IpprucygeDq1_21NMqPCmFtT8POns_2AiYnGWQFTr3xmVxeTKVPUpDRXz9qLGQaE-blq4yJGp_ijfb-ip_yrpncj-o5AEdzdB5Em-vaFvSlLpHA8L9yL4MZ1k6vf4KLTbvBQ-xlYGtSfMiJAo2igQJHk6jS_APHYdJNTdqy_ZGIP7byJ6hE6pMM-UlMZbqSKuRiniuEqfmx1qdDeoJqa1NdxTPsueBdu3_-TOLRSYfYDkWoKsUVpoQ6bauUpeHUaKqP3BDXQ1L39roYO6RygdMaZB4vTMST8n0tWWQVfb4xcL8BBj1RsAw0x58iYN3prFq5lpus7GuTW_83Ehp_sn1kZxusfyRT6qxrL2grDMkc3jjr0vXST7hZ9HYoG2cZdifhuwamSF45kZ7SdwcketEbiFPqvR7UsVhlneaETBVqWDPX-L2FRNhcbcAa27PVT-f9DKEn8jeP_BvXrQQRApPnBJZq_ienSIRm2eLbBG8txSCjhRbry4DYzTFBv7dt-cYS-qNJAnLZ2hwc4t5VJy4WpE8f6tOAnFaw&cid=CAQSSwBpAlJWxb3JKTztS57qSbHSioTfZw3UXm-VtOi7hGF1NnlEOzCgsVmwzhb5JoPX_Eo7sTckmVpJYprMqv186_vJbeFQNVNwbfNA1xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fblogr.my%2F&ds=l&xdt=1&iif=1&cor=12245579201213463000&adk=1726166460&idt=113&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2771c025b488e4d70e9bb5a004c2d04d417491a83a614723cbc54638f926807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40537
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 965A 250 KB
75 KB 115ms
33ms Script
application/javascript 63.34.215.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5965847349382843&ias_chanId=1&ias_placementId=20343401207&bidurl=https://blogr.my/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h20afM4z_fLSUfj4HJfY_I
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.215.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-215-180.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 71d9512eb2f913d119d935d4c0f061e5069400e9bf30eecce45f184a4be15013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 965A 111 KB
39 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 10:55:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 965A 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7mUeZX95M62ozB7kmZpEJkh52W7FoI1m7n9Xm6e5zGTW23WvAx4oLAAKvZDrplh7tD2WYFOHvj5Canw7Oh1MO4A3DyqGgKB-m22vHKv-xM7gcFbxtifWq72x-Lhi16gOszV1zRo7DkL3SXDZekt9Dj0k07AEX_K-V_ao940viratvS8s&dbm_d=AKAmf-BIjJmWbiizYWEkiap74z_yJcwS6OQ75gIKaYVxJHz6HX_4q9U0aKAoB6UtT9iVoc4WTIi8vfF2OAhnnvQfL-saKsdISrzD9eVuiQLnVoqtPXJ1XemVQLs7Rm_QSUEY4gsxe-5fldV1haRooPbumxQBwKSEby3dFvxupsJJO_Uv14dSWE_24h4J99u7eBE7xdhNS6R9dioI_pkrBlIlJqgq0i6nvjRMjd8kq1wnad-bKWNaOFsYpxVf6F23Tn74cvViMGu5oQvtql2MdNR_Hkz_ZmuJFOX1z7ueLnJPpPeJ_SasmF-3cdfGkT1cC00YR1Vl9Bh2Sy-uts5b00P0q2Vg6S1icnPvpFMvjpbIp8AMQ_3iewRIof4kPdOUNMAmMdTzr2Qu6LASYRPCEQtJfqet9lmF63kZ5lhCgD5_PU8uK2Uo2dKl_sJIF_tS6zdQO7G09P2aTLXYJlg3hWhzeG37vLnEE1IwweTevQZ-FA6pWmZ0Wnc0fxvnoyI8dpGzYDuvC9Jp9sJx8-p-ss4wSkuOoqd-z8Oh83z2ikFGFerj5Nt_mFbkAq5bggr2I5-j2GwaEX96tB1n1HZsEvN21OP9Z6ujU7ZFesXoQQDw4mpd_Kxz8tN6sm9jHialFEkDKuc69LxQVLt0cihuxast3HTUXOVT4K1F7WzFf_RQwV3r0MIZQnzdcU4N39DTloAvubArrLg6ZdRxb1DsDESy-GBFxrm64OseE9r1ZnKxTg7GI7HPFHA1v8YuvponaO5KJqdkVVJ02Xy48TFmxP6qlpyoJChPKBXCqwldI9KMUKG6PnpSYlm8_sFbO9LymoH5Le1ljIi-CYC1HDYx-EbHc00kZWy956yYTN7z8Kq58UmR0sEGqBx433-i9Re7S_DnXQNzPjjeWM7NtNsG0HWbZDOh8LOVO4pUzh-l0CJDS70EMcd4Pms0DnOJOX2fwhqDiHTqzqu59p22ycDrJQZ1z_Cmg_XFNXnBbWlBQQNOFDDswS6P_4aStanqbmrFYa-WXDf30XVdqx_MqeRtDoyeyiJ3dBkmcnSaQbS7OoFJu6aldxzqgqN1pl6VFuhVkkYMfGW5qUg8dmlNO3hj-4plmouNd52cGf5NXWuYIWz1bIIQ03yxJ-ItKxDE26QtuEFIgQ6Lbgftigj9urC8GWYBq2CKfVPDmXkzjED2mSGcGMxueMTekyyuRQ2fJirhX0poyxFpYOs0XVQ-Ggx7WPGKM-hxWiL3PIRa2HqmOScFhrINF98f3znX4yw371-Fb9m1qhP3EwXhOxlAwKpfthMUhYz2bbBmV96GhZ7vetifsJ22oOvPkqsKPHvGDljcBI7qW3-c6EWHLGFUoyh603UBE_ofg4z3s4wMAWfhOhVHf9rLYYDyMJ9sQM5W3-Fh2JqDzWM04a1X7xsDIRLI_T-8EDnH7IXUS3g5ArU_zgFMjo3rrcz-GpMf84OBJZJkSX0Lv3dLQT0C2PU_TGa_RFUiLApfc09E_Tr7nA49D5ZFK5hTvkQmkabziDBBtZashkSGjEwFthDjsn21PKqK5HqX-pjJS-bZT0tclp4krxPkvjWFjZe86pqQQKDH-iZs8ca7MGyALe3taGWy_PLA4-AoZLToIDJMZwuJl-wN5IRcXwEvfjPuEO6xdBPXbSSGOfK3esRWzhXomEeT7c0dbCk7WY4SlpsCJD1l5rsovoc6_8_1ISrEit19KPB-HJKoU3suD_oBQ5CFkSxMiTSembBey1h_3qxtFLjsGD0Zc7X2Y6C6sfGZEvIaotcp_Q2zfDAryDANNTLA9gX4sdiSExtedXkVNpnWh20Is7DdMZUiX-D1a_pa-HLVlONIHIVPnooL54ykrAjhOJtolYV4Mazzr2krDBAVBkmLcZPb_uQdDUuSwqgPi3ttGX4OxbjmOHjgrN_Shbe_n5bjh2jXKjBVHH0oEFWin8nMoJw7uFs5w2S9dlkj6LStGDlYe9sjvA3F42izm13ORM0WLwnHFYblsb8id-ZjRSAiQYgyEDQlCW29I551tBlTmlhxZ8Qu4aooW1tU0-xGMvlSc-gRriOf-xd5uHZp7D1kvNQ2he3B3mBlIAbR7eVxLlK2YGDyrh5gTWmuop5RDxY7JbN2SFfln5pVoQz8pLAK8_Splqowd__m6tse8SEKKz1roNbQ9ljWb9TMtoPU0k-PI61yBmsli5w5SDML_iE3mdE0BpTpDp2FmHWXrgVyUuxzDB2OerqhX040mEFVbSitONWQwVCEnzjH5jBD-oXOvJh16OPOIGvZUw1Msgu4BMIMC2aCMqGZUIxvWoHoL_CNgcsq7yCFEa4Q_wZKBHj6iOCDzCrEIPwkk8eRiwb209DirSw4Nkw9_ZKCcLhQqM2l1npJ0i8ysmjH8EIgWH8fbLk1aiagwwxeiVFF39dCGSvWZGqCkwFMXSvZkYWranI2meaEo4KiWheujy-nRCR_k5CjCRuv838jxaTBNj35-DZumivwl2TF6CV9hon_LgxsHiUqEjWY6zD5YzEUqAupD5fojO1XQbQO7jXSKgOHBjiksmERjj2LsbYLVqJwBMExMfwm-huI4tdNbKWfv40sK5QuebVMedNt-M7muZO9U_oqIDQlB88DJ-BmAbZ0qfaDozzoGGYILjgdOaOZMESCgqzQsITUS_o0SnhslQD-PV_dKRPZzTwEhRun-ftKBIzyaZYxvpsoncOiik4o4aIYMneXx4NlzE5NponypSAdArHPG2qJatc9d2gMWIarUK7whlX2JEJdZHm3i8FzE_p6rHQ4W6-uyCoDLMakLi-nQWh4a50lZCkjLQd0zQK_2v-87DmsjxgBBH48j8xyABuDGXMvleZxUUUrlAPns5fpwLI6zLx_8TtGfhWsbLMpX4r7DQI8pRrHLZIt3FRMWhA8fjdmMnbElRui2MBEYgvr3OAWH31fV9fT4YLjweGaSTqyebHKUAmrW9PvjTwCK8qRd4n50TSYmsxZmwKWHx5FjzO9YaBaRBVBI0igWe6magbdXk4sX2NAAmwntaKb5no1nJwBbBN_gc1Wc7UhtAmvjsTMxj2J_meUkLIGqGGb6nS4MNUiGfQA1Xf_zbSeDstasvDt4V2EcypZxf7YLAxI6m-kV23QN9aE5uarDMJnQ3MnWqy76kvjFP0_CnakWOyhu4eUix64L1LJur86fLgKpHdmxYbq6Z3hLnZTadok9zPPCaAYe1PzwMEmGiTflIfMgDBdX2Tzu7DK6RdpdJ9i4t2vFPtisB6aBuLKNOwN_k4IQ8r3cuVKkkR_etTDouF7JrapKOnL535FyjARSms1KQ25Ms-B63Sf6VnfMxXUBbvCpAMHufKgWrRZw3IWcxjTdxpwztE1LCTnoXFMAJSRhfYYTZhO32rMT9VIdXVfIBSFNc4LNxeQAoRcI9Wt4Xn9epfBiVsT5vVa1INYwdkcmBtyhCm_PBQQFaAFjkhNuh6nIPzezkUlgdfIGgN0NZZzjzzewIHgJaopXfxeq8cHyiHEOKbtlrKbzu92FcsMLCfcu93xpaESctvGpnWbAQ&cid=CAQSSwBpAlJWOkAF0_zc7ArMw8d6o-RGn7xfugt6gFKzzBpmfpJH0r0g0Dfwib_IZqUteS786QCnk9MlA95xq1HSWnluXpSK5WTulij7IxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fblogr.my%2F&ds=l&xdt=1&iif=1&cor=9577482515067245000&adk=521587874&idt=113&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:06:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 965A 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:06:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 965A 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
DATA 200
OK truncated
/ Frame 965A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5e06de714552eb414e94d4b12d392596ac02a43aec4196f6b3cf15105e393b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527023/ Frame 43D6 250 KB
75 KB 66ms
32ms Script
application/javascript 63.34.215.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527023/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5965847349382843&ias_chanId=1&ias_placementId=20343401411&bidurl=https://blogr.my/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j3IuZV-bbn_eiuWsxSuikY
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.215.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-215-180.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c1a9f230614c3dd11c45f7184e4312b8bcd6f382b07dc4017edc100ccef45c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 43D6 111 KB
39 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 10:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 10:55:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 43D6 