mdundo.com Open in urlscan Pro
159.69.149.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mdundo.com/profile/130145/
Effective URL:
https://mdundo.com/loginfb
Submission: On July 02 via api (July 2nd 2023, 6:00:38 pm UTC) from IE — Scanned from DE

Summary HTTP 129 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 30 IPs in 11 countries across 33 domains to perform 129 HTTP transactions. The main IP is 159.69.149.44, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is mdundo.com. The Cisco Umbrella rank of the primary domain is 252339.
TLS certificate: Issued by R3 on May 25th 2023. Valid for: 3 months.

This is the only time mdundo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	159.69.149.44 159.69.149.44	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:ab0... 2a02:26f0:ab00::5c7a:d71a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	23.218.164.71 23.218.164.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 18	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 19	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4 4	35.156.133.126 35.156.133.126	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	() ()
2 2	2a05:d018:d29... 2a05:d018:d29:3602:aef:9901:5093:3cb4	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 4	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	52.28.152.8 52.28.152.8	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:401... 2a00:1450:4019:807::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:16::7	15169 (GOOGLE) (GOOGLE)
129	30

13 159.69.149.44 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.44.149.69.159.clients.your-server.de

mdundo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:ab00::5c7a:d71a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

s.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.164.71 (Munich, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-164-71.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.212.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.133.126 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-133-126.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (None, ) 2 redirects

ASN- ()

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:aef:9901:5093:3cb4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.229 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.97.41 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.152.8 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-152-8.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:16::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hneknek.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
30	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	268 KB
13	mdundo.com 1 redirects mdundo.com — Cisco Umbrella Rank: 252339	95 KB
10	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	2 KB
10	opera.com res.adx.opera.com — Cisco Umbrella Rank: 40162 s.adx.opera.com — Cisco Umbrella Rank: 52288 t.adx.opera.com — Cisco Umbrella Rank: 2930	64 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	151 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	901 B
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4752	776 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	3 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 633	2 KB
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	310 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	168 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	262 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	3 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3707 r2---sn-5hneknek.gvt1.com — Cisco Umbrella Rank: 936357	1 MB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	901 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	1 KB
2	admedo.com 2 redirects pool.admedo.com	748 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	1 KB
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160 eus.rubiconproject.com — Cisco Umbrella Rank: 616	138 B
2	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4935	604 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 494	700 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169 partner.googleadservices.com — Cisco Umbrella Rank: 1129	19 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8246	623 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 422	140 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 922	75 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1091	164 B
0	alexametrics.com Failed certify-js.alexametrics.com Failed
129	33

	Domain	Requested by
19	cm.g.doubleclick.net	3 redirects mdundo.com googleads.g.doubleclick.net
18	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	mdundo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	mdundo.com	1 redirects mdundo.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	mdundo.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com
5	res.adx.opera.com	mdundo.com s.adx.opera.com
4	sync.teads.tv	2 redirects mdundo.com googleads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	www.google.de	mdundo.com
3	pm.w55c.net	3 redirects
3	c1.adform.net	3 redirects
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	t.adx.opera.com	mdundo.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	mdundo.com www.google-analytics.com
3	fonts.googleapis.com	mdundo.com googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	pool.admedo.com	2 redirects
2	sync.mathtag.com	2 redirects
2	an.yandex.ru	2 redirects
2	creativecdn.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.adx.opera.com	res.adx.opera.com
2	www.google-analytics.com	mdundo.com www.google-analytics.com
2	securepubads.g.doubleclick.net	mdundo.com securepubads.g.doubleclick.net
1	r2---sn-5hneknek.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	csi.gstatic.com	www.gstatic.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	mdundo.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	mdundo.com
1	ad.turn.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	eb2.3lift.com	mdundo.com
1	eus.rubiconproject.com	mdundo.com
1	secure-assets.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	mdundo.com
1	sync.taboola.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googleadservices.com	mdundo.com
0	certify-js.alexametrics.com Failed	mdundo.com
129	48

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
www.facebook.com
www.mdundoforfans.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
mdundo.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
download.operachina.com R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://mdundo.com/loginfb
Frame ID: 7CB4F59628FA8E3D233AC16D40A96B0B
Requests: 46 HTTP requests in this frame