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK9ZcVVWT86pVcGRMW4l1BAi0V3a3xC0EChrRxxCcJZnReI4N14hkhd1fk4mzpvFPNDCB2HdrR_RcWLoPAUVBjoNQ6N6k_RxcoRvTtug69u5kiFafmlBsmaukMsDCK8hg2Z9GLxBuH6nFEGh2yAq_3BwqMMUy1kDNePwx897ueZve7CTM&dbm_d=AKAmf-DMuZOvC-1EcsuAxk6FXSFrM8qelEnGV9BHhnVLqUfjYKRkWtaBym6fDVSKf9pwL1OIR3bhbiQv0a9CePFGlexUOoERJHdxF5mOMfh0T4c4a7wk8Ch5-pEc94J2R2Bh7HBqxbM83reBOKK71vV_BtWxDuUQADyaHeV7eObj2n5FLrNtdVqU0Xl8JtG4cbx-Y9-OClzZRRY95JtXaRUw0TIOIgxb652Bd4vHm0R6ilPqGPoJd8jsZEGTcOiiilhMO258ZNnGnqcV6jvg9B_s2lkdJJH6Ez4KnVLclgw_rFejKrsOaMfYFHGYGwNfZS0BkYpXBZIzK6rFdV2tPKrFPCuO7hzgOR5BQoBYn-SgHJxuzkIbeIgKOjFY3D9WvVvcPEmt5CtJ7p1C4Gt5pG2BNzrxLoYH9OhMXluT6GQiECX1xlWvAAKjFY7GS4gEm9-XVFGVB3-P4IE6ySyO9ZQChA5mNv99VikB5BtWdjCDYM6DWUv1RuxZYH1ZqbuAmAiK6VP3VgLACUM0gLNP975tnjHu6q8a5QjBNIvcbbUYO4CuzZF_DYizdDFcEeiUXPWu02zj3f6hCUS8l2CE5QSearlX8DCgfzqvCbSkyasGA1Et01jz3LPXGWhg8OGAU3mqE7p57jFNjKbQKsmMa7Yv8oTogkZRTJdjs51ij-SkqsqHANRY447rPMi1G_725BTG6tWxnZ1ztfQ1oot1hjl7vMgZcQzjACsqxxto_V5kqon75_cCkCsJBNiuMr8QPY-wg3PZsuHVcYblDaglucw-kooa_Ar6OfAaMI7ObH27e_WcgvR6HZ2jodb5k0zG2fgF8VroaQKeRChn2o0HmS8akF2WQYgEnfExHimW-xBlW3YQ1HR45zFbJvo8RixhzYEXjpij8UCq7effptM8miXnci3T9EFxZ_IyB4c8_s9Orw5nQljTldaB7QWN_fz2h0yFcjOwLLy-_1CxC5-2sZ3dpDh4R6ptuRS9CYadxpDoJa1n9jAceobeZgY5A4pHIdLodcXDe21ImQ2tL-gPLfcdz53i725yQXOSXbxNulGq5nWV8dDR-isILRwaR8Z8OsIeTFva61rAxYYJt26h94Npn3jg6fvCnF4u8-n5_YoJzD0q4HDaLo0kn1LEshOBXe7YMo81BB6GSZ9PWJfIxv7M8Ttn5J378iUzlQ2HEvNSI-7jCMcc5OueMZj0ahfwX4XetrUB6zrBTKdtN8L4otAjk1rTeBlFMmCkoRiD20b7ka-lWyUDCcdlQFL77bzL85LnWz6_kV5q4LavfiuwkcO5-MOMf2L13kKNC_4pWGGL3A7F0nXs-5MCt1cld-lcS6DICtvACT5qafC_tgayi8RVFDi0Ts-MZ12gc5npGIpsqkvWY7Jm2eAZp1Kdkg2ZUjAJMa7BvN6xt9j4GjZtkLn7bUqMkPUVGX3TKk7BjOTbU7uTlTjUf7zuoPbUeyiE3ROHdOPaNYNNXXbfqgq49RaNrgNmjnoVmmH0y1DndZqdbksxO-29N0kvjf-vPVZvIhZm3kFOygmxMsxuQO3cV2jWV-jWLBsFuF3UJyVWNkzik1rljLPVaLS7hGevm8yTM0x-5Qo-w6NZDdXzFIpfnMRo5og4yy50sb_yc9RxrYpIhg0z18W8U0-c9OKZQQSsLA-Kg_Lmm7Aj2lzlJNW6An9MbQwzQv2Z5mTctm-p95Gw2ZWGghFVmkYAkpopeAMwiPuR7fagXuJkyiXFVSOA9fuOQ4C9N5hFwav0PeidoUl7pQ-60k4hqdmqViLLRdkArqzBTF4vNX-bkiMbVa4CDfrtucG9Ss9xIJRkC31I64mmcer_c0F1w7Z_E2TcSlwCtL0kcWvNpg8onfjwHr4P6CkdzN3w_mLxeID0iRu57EnBlyAupuEDaVPcXBHazdQ_h2gqiQLKKlye_ycSoMA3ZL7Ai7HmAdyhLhkrHt20SO7VkNTaBhDTrqslg6dqEyxT_P5IEX4iujr8Wz7cWfBIxy8czyrZJJGeHa1euJMvEo5NJ25rZpm4ru7QP2a77z1HGMCQgRdBtYbRuDK-vFYln6sMgA6pTRUT8_rw6e5n3nz3n4LynviBqOyUK5NNhj03pqm8KUGvYRwDoTW5gHzQI52nx7m21FDXIYWWzr5pwyyswYmqBNZusf0r69RCNHNhoKhK2EFyFlSHLgCvpvkI8kw3QsCdOxSPtpAym_CjxM-HmfLBy3OMDJCEQLA2aO6BRAg1QEXh9xbJuNu7VdL7FRxfuUg-tFi7LMV-LnqjTUqWALUc3ZN5501mDo7MzX4sVE5nM-qygz7rNTrJ8tG3Om6Up4c6FFH_xKr_U4ywKrZnrY6jZJHohtpMNt1owsSAoUQ2y_41dUFMSd4s6iGAeZ9eSog1eMRZjhHGvOEFDNseYY-D6RVuLteaNiatM0VSf_3Om7_a_j8OtsQJWmlqnq1jAJF69dxsLx_mLS0WVAfaP6zn-17GE-B20QZ8ziB2Di8WYCrbM_jMhQG1mH9rL1EwH8S3kpmY9Yu5dmdUfiLtcoa16uRBGLTHItyB8SSxCL4Sy1vbzAztaMeKiult5kxEvFXW5Qg3QJlAvyFT1t7wpxQ2TnCnPun-oH8-cGAcvQTKibV6ArDizEzGnfWKIzoD27yTsIhlJHxgVLnibVHGkHBQzfO6_SiFTE6CWRwQ2QMkLO5qaAf-L-sul_L3BMV8iVVidSYsYPTpLdTunvc22ObkavZ6lIz5zmxueZaIXdW9VIr1UHAaPc6P5bJgNNapviY2irK2cNrZVLTnGgKeI_4MRa4PVYmX02fY7ie8vkSYO1TX-lO1i_pBjQQ9fSvLDsRWJs7_B5oyDZfAn1hUUFAFoJOC2Dt558ltuKCPszWk7-P_Sjq8mfB4G-j2pWVIWDhVCIG3FcKJMA_yaktgK385iXFR57IzQ3ytD5klrlfF2AktusLdI-mYML79d_hwvODMVDmDTSO0lyGWDkLkWwhtIt0V6qeSeKFJSRiyDwQAeSVdPRloMdH5AWV-IpprucygeDq1_21NMqPCmFtT8POns_2AiYnGWQFTr3xmVxeTKVPUpDRXz9qLGQaE-blq4yJGp_ijfb-ip_yrpncj-o5AEdzdB5Em-vaFvSlLpHA8L9yL4MZ1k6vf4KLTbvBQ-xlYGtSfMiJAo2igQJHk6jS_APHYdJNTdqy_ZGIP7byJ6hE6pMM-UlMZbqSKuRiniuEqfmx1qdDeoJqa1NdxTPsueBdu3_-TOLRSYfYDkWoKsUVpoQ6bauUpeHUaKqP3BDXQ1L39roYO6RygdMaZB4vTMST8n0tWWQVfb4xcL8BBj1RsAw0x58iYN3prFq5lpus7GuTW_83Ehp_sn1kZxusfyRT6qxrL2grDMkc3jjr0vXST7hZ9HYoG2cZdifhuwamSF45kZ7SdwcketEbiFPqvR7UsVhlneaETBVqWDPX-L2FRNhcbcAa27PVT-f9DKEn8jeP_BvXrQQRApPnBJZq_ienSIRm2eLbBG8txSCjhRbry4DYzTFBv7dt-cYS-qNJAnLZ2hwc4t5VJy4WpE8f6tOAnFaw&cid=CAQSSwBpAlJWxb3JKTztS57qSbHSioTfZw3UXm-VtOi7hGF1NnlEOzCgsVmwzhb5JoPX_Eo7sTckmVpJYprMqv186_vJbeFQNVNwbfNA1xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fblogr.my%2F&ds=l&xdt=1&iif=1&cor=12245579201213463000&adk=1726166460&idt=113&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:06:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 43D6 30 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:06:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 43D6 41 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3127 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 207373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12784067222800087067/ Frame D6E3 141 KB
22 KB 23ms
7ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 291430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 07:10:48 GMT
expires: Sun, 25 Aug 2024 07:10:48 GMT
last-modified: Wed, 09 Feb 2022 10:31:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 965A 0
0 90ms
55ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpdCvY1300c46UxOz6K4tKfVRkkE3GO55pnbY94rTLRDrWHr0-fJ6bbbiKksq18huMEPrspP_hMmukHogMBusgNhg_IUpXiwzRNNMsMShvFkx3i1aQEPvqANaqnVG6Ny0XEIiFA9L7ibMNiAYI1i8CQTX_Lfik8QnmfSU6iLP2j_A0Qx-U1ANAHsDDoznpjP6_PsxDrROjuhqKW_ZpaXIyuVdAukFlkQxQPBZ5NwZkEAqU2eV4RcHWLFWyQSf-oBtKZWHgGUUxyCRW6MIf0VKnVzfxV8Z5rbaC12pN-d5X0dK65FG1YP-cSvVTLOQrvA7QyzyVKrmHdLtPKyMJKbPMHrOg0u4SZvq75ASOUtkx0YrQrpwny3uCybyws6BR1x0htzphyju692ILvGagSuItE2e2NRNvNVQNbcp43dgn3okgZFBbn59wvPiJmr9-mjzxBl7FHbHflvcSfZkDun0FBAcW5tRYjL1kH434Z26TtxKxdq07wgYbIzIyCsf_L97FtJnd2j0szJfHHbkzrHbUwkgI4_9PBHa1nat7HG7saEOljGa93nyaN68gjNKLhvNVM1o-ys3bcmUuk1cUvtLJwN4xoyBtGsbO4LJ9uXW7AzZTMAAO1X1jtsp2utHBnU434GG1rZ5wqH1Dc0U4yoEiPongsZ9piP_wo5y3R-m2qF6cIvx4uRCEV8b3lhZqUcpHgDajnQ4oM8HQRAuol_4Xc4XQ_PHLnFRdUD5ObNcAVSucStHCFjc4D7riKiMXqvnO3IEBIfpYFGpoeQ4evTdXRxlMT9gYaU7kiN3Z88SI4pzCVnvMBLbjjjS45zH3zG7UyMMhLSMqKcWHkDC4AW82SmG4B_30i0hkHy9GcTEIzMLf-tjKG6cr-qOtQqT09tYPaPvYZ08YEM7GQdhFk1DeXK8TSrPGLqvfhzYOhmD9xfAn7Cb6lAOTMQXoRafvgwCi8QhIue1hZgtpohfR7QyP0zxsX2IQwBSGqF0a6w-KK6hYk2RFs0pkKCTU9YgU2H77hQBoVU7rbg-dmFHRU8pRdVzHn35c6vxpxCqlCp9p2GFh88RPsRxOh3r-O-2KjRkG2R4W8zqiSZ9cUGy048qjkKgk1oBlLupZPtboYXDTX_5IMLLrqQ4JnqH7buNrFMnDOVLd1gded-0rS4oDwAW1hizRT5HaY4T2I7VPSDwO84MGBtWUz_Pm-L8RYJXA1-i7JmqMVU-3JHw3ivaQSwvM4FfJ-6-o_k_sENG5Efh8TOeXXsgei831rQ&sai=AMfl-YT-AKFgPmdAtIoBxV6ZAE05YkkPaL-eubIzMThfdLQzu-AjMb0CaMTZic9QCRWQscO5cdb7b2x3eGb5e-nvhzj1OaTW9CCHa9itXUgcITfRIiVIiaBCUuBnaQpE3Q7HUVFPLAOsOxI5eo_hNfrjNOQRKk9-UqSBLcaoqAf3oAFiOrp3LRn5aQg28kGTfedaKHCLgeudSV7YzEzNEKWcm1LUFRmpzzBaTzcpb4Iam17cS0p7VwHu9OLvajkLJ-hFjQgNHQqfylbGUtOH9PB87JXeShjkQJyn&sig=Cg0ArKJSzFA5xS0yS2-4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=94&cbvp=1&cstd=91&cisv=r20230828.91187&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 03B6 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 207373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17033400417514298334/ Frame 2D17 116 KB
21 KB 17ms
10ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd7ecd6368faa1bb9c8cc7910b4e6b8261d929a83100f12506ba97c4bb0fe48b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 333371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21229
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 19:31:47 GMT
expires: Sat, 24 Aug 2024 19:31:47 GMT
last-modified: Mon, 07 Mar 2022 09:45:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 43D6 0
0 81ms
55ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwlGN5aqYQw70vM22kjvMQxnXJe38BzvdigtZr26L9XeVPkcLNTyDk7J_uECE43HuvpXyu_7r-cWs__Jxm7qypCSUtnboAMRlorEpe938r361i-1fEoPhQX_rQevTZjbEo5D2-fxWEOsU-p1SNmi5C05mIDV3cU4ktslS8FsQ28BDPX3He9YeRObmaqAwOmq15Wau0ljUD9xbCps0iL1IRAJ3k-d4d0tZOC8wqqmyNqJKgksqM_bdmwKR4RG13X4gB-_d1TjElyyAOc9pIu8nQXKtsc4J5iI3Tyf25P9ih2Zc1pBlDup2LnGPhPp2BARGCCMgM5gs4HquXrP8Opq6_pbpDXwp9uCcIhrPNYVIrgZUzjSpZhpDPYIU8AK-sx7k_TNO6LaTZAP3MjjvwsJtcNPRBs2rKD8rcofQBS-qKQIlxLvAKzZESf6zk-4YI_Ilu7UR5noky6UJdv6mWtgzVAIWJi-anLm1Z_nL--D1JGt-DE5zo04fbUNCQ4xpzXfbllfs7DJ1PrWKrHzSk6mXwr07wWW-ZcR0ppYmQuKLlxUgqyUIvau9NI0I-LLWnwj8gfcEWlw4q2gLufCuy5K2PH5T9URa3tfBb2f-vZ-pXkeXAXkNPWGSNU1g0O7YQEmaqPoNnx0OV_lp8VCTpGP2V1ztJ0OWHkJaZ3lI82qlrItk7tuN_nUu0fcYgOcww1t7CQTkbGTl9oW-VC1hMHN9RRbg_yI9xUxjdlUR1IaWjuWtMDLhOzheUmpuHz-tiYwDs_u1uQbe01TDySq5It-HZ8cr36BZJz5qY_26KW6vM4k6RiZRLqoxM4pyg3dbot5zHNZL9PD-zE_lm461amv_FHDbxd0ebXRjnmCKdG0u0qXZX584WgV7kOkYcnXeiWMDdJO8HGZfedQ3ztmq5cTFxt-W951vPoJsmQl8yvp1pbvCLTeD8w0YxLQ-MitI10bb-WKM_44CMKiZ_d_vn1pv5FiJG_UmcRO1Pjp55hb8l_7PegwtzV-iqtCKwlWGX8RKsgDNCXPwiIWC2EIGPe4FngDNuiRpcEkQRBpniBrU3Yp4cNyiNtZenbE5gklAsscUH4CmOitD_uBRquyHMhnC7FOmpik5HnryHvBaC3HFFawdrfTaf0PBO9v23HATPD5lbPaEuACZiO6qQJg6Mvq8YA7BYXSE7eRQo-Q6C-1VbPTJ2sOo7Q3U9BORhRKf1PAZSsq9G3kGvvyoUvJ3P0LyVcQDuZK52HSexdf_k5I152JHClO0ps8XGHac&sai=AMfl-YRRakl_tZJdcYbHg9ZNcGMQ7tWwswgzx2V_K7RF0ChiWJ66gQSWUkf8LQRZWla0hTGfYYrd1KEoMFxJKnW8KgRO6CTd8pltf4iCmR9e67TfXgCqsVHAaHJTFdgf17GhWBxVlmkleRu2QCBwZulEROFUvaX3dzRkxbdiesNXQ375TMaCXY_2rt939WEESZGCxDomvBI4RqAp4VybJIL57NCCqQ2PIq3vO7Z0d-cfq9Q0IBmcAm0vtNZIrZJM90VhTfdRKPzFFOoip5gRdRA7mpck6RjNTowY&sig=Cg0ArKJSzMvn_gzXNm6TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=54&cbvp=1&cstd=53&cisv=r20230828.93113&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3127 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D6E3 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 05:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 05:02:56 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2D17 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 05:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 05:02:56 GMT