Frame: https://s.adx.opera.com/aframe
Frame ID: 976F94FB62934726D461CA1F78B2D176
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: CCE864DABA24930B01AAFF788B54CDCC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4721105574136909&output=html&adk=1272721408&adf=3838797007&lmt=1688320834&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmdundo.com%2Floginfb&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688320833581&bpp=14&bdt=548&idt=474&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=186023508596&frm=20&pv=2&ga_vid=1837079349.1688320834&ga_sid=1688320834&ga_hid=890240494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C44788441&oid=2&pvsid=2823135172351736&tmod=187113750&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=520
Frame ID: 0B18657F43B3312A29577504B0AA00B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0C9BBE08067B4E723B046A2A2894EFC7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3E32CE02536D37D98358A1616CB24AC8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: FA509495CE9DEF1B01B1621BA0EDA6B8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 829CBF3B5EEA39EB03BC608B03CDEAC9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB35AAB3DDB87F8A773159FEDF80F06C
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019
Frame ID: E4FCCDBC13FE8503A092680E6D6970C4
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0707FD26AF7C230E48308EDA41A282D6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: B0AD52C5EB82ABB78F5D27D3EF00785F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: B6ED73BD5A87864508835E4E0B52D2A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 4C034DF17F7B0E4305515170981167D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08EAFCB3A061D2BF3DAB99262681E475
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D8390CFDE4F975AFC709C658EF07C608
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login to continue

Page URL History Show full URLs

https://mdundo.com/profile/130145/ HTTP 302
https://mdundo.com/loginfb Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

129
Requests

81 %
HTTPS

55 %
IPv6

33
Domains

48
Subdomains

30
IPs

11
Countries

3746 kB
Transfer

6530 kB
Size

35
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://get.adobe.com/flashplayer/
Title: Flash plugin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/v3.2/dialog/oauth?client_id=219180598216415&state=117e38d58cb182814bd36ee3be3f7ce4&response_type=code&sdk=php-sdk-5.7.0&redirect_uri=https%3A%2F%2Fmdundo.com%2Floginfb%2Fcallback&scope=email%2Cuser_location%2Cuser_birthday

Search URL Search Domain Scan URL

URL: https://www.mdundoforfans.com/
Title: About us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mdundomusic/

Search URL Search Domain Scan URL

URL: https://twitter.com/Mdundomusic

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mdundomusicke/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mdundo.com/profile/130145/ HTTP 302
https://mdundo.com/loginfb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://creativecdn.com/cm-notify?pi=opera HTTP 302
https://creativecdn.com/cm-notify?pi=opera&tc=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60039&uid=AjIkU2zWJLUmwtp8lHbs&pi=opera&tc=1

Request Chain 49

https://sync.taboola.com/sg/OperaSCoD/1/cm HTTP 302
https://t.adx.opera.com/sync?vendor=60151&uid=f4589e4d-34dc-43b6-9116-8c356ca5dfbb-tuctb9b40c2

Request Chain 51

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=D6F9F0779859CE00

Request Chain 52

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=opera_browser&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=opera_browser&endpoint=eu

Request Chain 91

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM_iQxkqCiKXzjIOxvZmWzo&google_cver=1&google_push=AaAOQGGI53teA0rTZ0yNn9Htb_kgE5JWKSz8_a4nU9IGOGJryXrJoePBs_W36cRIzeLpDfd6g7_l7YOX7619NRq5BoLB6cjeUaC-aQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGI53teA0rTZ0yNn9Htb_kgE5JWKSz8_a4nU9IGOGJryXrJoePBs_W36cRIzeLpDfd6g7_l7YOX7619NRq5BoLB6cjeUaC-aQ

Request Chain 92

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcnxKIKCwGZom_kFZtdzfM&google_cver=1&google_push=AaAOQGFh3VMUofED4n0-6NG753mmIC2FICadBM7D9ZLLBPMmD2CQksfE-aU9LNGKH82mglxCthKIfABGYruDzGu0F1lz9SKFhOBxhA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAcnxKIKCwGZom_kFZtdzfM&google_cver=1&google_push=AaAOQGFh3VMUofED4n0-6NG753mmIC2FICadBM7D9ZLLBPMmD2CQksfE-aU9LNGKH82mglxCthKIfABGYruDzGu0F1lz9SKFhOBxhA HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3995823a-bea3-4da7-b148-7998543cc45c HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3995823a-bea3-4da7-b148-7998543cc45c HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=02b7d5d1-f78a-44ca-8b47-8fc89c5a9a9a&user_group=1&ssp=google&bsw_param=3995823a-bea3-4da7-b148-7998543cc45c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==