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 03B6 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 965A 0
0 44ms
44ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpdCvY1300c46UxOz6K4tKfVRkkE3GO55pnbY94rTLRDrWHr0-fJ6bbbiKksq18huMEPrspP_hMmukHogMBusgNhg_IUpXiwzRNNMsMShvFkx3i1aQEPvqANaqnVG6Ny0XEIiFA9L7ibMNiAYI1i8CQTX_Lfik8QnmfSU6iLP2j_A0Qx-U1ANAHsDDoznpjP6_PsxDrROjuhqKW_ZpaXIyuVdAukFlkQxQPBZ5NwZkEAqU2eV4RcHWLFWyQSf-oBtKZWHgGUUxyCRW6MIf0VKnVzfxV8Z5rbaC12pN-d5X0dK65FG1YP-cSvVTLOQrvA7QyzyVKrmHdLtPKyMJKbPMHrOg0u4SZvq75ASOUtkx0YrQrpwny3uCybyws6BR1x0htzphyju692ILvGagSuItE2e2NRNvNVQNbcp43dgn3okgZFBbn59wvPiJmr9-mjzxBl7FHbHflvcSfZkDun0FBAcW5tRYjL1kH434Z26TtxKxdq07wgYbIzIyCsf_L97FtJnd2j0szJfHHbkzrHbUwkgI4_9PBHa1nat7HG7saEOljGa93nyaN68gjNKLhvNVM1o-ys3bcmUuk1cUvtLJwN4xoyBtGsbO4LJ9uXW7AzZTMAAO1X1jtsp2utHBnU434GG1rZ5wqH1Dc0U4yoEiPongsZ9piP_wo5y3R-m2qF6cIvx4uRCEV8b3lhZqUcpHgDajnQ4oM8HQRAuol_4Xc4XQ_PHLnFRdUD5ObNcAVSucStHCFjc4D7riKiMXqvnO3IEBIfpYFGpoeQ4evTdXRxlMT9gYaU7kiN3Z88SI4pzCVnvMBLbjjjS45zH3zG7UyMMhLSMqKcWHkDC4AW82SmG4B_30i0hkHy9GcTEIzMLf-tjKG6cr-qOtQqT09tYPaPvYZ08YEM7GQdhFk1DeXK8TSrPGLqvfhzYOhmD9xfAn7Cb6lAOTMQXoRafvgwCi8QhIue1hZgtpohfR7QyP0zxsX2IQwBSGqF0a6w-KK6hYk2RFs0pkKCTU9YgU2H77hQBoVU7rbg-dmFHRU8pRdVzHn35c6vxpxCqlCp9p2GFh88RPsRxOh3r-O-2KjRkG2R4W8zqiSZ9cUGy048qjkKgk1oBlLupZPtboYXDTX_5IMLLrqQ4JnqH7buNrFMnDOVLd1gded-0rS4oDwAW1hizRT5HaY4T2I7VPSDwO84MGBtWUz_Pm-L8RYJXA1-i7JmqMVU-3JHw3ivaQSwvM4FfJ-6-o_k_sENG5Efh8TOeXXsgei831rQ&sai=AMfl-YT-AKFgPmdAtIoBxV6ZAE05YkkPaL-eubIzMThfdLQzu-AjMb0CaMTZic9QCRWQscO5cdb7b2x3eGb5e-nvhzj1OaTW9CCHa9itXUgcITfRIiVIiaBCUuBnaQpE3Q7HUVFPLAOsOxI5eo_hNfrjNOQRKk9-UqSBLcaoqAf3oAFiOrp3LRn5aQg28kGTfedaKHCLgeudSV7YzEzNEKWcm1LUFRmpzzBaTzcpb4Iam17cS0p7VwHu9OLvajkLJ-hFjQgNHQqfylbGUtOH9PB87JXeShjkQJyn&sig=Cg0ArKJSzFA5xS0yS2-4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&vt=11&dtpt=101&dett=3&cstd=91&cisv=r20230828.91187&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 43D6 0
0 45ms
44ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwlGN5aqYQw70vM22kjvMQxnXJe38BzvdigtZr26L9XeVPkcLNTyDk7J_uECE43HuvpXyu_7r-cWs__Jxm7qypCSUtnboAMRlorEpe938r361i-1fEoPhQX_rQevTZjbEo5D2-fxWEOsU-p1SNmi5C05mIDV3cU4ktslS8FsQ28BDPX3He9YeRObmaqAwOmq15Wau0ljUD9xbCps0iL1IRAJ3k-d4d0tZOC8wqqmyNqJKgksqM_bdmwKR4RG13X4gB-_d1TjElyyAOc9pIu8nQXKtsc4J5iI3Tyf25P9ih2Zc1pBlDup2LnGPhPp2BARGCCMgM5gs4HquXrP8Opq6_pbpDXwp9uCcIhrPNYVIrgZUzjSpZhpDPYIU8AK-sx7k_TNO6LaTZAP3MjjvwsJtcNPRBs2rKD8rcofQBS-qKQIlxLvAKzZESf6zk-4YI_Ilu7UR5noky6UJdv6mWtgzVAIWJi-anLm1Z_nL--D1JGt-DE5zo04fbUNCQ4xpzXfbllfs7DJ1PrWKrHzSk6mXwr07wWW-ZcR0ppYmQuKLlxUgqyUIvau9NI0I-LLWnwj8gfcEWlw4q2gLufCuy5K2PH5T9URa3tfBb2f-vZ-pXkeXAXkNPWGSNU1g0O7YQEmaqPoNnx0OV_lp8VCTpGP2V1ztJ0OWHkJaZ3lI82qlrItk7tuN_nUu0fcYgOcww1t7CQTkbGTl9oW-VC1hMHN9RRbg_yI9xUxjdlUR1IaWjuWtMDLhOzheUmpuHz-tiYwDs_u1uQbe01TDySq5It-HZ8cr36BZJz5qY_26KW6vM4k6RiZRLqoxM4pyg3dbot5zHNZL9PD-zE_lm461amv_FHDbxd0ebXRjnmCKdG0u0qXZX584WgV7kOkYcnXeiWMDdJO8HGZfedQ3ztmq5cTFxt-W951vPoJsmQl8yvp1pbvCLTeD8w0YxLQ-MitI10bb-WKM_44CMKiZ_d_vn1pv5FiJG_UmcRO1Pjp55hb8l_7PegwtzV-iqtCKwlWGX8RKsgDNCXPwiIWC2EIGPe4FngDNuiRpcEkQRBpniBrU3Yp4cNyiNtZenbE5gklAsscUH4CmOitD_uBRquyHMhnC7FOmpik5HnryHvBaC3HFFawdrfTaf0PBO9v23HATPD5lbPaEuACZiO6qQJg6Mvq8YA7BYXSE7eRQo-Q6C-1VbPTJ2sOo7Q3U9BORhRKf1PAZSsq9G3kGvvyoUvJ3P0LyVcQDuZK52HSexdf_k5I152JHClO0ps8XGHac&sai=AMfl-YRRakl_tZJdcYbHg9ZNcGMQ7tWwswgzx2V_K7RF0ChiWJ66gQSWUkf8LQRZWla0hTGfYYrd1KEoMFxJKnW8KgRO6CTd8pltf4iCmR9e67TfXgCqsVHAaHJTFdgf17GhWBxVlmkleRu2QCBwZulEROFUvaX3dzRkxbdiesNXQ375TMaCXY_2rt939WEESZGCxDomvBI4RqAp4VybJIL57NCCqQ2PIq3vO7Z0d-cfq9Q0IBmcAm0vtNZIrZJM90VhTfdRKPzFFOoip5gRdRA7mpck6RjNTowY&sig=Cg0ArKJSzMvn_gzXNm6TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=160&vt=11&dtpt=106&dett=3&cstd=53&cisv=r20230828.93113&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 43D6
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527023/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5965847349382843&ias_chanId=1&ias_placementId=20343401411&bidurl=https://blogr.my/&ias_dea...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZKHKOLbAx_APsOCtqAM&cbFunctionName=goog_wrapCb_3RfuZKHKOLbAx_APsOCtqAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

15ms
12ms

Script
application/javascript

2600:9000:238d:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZKHKOLbAx_APsOCtqAM&cbFunctionName=goog_wrapCb_3RfuZKHKOLbAx_APsOCtqAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Protocol: H2
Server: 2600:9000:238d:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop: AMS1-P1
age: 90296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 0TlXsDtswAnUa0XGMDKkH2gNfonVv34TM5x--5kIbNi2nh2cPl4Oig==

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZKHKOLbAx_APsOCtqAM&cbFunctionName=goog_wrapCb_3RfuZKHKOLbAx_APsOCtqAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B73F 91 KB
23 KB 57ms
14ms Script
application/javascript 2600:9000:238d:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:56:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 13227119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 7ojm2uET6_zMZDP5PUbtK7IsmmPnvrOif8OIfyRRCcC2b-MKYBkSVA==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 965A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5965847349382843&ias_chanId=1&ias_placementId=20343401207&bidurl=https://blogr.my/&ias_dea...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZNTQN7nDx_APrvqsmAw&cbFunctionName=goog_wrapCb_3RfuZNTQN7nDx_APrvqsmAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

13ms
13ms

Script
application/javascript

2600:9000:238d:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZNTQN7nDx_APrvqsmAw&cbFunctionName=goog_wrapCb_3RfuZNTQN7nDx_APrvqsmAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Protocol: H2
Server: 2600:9000:238d:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop: AMS1-P1
age: 90296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: heyVlEJ2c82NTEY7WXJJrdSJOAXhg5o11s9TpW9huh5rNzJvT0m3cA==

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_3RfuZNTQN7nDx_APrvqsmAw&cbFunctionName=goog_wrapCb_3RfuZNTQN7nDx_APrvqsmAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7B2F 91 KB
23 KB 30ms
25ms Script
application/javascript 2600:9000:238d:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:56:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 13227119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MZIYwhKHoqKQxMQK79iv4D-TwabIbkmCjJxpRfaZC7GqEreb3Ri2eQ==

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame D6E3 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:09:42 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame D6E3 3 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:10:04 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame D6E3 6 KB
2 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:55:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:10:48 GMT

GET
H3 200 head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame D6E3 12 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3442
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:22:00 GMT

GET
H3 200 head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame D6E3 7 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2321
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:22:37 GMT

GET
H3 200 728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame D6E3 38 KB
38 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:55:28 GMT
x-content-type-options: nosniff
age: 750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39260
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:10:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 43D6 43 B
216 B 295ms
95ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=2ba4a4aa-5d65-b915-762d-5695a8558ced&tv=%7Bc:mHuWbQ,pingTime:-3,time:85,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161*.987057-61527023%7C1611%7C16121%7C1613%7C1711%7C17121%7C1713,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 43D6 43 B
215 B 292ms
96ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=2ba4a4aa-5d65-b915-762d-5695a8558ced&tv=%7Bc:mHuWbR,pingTime:-6,time:86,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:86,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161*.987057-61527023%7C1611%7C16121%7C1613%7C1711%7C17121%7C1713,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:blogr.my*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame 2552 14 KB
2 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=3782604081&adk=231165002&adf=1017458563&pi=t.ma~as.3782604081&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276911&bpp=1&bdt=360&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=954&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=DpSXp1DszJ&p=https%3A//blogr.my&dtd=217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 16:01:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2552 2 KB
892 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 2552 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2552 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:49:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2552 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2552 181 KB
57 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 2552 36 KB
15 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 303ms
188ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWda,pingTime:-3,time:126,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161.987057-61527023%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:0,renddet:na,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 208ms
96ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWdc,pingTime:-6,time:128,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B122~0%5D,as:%5B122~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161.987057-61527023%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:0,renddet:na,siq:18%7D&tpiLookup=ao:blogr.my*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2D17 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:09:42 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2D17 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:10:04 GMT

GET
H3 200 TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 2D17 1 KB
636 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Tue, 27 Nov 2018 13:48:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:22:49 GMT

GET
H3 200 head2_family_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2D17 12 KB
3 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_family_mob.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3094
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:48:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:14:20 GMT

GET
H3 200 familienzeit_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2D17 3 KB
1 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/familienzeit_mob.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:08:24 GMT

GET
H3 200 mob_320x50_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 2D17 23 KB
23 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/mob_320x50_kv_family.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c914448e6c05e565d80c198049e3063729255eb8a00c8cd1a8a0945a11c68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:02:15 GMT
x-content-type-options: nosniff
age: 343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23503
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 09:41:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 16:17:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 43D6 43 B
215 B 203ms
96ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=2ba4a4aa-5d65-b915-762d-5695a8558ced&tv=%7Bc:mHuWdk,pingTime:-2,time:177,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:406,beZ:407,mfA:408,cmA:409,inA:410,inZ:413,prA:413,prZ:418,si:425,poA:426,poZ:446,cmZ:446,mfZ:446,loA:491,loZ:493,ltA:582,ltZ:582%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:177,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B171~0%5D,as:%5B171~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161*.987057-61527023%7C1611%7C16121%7C1613%7C171.987057-61527017%7C1711%7C17121%7C1713,idMap:161*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:156,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=100&slotname=7145104337&adk=746720826&adf=3999027082&pi=t.ma~as.7145104337&w=320&lmt=1693318077&format=320x100&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276914&bpp=1&bdt=363&idt=215&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QH0q101AV4&p=https%3A//blogr.my&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 251ms
188ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWe3,pingTime:-2,time:181,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:497,beZ:498,mfA:500,cmA:501,inA:501,inZ:505,prA:505,prZ:510,si:515,poA:516,poZ:534,cmZ:534,mfZ:534,loA:625,loZ:628,ltA:678,ltZ:678%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:181,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161.987057-61527023%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:18,sinceFw:161,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=90&slotname=1865691642&adk=2030624934&adf=1283340349&pi=t.ma~as.1865691642&w=970&lmt=1693318077&format=970x90&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276918&bpp=1&bdt=367&idt=216&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28c2e92ab9d45a79-220fda0b60de009b%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA&gpic=UID%3D00000c69d44fd965%3AT%3D1693325277%3ART%3D1693325277%3AS%3DALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ&prev_fmts=0x0%2C300x600%2C300x600%2C300x600%2C320x100&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=PXdP1aIX5a&p=https%3A//blogr.my&dtd=218
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6408475138381289550/ Frame 2552 12 KB
12 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6408475138381289550/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de7e97f2adced303c344a491063ea037f043a39879f0b026b1d3c8b39d81af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:25:51 GMT
x-content-type-options: nosniff
age: 88927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12540
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:38:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Aug 2024 15:25:51 GMT

GET
DATA 200
OK truncated
/ Frame 2552 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2552 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 1EE0 14 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=1240201226&adk=2639309505&adf=1096043579&pi=t.ma~as.1240201226&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276904&bpp=1&bdt=353&idt=206&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h3r19MQNtW&p=https%3A//blogr.my&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 16:07:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1EE0 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 1EE0 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1EE0 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:49:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1EE0 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EE0 181 KB
56 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 1EE0 36 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 154 KB
52 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/reactive_library_fy2021.js?bust=31077451

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9012982454a4dd38f1660a263412ca20b346b65b6b02542a4d3f188c528c6787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53639
x-xss-protection: 0
server: cafe
etag: 18035024832894322970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8991608643751055034/ Frame 1EE0 14 KB
14 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8991608643751055034/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb8837a18b06942f5657ebcf9a13740dd62eeed6c8531c1b77013a80d198183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 23:45:28 GMT
x-content-type-options: nosniff
age: 145350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14546
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 12:27:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 23:45:28 GMT

GET
DATA 200
OK truncated
/ Frame 1EE0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1EE0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2552 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eac272af52c81e5002c8d7a66e5a427dd58ba995769c07e4248417e811d79fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1319 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5965847349382843&output=html&h=600&slotname=4111004620&adk=3656320041&adf=1491903238&pi=t.ma~as.4111004620&w=300&lmt=1693318077&format=300x600&url=https%3A%2F%2Fblogr.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693325276908&bpp=1&bdt=357&idt=213&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1817676986952&frm=20&pv=1&ga_vid=38835051.1693325277&ga_sid=1693325277&ga_hid=2114086089&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077318%2C44799956%2C31076996%2C31077451&oid=2&pvsid=3826488355452675&tmod=1653958735&uas=0&nvt=2&ref=https%3A%2F%2Fblogr.my%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8wJ0GNFsSN&p=https%3A//blogr.my&dtd=215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 16:07:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1319 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 1319 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1319 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:49:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 1319 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1319 181 KB
56 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 1319 36 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2552 33 KB
34 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 557610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 05:14:28 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8796710710140116453/ Frame 1319 10 KB
10 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8796710710140116453/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04857ef4226f0d37316363d609b8826ea78cd90d8d029b14ddd7af3fdc7a8ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 16:27:14 GMT
x-content-type-options: nosniff
age: 344444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10648
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 15:26:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Aug 2024 16:27:14 GMT

GET
DATA 200
OK truncated
/ Frame 1319 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1319 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3127 0
20 B 112ms
111ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBjWG3RfuZNTQN7nDx_APrvqsmAwAAAAAOAHgBAI&bg=!ICOlI2zNAAYkVgHwBFY7ADQBe5WfOKvVVdJObjuCAAvOvTWYPFy0ZvgxFBiljkQyRjuYKRbTfLRcCBmkMlMIoSWbGuK7AgAAAc9SAAAABWgBBwoAXuaRPj8n7jjSsgaRzYv5P1c4E6OB31dzMOTYPd-FKDKhiWOiVxzKqpX13ONHBv30hDvRN3qH2UTlR_RUMDGEDGEk04KUu9amHiKTfwDm98tRW_aE9Cw8LCY7iXnxpdOZAvlZZxhNFnaJ0pnrcwAsl-MIFry0mY3MDxFYO0FJ4OeUwdxFqWpwoEy36gVK-W2r93Um-7sKjdNBavB5B2h5pShDNGNvhVDWa1OM9E8KDFj2ZOOfwZUyjlePKANtazuRvplN2FDi54YLkQbrTU7UhBD7AGBiFEfUmUAfDlIojRwXsUgUM4KMW-ba51Q50XDcQwIEffyxLZc-zaWOU1KDU9mVm33pn7Q-gitnkX5C4wtaTl6OiqLArbg-tprA1LFJRCQK6tALKJFSFutf_jE2R4B-DTzac_PGFND4i-CDRnkuE_2VfzAZI_Wr9XCrKAs8ITbm7jFx9-KVGMqxUj5xBuS6orTtv614I_DSQyeQfQ3V9SO2bEoVD1BggXINpsq9ybqVhLIoeWO3JlULDzNXqnQ1RUPLzgf1oYejiKI5xKe3Th8tE3JwA43KiAyG-Nl9RxSRoONUd-eDafts5-QoHQrWNLiFX6Sp9iWy4N4ib5w9cqCffCm2ILlmWH5MEubE8fS369Ro-lfguHNZIKNQKwY7I1JIYj3S7AFSTphJrXyy3-d2zZUcbuI_Dxlrt0_erAuPE2w6o7_KRrkvIhvOMCl1tNII4WcLejMhYJLzngS7N6kFxvB74IBGnjFX3kzqbycH7PYDDzw9kiNBSDCFeWz4sMUdVl_0oXk2l_EW_97asIMkz9LbybIrHr6lTCiFHOq1kKlKkiNpJAEw0SsDnvHmAEKpzhItRpFz5E2w3QoXHmDhvXX4oEpIyaFxYCa2NWggP59w2StgMjxNcn17BQWx_u4xE_axQCcMgTrpgWOdDpwHYVBNTRjnD8K_xAgw4zBKw0V41OmToL-mdv01nvFJbyaizxtMHSnmnCQhfiJEHY5QjIzcxXrDvKbTX4e9Jt9XXrJW1ckcdaD9fZyTKcKOspmmRrYkD0SngXo6q23RMFEprQdL_hWgkFZ50PXenxe5zlpTIe2zEzkhE5TquzrMu9_aHqJ12bWA1B_j_7fI305Dr191kMqimA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1EE0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5849e6d64ee1794bc6b6b6c770663c772fed0ae26a25ff85f4a646f767ce4c35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03B6 0
20 B 111ms
111ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzooA3RfuZKHKOLbAx_APsOCtqAMAAAAAOAHgBAI&bg=!VValVhnNAAYkVgHwBFY7ADQBe5WfOKBiIoV2ceF6YZpy6fGPxUQKazSXDXeMO6OJsTwxf0wJuw6Gg91mJ2LOzT04gflaAgAAAcVSAAAABWgBB5kC-OIPQ5HLaPmk4AJckneZq_kcoNdFtwLa8MUNHbBKbFskIB10tbSx0ugXYmtcInk30mHe6SFnLmdzinj6fCXl9FxTT8Q7SAlj4Jzzh8MvkWi3Q1tqtJnDk02zNkajEeSWG9kJhH6yrO87v336oN8DZtajpgsjs6DZXy7JNC5aZNRvZne-MV2AuuVRiGn4paXvZfN33G3zvegq5-4ASY37dHgFMmfiEF_4b7Lj-0vg-avPEkqTdCWRlErHI6D_c847Tf8Y9othGEaSSB5POP-JKBsX-xnANuPLVsyvqYhJUsy2Y8vlKydQBqDW0HZweJy0Y2zD4Sg8XF6G3HE5581IAbfZc8HG5GwOqPd2jBXzeJeKpuKEyq-OkZCoOngvNCUixscge3POx-YZuoJxTipDR1ckY0sdnYED9nXaznpW4P-l-CiWs-NWTWyOFWPZhJvsQhQphOvlc1xeWmSXdFaW9apZ6Xw-ihirvJiexg73r9rPbWzN57W6yNJpdl8ChZV3j0K3B2desl6UznvtriyarDjGYfs-nqzGFdRkUt1zcJcJU4qIdrF_eQWiidjWhkCVhgTTeAsge32Kf6bEVfgf6aMg_SIajEWvBID9EVjlgIMWOs9pMWY7H8oxLdxnbbLM4Tk-WGxeDyFWbPDC4yJmg3mS2UOANFpiZve1h_zlFhh4rQ4gvk0M4XGuNKjQqlrJCacdDfg0m0OT8uaQY-eixa5L31xTIcNgSjYKQI95gp_hFTEbQQ_kZFpCSfluF8AHzxnFYQHa45-VvKRdD6WP8ad2ZUuOtkelZ5CQN2wZzyFJypX-L1SL3zDzUkEbaNf4QZ3dP2o19BuhfdKqP3kMsBugfxpRvpwfWLHxIDD6Kh-xpWzrZh5wYr7yIQErp3Ktkzpyv4EUw1ApL2rlEc5KR4_TuktMdgAzc9kl-m9y03DCqynGh44A__d33kwP6uRirfi4_HGm_caAYTCJ8-KU5kuNb1Arkcv8jRg3j4Ra-W4mGrv-r-mya4E

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2552
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSqdu3RfuZI2HCbrB1fAPsKOCiAyf4-LuatKL7Y7wEaig-v-ACRABILi1qXJglfrwgYwHoAHx1I6SAsgBCakCLAj9bDMhsj6oAwHIA8sEqgTSAU_QpphvEEfcjlLmEbmoIG5k7_Nvhvn7fbW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213393424773592936783%22,%22debug_reporting%22:true,%22destination%22:%22https://sunnyside-fasten.de%22,%22event_report_win...

0
0

59ms
43ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213393424773592936783%22,%22debug_reporting%22:true,%22destination%22:%22https://sunnyside-fasten.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22574859889%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228639144509886079825%22}&andc=true

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13393424773592936783","debug_reporting":true,"destination":"https://sunnyside-fasten.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["574859889"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"8639144509886079825"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 16:07:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13393424773592936783","debug_reporting":true,"destination":"https://sunnyside-fasten.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["574859889"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"8639144509886079825"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame 52A0 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 15:14:45 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 15:14:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame 2F23 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 15:14:45 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 15:14:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9308 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1EE0 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 557610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 05:14:28 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 52A0 4 KB
671 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 14:15:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 52A0 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6521
x-xss-protection: 0
server: cafe
etag: 18225085782652855565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:08 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 52A0 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:08 GMT

GET
DATA 200
OK truncated
/ Frame 1319 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ff6c13cd18dc889072433eb1a491c6f27b07ded75f8b1efdb07a6b34a949fee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1EE0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkS2q3RfuZKb8CPaE1fAP3vyUSMugqfZxgpKpts8Q5saMhcQ2EAEguLWpcmCV-vCBjAegAaOw-fMCyAEJqQIsCP1sMyGyPqgDAcgDywSqBL8BT9DERee2l_c9zRMDI1DXzzjn4ek3cRRFOLJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221247429210566298800%22,%22debug_reporting%22:true,%22destination%22:%22https://tierschutzbund.de%22,%22event_report_window...

0
0

42ms
42ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221247429210566298800%22,%22debug_reporting%22:true,%22destination%22:%22https://tierschutzbund.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22780032035%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211589379098121692065%22}&andc=true

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1247429210566298800","debug_reporting":true,"destination":"https://tierschutzbund.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["780032035"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"11589379098121692065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 16:07:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1247429210566298800","debug_reporting":true,"destination":"https://tierschutzbund.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["780032035"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"11589379098121692065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
41ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 16:07:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 95ms
95ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWkt,pingTime:-10,time:579,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693325278812%7C%7Cf2f7ba4e054d676fb0495ef7f24d4e1e%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7C8ff19690217dc94a3415ee430f6f6c56%7C%7Cbb11048c16ea5c3555493ab86264c3a6%7C%7C1bb8dcd1cf4274007372fdf7896145ea%7C%7Cd475c7b0ca84bc14f22b7cc307dbaf80%7C%7Cdf266a93c4a79bd761d101aa1104d0ff%7C%7C1663701684,im:%7Bpci:%7Btdr:487%7D%7D%7D
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 43D6 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=2ba4a4aa-5d65-b915-762d-5695a8558ced&tv=%7Bc:mHuWkD,pingTime:-10,time:630,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693325278822%7C%7C2aa662ae95a0537995ab903d02469389%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7C8b4632023c595142b248667298142139%7C%7C4fa44cb887e37814625b7963e7f2b795%7C%7Cf2c577aac587d757e3ec4dc9e18cd329%7C%7C3244784ae4dff1b812487c4a39624845%7C%7Ccefb7634c0509a019c46e4a13acd1620%7C%7C1663701684%7D
Requested by: Host: blogr.my
URL: https://blogr.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:58 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame 2F23 6 KB
706 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 14:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2F23 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 2F23 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2F23 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:49:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2F23 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F23 181 KB
56 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 2F23 36 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1319 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 557610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 05:14:28 GMT

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 49C9 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 16:07:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1319
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTiiu3RfuZIWmCfKV1fAP2b2-4APLoKn2cZzn1eHdEebGjIXENhABILi1qXJglfrwgYwHoAGjsPnzAsgBCakCLAj9bDMhsj6oAwHIA8sEqgS_AU_Q-aX8RnXzM_0GbNW_wj1_oFVpP4OoTm5...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225416968729535200044%22,%22debug_reporting%22:true,%22destination%22:%22https://tierschutzbund.de%22,%22event_report_window...

0
0

42ms
41ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225416968729535200044%22,%22debug_reporting%22:true,%22destination%22:%22https://tierschutzbund.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22780032035%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222883074336247060977%22}&andc=true

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5416968729535200044","debug_reporting":true,"destination":"https://tierschutzbund.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["780032035"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"2883074336247060977"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 16:07:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 16:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5416968729535200044","debug_reporting":true,"destination":"https://tierschutzbund.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["780032035"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"2883074336247060977"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 5898 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5898 8 KB
750 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 16:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 16:05:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 16:07:58 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 5898 15 KB
3 KB 43ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 19:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 19:19:43 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 5898 368 KB
128 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 18:22:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 5898 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B81 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 16:07:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 5898 0
234 B 777ms
266ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llwi5fdu&c=2601117356160&slotId=1300558678080&qqid=CKfVj52ggoEDFY0wKgodlncNVQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5898 0
20 B 109ms
109ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CFfdw3RfuZOfyD43hqAGW77WoBbi8xbJxo5TIj_AR99nWqrwBEAEguLWpcmCV-vCBjAfIAQWpAmlxWkg2JLI-qAMByAObBKoE6AFP0LRZOmVI2mVfs2mftsIKOnPLpSVfY1EVey-k4H7Xt9mJDpDkjRf_H4Rcn1DYh2uxWZV-okz57GLd_PdkP-QnR6UwR4uBMnHwkDYPDBdq09B3z9cZ8rz4WZk-eBlw3KtCzR1N2qcM2HO_NX3Mq_Uwj10rB_ICYxX9f204taSAxaVJkbLjQsuci5vfcaml5Eo37VaDfLtrRvHhOSR2BNfaRZaReHYiXVWD9RB7a7oAtjeQS3o8rJ_ZyBztd2WLayiSTn8ME9Y5tSXPZzmz7rn5COSIPOic8b3pGl_FXPDs0Hmnje-QYHeDwATh95yIvATgBAOIBeeL79pLkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1693325279016&ai=CFfdw3RfuZOfyD43hqAGW77WoBbi8xbJxo5TIj_AR99nWqrwBEAEguLWpcmCV-vCBjAfIAQWpAmlxWkg2JLI-qAMByAObBKoE6AFP0LRZOmVI2mVfs2mftsIKOnPLpSVfY1EVey-k4H7Xt9mJDpDkjRf_H4Rcn1DYh2uxWZV-okz57GLd_PdkP-QnR6UwR4uBMnHwkDYPDBdq09B3z9cZ8rz4WZk-eBlw3KtCzR1N2qcM2HO_NX3Mq_Uwj10rB_ICYxX9f204taSAxaVJkbLjQsuci5vfcaml5Eo37VaDfLtrRvHhOSR2BNfaRZaReHYiXVWD9RB7a7oAtjeQS3o8rJ_ZyBztd2WLayiSTn8ME9Y5tSXPZzmz7rn5COSIPOic8b3pGl_FXPDs0Hmnje-QYHeDwATh95yIvATgBAOIBeeL79pLkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5898 0
54 B 769ms
268ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llwi5fe1&c=2601117356160&slotId=1300558678080&qqid=CKfVj52ggoEDFY0wKgodlncNVQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1h9&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5898 29 KB
17 KB 99ms
51ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A6kgMukuUQ8DpVEtUaw3v58MHXAfbJy3dxzhpaUmYDAdXdtXeeA0HkH7Ue2q-YQqIlFo9vFjZ2Z-MxolT0GOdbh4kCnQ&cry=1&dbm_d=AKAmf-Ap3TpXS29-vjAhGX58cKWe4y9JGWp4_DrXGY4GljwiCuYjfTB2v3eC5WKCNJnlHG4Jhg1DRdQ2PmzcZ8sVGK564IW2ZUySffPjA_SalmosIaVXF_iZWHtlGRczoAv74LcYTCmoVkaA3fRcJW_Ia9_WYNUQDRjMnKSocMQXgXFnQ2gy1WyfduZr0mnKauFUmD21PZ8xWkgZjxK790L66zU0pGkln94KwFNpm5_WDIeUGVWnr9TbY42Z8r0moYMo8-2ukgx0apAW6yicUy9tzOxdap_LzCzbMPWVSlBBhInSYQQDz5L4gGyw7H_Myl-1I5Jo2iGf3j57LXEvBpxS49OovQHOj4DNiOoZCbFS7S7NdB-BYkSeoW3dAXz8AoMQjeI73TEXBbrWxxM-UCGVix2kDrim9DOMDkTwoiciOhECm7rA39Q7qtmUN6tfMvaXVCvJ-MgNvsrD1PSSFiiBVYs3gFk-Tb0g-mKsqMdut5ttb-_PccsWVBlNVjACbe08e6rNTKDkKfBugTBf-CwdDL8U9z4BU6YfkgGo4oOYydG_np3EyapR46LGsARhppgZN0_Q4MSHlqsaNhKLjzMp_6hxCAJyYgupqT0HAMv2AIaaTJ89MaO20grGKoQXINIJvz4BcvdiSEs7Z31ur-crpikctlVWoEuQEv2DtIakyGxAJ77UhwrlTNEB14iznUwfPqO4XzLKF6uQrlUjficJi5mJGS9HGkhSCSNn3YxROw39aifZr2e7CgeNFCY57TfIyTjF3cZoD30smy-vJzV8YrWl6UE15GoPDW5xubI_GWtF2UzWxtqX0eVAdeD0_GP50QAP5mSH7h40fDtG3wK2qpf-1cgYVNKjPkbB_8c-Ca1X1MRqFNNkANKxY0vXoezvosCOZ1ehmUbafEPd48kPEcpOiB2YOJ0u4OilheCZN0HK3pl0OcuDhr_T-NXSZxbjQMljpSaS8uymh687XmrixeJKbofqIpB7mE1zZy_CZnjNNHbYjxksGcasjcQ2Nct9Zhm0svJ30CiJ1GAnv1JdLU4ME5dL_3oVqAkhmD57ORXzicahmGa9cigkNxf55LoafnSau-akhyphksxLhBWC-6VWJImEoi9h9hyPu-Q4YZnAqAEw7MA_3ecXKiaYJi8805A5-j4DnM2UMWEAZlxsdJEUeJQ4kZ7gjCpRA3Q3U5dDsiIGpSIMcXqiiAgvTuxZw5SUj1kHKLmxcMDpkrg6Yoz1bw-gpVbksLdO7Urn0ElOUDj36di4GfTNUcrKiv3Hqc5oLCiqGmUdayNSq0i6V5qWk6Ap_19_LFq1JsYpVNQpPgo4F9hZ5g714SdaIuGmHgtb_D5bEpfwI9s8Pt0tL3gAvMUv6V_cQEEu-0hq_o-smNAoQzzvEqEzxew4D4Y3plpEv2gO47SvGfGFVfv_GJSb3FJFUP3OCJijmX9OxJ3PcVv9bsnoiYYyzVK9RXsvX6Uok-DBoONgzs2olwZ-kUaedyQycSS9SPygDXxvzyoswIVCIdj8bV2BGczUOgNfqQr4IIiYPZYE1wIRjOQrMA2GxsatIOjt1Z8E23u0u01q0ohh98G1GljTLwxphXiMjDQ5vB6ovO5uE-U71YxasMmqAXLOpQF1ZAIiivPFl-idJXuo9YC0Qi8wsY4qdLNAS1XloMmF8Jvi43VXJV0gQql9_DCjmooaxENHmXwepxjRVY3I27-c6l9a3gV-nfkaAcZvPy1Z27kbamlZR-NgTYCBx2mfffByDGGhjDKGpaOyU5g5yUcFt1quuakdBOsUSRdjqieQBVjuAcYbDZb8xuQSQCtoxgQ1hSkMaWexEwdQ2CVhQwUWxVagzFfbSgiXVxA8KM-G-kOb5OnG9jZhdTZoYZ8XHrEVhKP_mcDCRIQI2O_ICfLpDObJylIvUDfYKXFX03pU92Iz_Wdlcv_CGSrQTNouPJk21wxbVN8hrgxKZ1_R-UIDiHLgjDxtZYG5cjKCPQW6V-_VQKpS3un3xaSlrhcqTxwAV-oGqsOVHgk_A-rp5nCWgPsvZrawf_zpJV4SqtXPAuiuDoPnpbdQt6Dhhy2dK6pTSWnSXqU0OdQtCMXRVz2k9E7YKNOHK9fwDyoCJsIv0rf1_1CoX64CWodB6-QN3cQIEEuuKwMM7p2svMca-sVItlxJMiSKcwMtbu318ahipgvnh-LWhkpOZCzAN8Ze8y-K8uXIXnFd2KY3gwd__hcQhtEg813Xvki0JRbcd-U171wOq0fSHZ_EUXxUoRq9zMQn0Q4VcRDxaExb7V9DsWd6rYSoBazm9A6224XAUSxWheoBvFEaeO3MD0xMhgADkj1xHwJGFT1_vSq6HFd3GgxpET3BI6mZy9faSBx3hSRbkS6wyVLM9Q48siVIfXA3YwK7SvNKXF8nFECM4TypE-HBmDfqHooQ2If0l0jN7TgZfIdpZDG3hfOkXOdKNMhJoWNQATybPVO_ybRYoA61hIOr8K05W4D5hqjg-UB5iyGo9zPhipkj0mIVaLm7qVEnHbJsirbL8bXrV_ZekQ5TuAyEaYoFYPj4MtWyiGno29hpK4lO5yWZn6cWihoEF0QNwcJ2g6QU3IfHs5HMNMwZa_Fp2AJBimBUzAdBh85BR8tXb3Qc18WdJPYJaxVd8y8Kfl_tbbqdcbMJWCTN9nGCd3JakQLb86kYijWZ6fc06jb05kY2sp8PhWmHWqG8LhmA7wLkO_4cTaI5lJYOWgTaRN7r8HDxXBxTNfTyw0YkLIIoMIkIx_RH-eBiGGu6kc-352qZVXHSGjx6CQcLRTjoimc7TsbidGoGR8Uz4ZB102eJIyo48pb7eRXXyDNefPOfLhEinrXhUzCzDlrMnAAUfxrRXWF9a0EDmCl3Ci-bUUQl9yMeM0ijXdtQhjxeRKeQOg9T5rLlP9KLd_CotTReCrHH_tOFmC7l6bIXLtpJBMaZ6NvB_YT6QMltQJrnnjFnk3dOERBk4Iag7iifvEBCYiKrZfSfoAxBKRlK6-byZv3K8o4vk_LmtScqgg6Rr9Hts1ajxcOQU-n4mmW5mZ7XuI7anJdQVw-GxaPSVxY1A0aJtWBBVVVScBXG6dpgNDF4PHCBWjq_iulcrCqheixbArwpLK7-F-AdA2B6Cc3IRnXopq5NLGM6goBQ2Q7jFVKW7ljQ3_fALbuszNcbo01pt1fLKzH1eoXFyP8sTVss2QhBUrC2z3irr0akivDnxeGvQY7lN52UYxW-sz3kisNWpAzBIKCnBcQTq5u7KsH0TSPVBMBvsJoj2Pio4zX0SybvB3B9otQHlTXLprbjTkncYZzT097qzxl6seuC6XuR4dikWrUB0xWE92KWDvoVWNzGQXsVZqS590ff4Aua0JysqsfiSxAFGPHvwhKJRlJzInKlB_hNVdO09kFyqPdGh8cqmmfegrwHcLhE18dlAPYy6k--J3V4pAMkbOJ0G2ypX1Lj&cid=CAQSGwBpAlJWkJwIyoGhNWP9qw6Oblgg3rfr8i9sGRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

da9e4f49a8f32227c2df79904b77f9eb186a21882ede79e3b1db74efc1ab8214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16644
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 965A 42 B
174 B 112ms
112ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJgAwpQxIMaQWMl-L8wStxH7YO4O131MY873uwv20gvZdGT3dhBh5q9t153C3ac27hXHKpjgj0JwEZ6Cvfsi5KQd8k35RQ0WnCardNz_ntOZCq_Kv5lwFbpyncxpvuI4-OWAO_k4VVNH6N&sai=AMfl-YRfmy9XsVoprrnMfCjyfsJnKCIzObAB4uCD3KPrlWYb4a6_NQtBQUBM6YlbR6WtOM3_XUx1eQNDXQ86QJ7yWazmV3q-BEFsoPfMyYX_MiQ7V2aoa8II7ff38md0JebSQM-Rgfg4DSmzc7jk&sig=Cg0ArKJSzDcQAqg60HLcEAE&cid=CAQSSwBpAlJWOkAF0_zc7ArMw8d6o-RGn7xfugt6gFKzzBpmfpJH0r0g0Dfwib_IZqUteS786QCnk9MlA95xq1HSWnluXpSK5WTulij7IxgB&id=lidar2&mcvt=1087&p=0,0,90,728&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2030624934&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693325277738&rpt=261&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5029 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: blogr.my
URL: https://blogr.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5898 0
54 B 619ms
267ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llwi5feb&c=2601117356160&slotId=1300558678080&qqid=CKfVj52ggoEDFY0wKgodlncNVQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5898 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-4g5edn6r.c.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5898
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-4g5edn6r.c.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

65ms
7ms

Fetch
video/mp4

2a00:1450:4001:e::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edn6r.c.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66EB8F06BC2AD1B5D61EF28FC23A09703C065D59.2867EBE06BD0AE3F1958471851D4D0B5C3FC800F/key/cms1/cms_redirect/yes/mh/kr/mip/2a02:6ea0:c71b:0:1011:27f2:92ba:88d6/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1693324025/mv/u/mvi/5/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:e::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 16:07:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208492
Last-Modified: Fri, 14 Jul 2023 09:25:31 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 29 Aug 2023 16:07:59 GMT

Redirect headers

date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-4g5edn6r.c.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66EB8F06BC2AD1B5D61EF28FC23A09703C065D59.2867EBE06BD0AE3F1958471851D4D0B5C3FC800F/key/cms1/cms_redirect/yes/mh/kr/mip/2a02:6ea0:c71b:0:1011:27f2:92ba:88d6/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1693324025/mv/u/mvi/5/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B05 23 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:18:07 GMT
expires: Wed, 28 Aug 2024 06:18:07 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb00255196c2e236073d9a6362dfe4cb1aac6e2006ce777bf72db5b5969070a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11581
x-xss-protection: 0

GET
H3 200 M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B05 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 521546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14677
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 15:15:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 16:07:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3D8 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 13:49:55 GMT
expires: Wed, 28 Aug 2024 13:49:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F31 829 B
1 KB 83ms
61ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0b0a008338492329e84a1286c9f038d4b32244b5719b1aad4d27adca050919c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vPF26V3lk4sxGkrd9PVb3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogr.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-vPF26V3lk4sxGkrd9PVb3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 16:07:59 GMT
expires: Tue, 29 Aug 2023 16:07:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 206 file.mp4
r5---sn-4g5edn6r.c.2mdn.net/videoplayback/id/fa92e19dd2204e28/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724861279/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5898 2 MB
2 MB 15ms
7ms Media
video/mp4 2a00:1450:4001:e::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f100317def50a3c6500308bd4e5c3fb123bedf76286b281be6b00b2334a456e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 29 Aug 2023 16:07:59 GMT
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2208491/2208492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208492
last-modified: Fri, 14 Jul 2023 09:25:31 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWup,pingTime:0,time:1195,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1195,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1189~0,0~100%5D,as:%5B1189~728.90%5D%7D%7D,%7Bsl:i,t:1195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1189~0,0~100%5D,as:%5B1189~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161.987057-61527023%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:255%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B05 0
20 B 111ms
110ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQBcD3xfuZIayBZWz9fgP--moiAEAAAAAOAHgBAI&bg=!PzylPHPNAAbGwlhq5sI7ADQBe5WfOKSAGckwmVwrSHU0s8yXX8mVfMA1Rj5A2eh6NpdMih2zAbMjMbs3tEweng_Wlw3dAgAAAElSAAAABWgBB5kDAzlDKD2c8uwrM5aL7VEX2Ui71kcZtHFGGF88ONfbmgCwJ4jWpMonJcC-3Yww_N7cBQlEUi0wrhjwTNuqFsShyuNEfktH00hd9FTsqbw04zxgSIXmsUMgmgIhNKAbJFmvYyC27Lm_zsvq_9TWmjZG3JdKXQqeksDu2WDlXTSFdKri28ovvdf83hJOLsQrugbH0AyaywHWm5UILWOSKyHYEsIWIk0y7AMOLVhPCK9ynb8DHfqZC6Lm0XYZGVb6SdYOeRdaDxw-owWuF_QDLgdNY61alIGbvtRGEs0eSYfL-1MjEteEE-kbdhTxxpEmcYJvLQ6TkboMh_uHPSK6vNUaMLg1O04MuDHBKKvuScHoJKmSxX_92R_93hv8rWJNkNht9wJp2WzUDmzL2U9mks2cf9J06rNWSqUbU2GRUHKAmgfZNYQ74ufuxuGztCyMmBusLIAZp9Xradzcf9jgI3qjoZYlDs4qRiFyXlcbJD3KcM6FzssgGy_KwOblLQnUkZrFL7lFSQ92AciqBGQosEKWw0uEjV1pJcUPFfyIIJRKgpVdyqLIH_QsLJNzwG_JC9NztpKVdY-VkL_ZeAquIqm_OBibAbq08WZQ6gmzRVDR1FiJubbWCaEMtmwwtNBTpAIWfdnN-t1agCoRfxjFDqGdb4NAQwkqpG2vbuibhatz5A9Ow2c_Z97s0s9-seLsf6WBzQkvCeIvc980j1F4Lh0fXFZNTVlrM9hYwCHa4JP--62xE9BI1iEW-tMBQVtct9Fld2UJ9oAHNCsuZSkGetI7NTSngexUkWL2tiXDVvsB1-mgF3tGfMMFrysviF-Yk_4xAqWWymqMmofumQHeHRw3aysmBKSSTNb-qbkMhblw7DCmJvPzSBOkniUxNFkqIxhbHwQAO6yVpLHZ0h4ox1lvjs3C9iX1tzl9faoyPBLQBTcpEDHjJfiV_KMu-7KCWo4AR0cd0RI9WJ629x1eWbg-0vGDAm9VL7iYgw-2OhNHQ5Ljx3FU5E8gD7V03_dCo4AZ7kPBUw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js Show response
pagead2.googlesyndication.com/bg/ Frame D3D8 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/53FW8zYQTkJ6aaIrXR-nTnykNiqudoH54JKD_I7-wfM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 06:15:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D3D8 0
11 B 7ms
6ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q_T2kg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:07:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F31 0
0 106ms
105ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=3826488355452675&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43D6 0
20 B 105ms
104ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=630479291425&version=m202307240101&ct=76&x=1&cor=12245579201213463000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2552 42 B
64 B 111ms
111ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuc4oWbX6-M4VHYgYZTv5x9S-mI6LrCx7-nlJ8mchC0eradH9pMCG1RVF9WQgxvraBnVyyLq2fRRv4ZFDwZ1dgPIGexJhQrBqdvOyPALWUOx971XHZxrctoTaszQJUO4tPAU1F2PGhXawC&sai=AMfl-YQTwx0SROczRyABmC-1bQpWcLNYWlFoHDjofXj0zqa2uOZFstE9aUgnwiPgTY3VpFZQWlNcjKSqjJFV&sig=Cg0ArKJSzGGqJxmuy_hFEAE&cid=CAQSGwBpAlJW1-d9h5Wzcn-5HFbOFFqUiEJH76R6IBgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=231165002&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693325277128&rpt=1546&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 965A 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1081750675586&version=m202307240101&ct=76&x=1&cor=9577482515067245000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EE0 42 B
64 B 112ms
111ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAv4QecrS7AhaVIIme1oxnLll33W87K9MaZF30nt68-NPy-5HXutkh5mdvnib_g7O_psUapXJY-Q8WgI0GY5bqivIAovG2pRV_qEQeAVxk2MubA_mqHzM_7-ba5kQJoBV_J6gaGf2PB6Yd&sai=AMfl-YRItO8PccVWdUh2hQkAaCVKgmVDx-5I4tecO_jWk1tVvaTaREK6qjz74IcCNS55rEjkB2DMaNn6Uh7X&sig=Cg0ArKJSzLV0PVdRcFbLEAE&cid=CAQSGwBpAlJW6OeQQLsT9rohzqFU8ncE4y14E2LWyxgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2639309505&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693325277115&rpt=1679&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1319 42 B
64 B 111ms
111ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8Yuc1BknBkLb1agSDbCLw__cV8tr5ptm0dFhdPaBPiluFA4yo7bWk8--yuj-3nPKbZ38a_WVNlFlzFxUzSimUwSAWnkRNCp9MDYfu4ZS7QjDTEBkKhpD0-Hr9XMF1iTYi_fCO_8ALav2H&sai=AMfl-YTUK1aniIQW_at19MmcOxBNClc_mf1u_Mi2h0Gx-AUfeXh-5TSlyZywNbz2mpEZbs5BYNlOV-Bb4yXY&sig=Cg0ArKJSzP__xuR8m6eUEAE&cid=CAQSGwBpAlJWXh4ioU5DOFfu9MjmpKtOYA8k8xhEdhgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3656320041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693325277124&rpt=1783&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
107ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=3826488355452675&bg=!WVqlWhXNAAYkVgHwBFY7ADQBe5WfODL8bXfjTJttfh2UOxKKAKWnHD6losjs-CG-cYt01WL6ZpJorp590lTNVY-9dImvAgAAAFRSAAAABGgBBwoAVguChUNKzBPXaaTlyCjj2h-rf9y4Nz4b-IIExddW7Tr-xx79DW2v-g18X5lpXz1s9IGt53wpoo3YcWpKATOFvwDjeEwTXLKOsPVbx13wwKIt94jLRbpgmQLBW-RHaNkw2Z5Xaa1k8qSt-gpkbeABCk4yMAfDnhC1Xe_F3y6lLQSSDlCYe8tZ5L7Vbm8hpg9SrHJ4UyBQopmzl5aSbSBxTLI3Xqc1ckhoHlK5kXANiPwJywOX0sbEtlUTq3wdNEa4h1ivixJbdB6tO5J27Vsj0U0jfXcEfgg11lZ0Rmss-lmpGctDjxNC7lMt-EBnIwAS2C4NzBypEo1AwwAkSAWZLzhxPEQnjk1uskV3dgUUPYpBoxeGo2N7s0_9CzkhrFmSMQPc_NRaxQplARH1Ud57N3XvZqcLz8_pA4dWLqJckvY0aEhcajw6B6NKMJO-gzdMvct1K-uO38zeqYhwkRbGKCjbjWBqRp3UytvpjqAzWuoOtk01FTtPUNlxCkpnpx3gsd9D8oqO6mEnBNt5JJby8sI4k7gYi1_QnO16x81EvHQaHIpEAVhb4Ui2Yi2kU35nClItFvnvMA5-os9SjVwZE_77PA2SRHfi-fJrvU3BSy-Y3ivoRsKiQjx_JJQVWaQvdGZJ53bxeZwPdxVG_0d3EhcIL7dYeQ-O6vVlwX5ASSuQIq9AsOQt58jwbf7Ep_PhewqSjLferNvm2lrmKFjavgbYaskitE6PFfvYi797ZlzlUkEEJkSje10uDYgY8T0Ap4JdG-DhdiFkrIqdSn4qoUQ-oEVwTi9blLPt5x1k9iZW3eK-NcYi3JED99J2j-EMx8eBn7L00exJtwchWgKN1X3Sas5Jdfj0DB90bMUFUiGDBYTVm1opZ7H67LNzLXiqrlWm32ryuCjbMXSZSMb5fj6r8Qj_HV4ovhL-VEieEiQyjlliJj7FIXflBvYwYxcGCq4goWY-zqbDIiQryNW4uT1gp9XdIlkFJLaTRXfpTXul3qV6zcuRtcegmzZY1h-FJaJiLardkSWzt7A-J4OFW_RqB7xcyrbHZslg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blogr.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 5898 0
54 B 267ms
266ms Ping
image/gif 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llwi5fif&c=2601117356160&slotId=1300558678080&qqid=CKfVj52ggoEDFY0wKgodlncNVQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=360x640&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1li~vil.1tx~vfl.1w3&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:08:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWKy,pingTime:1,time:2196,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1195,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1189~0,1~100%5D,as:%5B1190~728.90%5D%7D%7D,%7Bsl:i,t:1195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:129,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161.987057-61527023%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:255%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:08:00 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 965A 43 B
215 B 96ms
95ms Image
image/gif 2600:1f18:1aca:4280:e4b5:5a4b:14:3110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=1bca9599-b62d-5210-9c3b-bf29df6b7bb2&tv=%7Bc:mHuWKy,pingTime:1,time:2196,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1195%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1195,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1189~0,1~100%5D,as:%5B1190~728.90%5D%7D%7D,%7Bsl:i,t:1195,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:129,fm:tOl6iDn+11%7C12%7C13%7C14%7C15%7C161.987057-61527023%7C1611%7C16121%7C1613%7C1614%7C171*.987057-61527017%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:255,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:e4b5:5a4b:14:3110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 16:08:00 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blogr.my/	1970-01-20 14:24:58	Name: _lscache_vary Value: 966cd0227f1a9537a17837f82703fe76
.blogr.my/	1970-01-20 23:43:41	Name: __gads Value: ID=28c2e92ab9d45a79-220fda0b60de009b:T=1693325277:RT=1693325277:S=ALNI_MZXALDhjI09fret7Xu-P3LyLcLuaA
.blogr.my/	1970-01-20 23:43:41	Name: __gpi Value: UID=00000c69d44fd965:T=1693325277:RT=1693325277:S=ALNI_MZz_W3ZhDqwktnLBSf3IaokQvl4zQ
.doubleclick.net/	1970-01-20 23:43:41	Name: IDE Value: AHWqTUldYoRHPHb3FmrYY7T6Ey2CXhawPCcSkkm_JeyVEHlpCCfwzSxtb--JvEUt
.casalemedia.com/	1970-01-20 16:31:41	Name: CMPS Value: 3373
.casalemedia.com/	1970-01-20 23:07:41	Name: CMID Value: ZO4X3bwLh6PH09DAx59PowAA
.casalemedia.com/	1970-01-20 16:31:41	Name: CMPRO Value: 2204
.adnxs.com/	1970-01-20 16:31:41	Name: uuid2 Value: 369800936162303826
.adnxs.com/	1970-01-20 16:31:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVRwjKT[!]tbPl1M>e)ZlrFUfJ+tGXxoeEYLv@?i.O<?/vrzAeYL@Wr/-POyzS?70r6I3If)y3KL9D3I?-2N2D/H
.doubleclick.net/	1970-01-20 18:41:17	Name: APC Value: AfxxVi6PZ9xAReq1AqyhImupjPJSGI-A7f5LLIqaLxm5Gm_f_misMA
.doubleclick.net/	1970-01-20 14:22:06	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 16:31:41	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
blogr.my
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r5---sn-4g5edn6r.c.2mdn.net
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
103.10.78.30
142.250.184.226
142.250.186.162
142.250.186.34
185.80.39.216
185.89.210.141
2404:6800:4004:818::2003
2600:1f18:1aca:4280:e4b5:5a4b:14:3110
2600:9000:238d:9000:8:48e:53c0:93a1
2a00:1450:4001:806::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:e::a
63.34.215.180
64.233.167.157
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04857ef4226f0d37316363d609b8826ea78cd90d8d029b14ddd7af3fdc7a8ade
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
108c1a01d5cdd4a71caea88fd9a369d2a7b58d9e178a905c2e9f7f72544efa20
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134f1c5bc31238ae7e78f9a57839d386ff681a9b6f6526741b54e2940e137adf
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17b767f85a14d9d6e5ec49c39498113f8453bbcf4abf90153034a0704f20faa0
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1faf4fc4c8989275a805a7e37ab04e24aa2b370ff4c012d9396722b361955feb
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27a6d90cfadd7ab802442584d5950b5e4a16bcd01f6ce40b34fa501fdf538c6f
2909117400dcc95f99cbcc62930bce751a820266f346a6e676aa573f71e922c0
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fac84500fb48995abc36547a605db01af304853fbfa53ec7b940281c4a44c77
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
36b9588247bcd90896742f6eafdf314a972f935346cec80259d6aa373f01b866
38d3961a6d6eda621092d295d704d963f12570d01179d7edf0dc336ed4b1cae2
393dfd473febbee00ac032047d37f8bf2664ddbc900d2aa27ad2977728f03c61
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
3eb8837a18b06942f5657ebcf9a13740dd62eeed6c8531c1b77013a80d198183
40a57fd86b3449a701c9c69553f28a26385361b14c748ed94c72776a697f4abf
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4de7e97f2adced303c344a491063ea037f043a39879f0b026b1d3c8b39d81af7
4ff6c13cd18dc889072433eb1a491c6f27b07ded75f8b1efdb07a6b34a949fee
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5849e6d64ee1794bc6b6b6c770663c772fed0ae26a25ff85f4a646f767ce4c35
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d5dda96bdc1de2d8bda7a2f90d5907bfa82bdb5a6f09a4878ff0d8adda7ee62
702d5924e83a746e7a6bac12d1e284d22adaaf1b338c6721ceaf3dad49f8f032
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
71d9512eb2f913d119d935d4c0f061e5069400e9bf30eecce45f184a4be15013
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
7279efe6212acc84644c9d14de971796bc5b3959a8ce51326e876edf35f73844
79466104689850b5e6ba09317bcdc829e1ed83efd1f0b1d37b6235e9b17e3208
7abed2865980f5e28cd61e2c5d9dbb3b5ec1657ffedaacef478101fcfa625a70
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae
84edcb775f3c54921db573d8e452e02b5ab48307db22965f87e81e0326a2576e
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
9012982454a4dd38f1660a263412ca20b346b65b6b02542a4d3f188c528c6787
92ef47f6586f999efc4c2ea84218c348c9889df21a7f58a7695da6a2df9d8be5
96ed373c16ce1eeb243114d79bcb828417ed889a9bba81931b98b48ae89ec34a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
98e19db725b717d6e69870c4832fd86e2fa491fa4ca181568198dba45c605323
99499332c932e5aa9060dd742b6536c6a2ee6e89560384a22398406a8a244751
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a972887227ba0b62e8846c488acd7f4989a23ef68c83fdba8d32f3bb4373139e
a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac17929cb54b4d8074a7e3823fbe14193ecf2a0b5ff247f7fc7c175534e5b14b
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b0b0a008338492329e84a1286c9f038d4b32244b5719b1aad4d27adca050919c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b2771c025b488e4d70e9bb5a004c2d04d417491a83a614723cbc54638f926807
bb00255196c2e236073d9a6362dfe4cb1aac6e2006ce777bf72db5b5969070a6
be31fa9be7263303f5cd0d6ef2ba3cf61de57e0dea683afd335c761588c89eea
c1a9f230614c3dd11c45f7184e4312b8bcd6f382b07dc4017edc100ccef45c34
cd7ecd6368faa1bb9c8cc7910b4e6b8261d929a83100f12506ba97c4bb0fe48b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da9e4f49a8f32227c2df79904b77f9eb186a21882ede79e3b1db74efc1ab8214
e2c914448e6c05e565d80c198049e3063729255eb8a00c8cd1a8a0945a11c68b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e77156f336104e427a69a22b5d1fa74e7ca4362aae7681f9e09283fc8efec1f3
eac272af52c81e5002c8d7a66e5a427dd58ba995769c07e4248417e811d79fd9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100317def50a3c6500308bd4e5c3fb123bedf76286b281be6b00b2334a456e0
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f5e06de714552eb414e94d4b12d392596ac02a43aec4196f6b3cf15105e393b0
fc0db1eb23ddf4de49650ecd53810fa4b26bfdae84a73a5e9ad2d3d2e8845c86

blogr.my Open in urlscan Pro 103.10.78.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

93 %HTTPS

65 %IPv6

12 Domains

24 Subdomains

23 IPs

6 Countries

4824 kBTransfer

9182 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blogr.my Open in urlscan Pro
103.10.78.30 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

93 %
HTTPS

65 %
IPv6

12
Domains

24
Subdomains

23
IPs

6
Countries

4824 kB
Transfer

9182 kB
Size

12
Cookies

188 HTTP transactions
16 data transactions