Request Chain 93

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP8uCEpacmWUXR1Mmx7Q_D4&google_cver=1&google_push=AaAOQGHFzVmLNz5BFO-YfidEPP3T5yK9ptj4ucArh0mN0nz7rjIy-pcGelztCwCNnSRAsZUbMC2p3xyMwAgl_RJ7VdFJ9ZtnVTgkVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHFzVmLNz5BFO-YfidEPP3T5yK9ptj4ucArh0mN0nz7rjIy-pcGelztCwCNnSRAsZUbMC2p3xyMwAgl_RJ7VdFJ9ZtnVTgkVg&google_hm=eS1KWndpQWhSRTJwRzFvRDhQVUR3RWJlRjAzcmouUjFrcX5B

Request Chain 94

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKpMkXitORSJTWKuCkxWSJ8&google_cver=1&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheFrXDNAyPEtQ5ZPW2wXCNfTc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKpMkXitORSJTWKuCkxWSJ8&google_cver=1&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheFrXDNAyPEtQ5ZPW2wXCNfTc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI3NzU4NjQwMTczMTMzNjMxOA&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheFrXDNAyPEtQ5ZPW2wXCNfTc

Request Chain 95

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGsgjXZP-K-GrlZBs3Z0Gao&google_cver=1&google_push=AaAOQGE2cbhG8ep_Q9TTQZJei7l79H1loHSTDdnwog_mMJB-hKYZ8RBMAUw3R2FqhQMGR4FE-56pnsSh2Bl71mZUq0hCPqlLLr388-o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGE2cbhG8ep_Q9TTQZJei7l79H1loHSTDdnwog_mMJB-hKYZ8RBMAUw3R2FqhQMGR4FE-56pnsSh2Bl71mZUq0hCPqlLLr388-o&google_hm=C1gpBUsDQXuU4pEfqoHGo90

Request Chain 96

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFrGjm1DKeUssBdqC77SPLs&google_cver=1&google_push=AaAOQGHwmr8ZOsMt4VGGTGj4x7vWudwdmPr3U44EV8pVDoF4gtWQ65qRY504qQPx5Dl9BkYJHrPeKJ-1jlPdX3bO83Ytw8_5e-amnTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHwmr8ZOsMt4VGGTGj4x7vWudwdmPr3U44EV8pVDoF4gtWQ65qRY504qQPx5Dl9BkYJHrPeKJ-1jlPdX3bO83Ytw8_5e-amnTA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 98

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBMRVDJM1yDGtmtgwqkMTis&google_cver=1&google_push=AaAOQGHF9hxms-6nlMOHo5n9O8qYlFwPLzqG-iaIwye7fkUIx_Rre8gtYqeNK431Nqxuxn8U5qP3r5HNkS5naVQXOuMIx_6jTvGR6zs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk2NjU0NjU0MzY2MzEyNzU0OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBMRVDJM1yDGtmtgwqkMTis&google_cver=1

Request Chain 100

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFazPJHzbL5iI9gDwM7hV68EtegkG0zm_8bb4n1C-0Hmf0pIH7cmUN-mCyDYl-hXan6YZqvMttM6sCaaMj0l5t25o93GvqzmWM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFazPJHzbL5iI9gDwM7hV68EtegkG0zm_8bb4n1C-0Hmf0pIH7cmUN-mCyDYl-hXan6YZqvMttM6sCaaMj0l5t25o93GvqzmWM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFazPJHzbL5iI9gDwM7hV68EtegkG0zm_8bb4n1C-0Hmf0pIH7cmUN-mCyDYl-hXan6YZqvMttM6sCaaMj0l5t25o93GvqzmWM

Request Chain 101

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB_3KZBFMqCMRYgTBI7ZKOw&google_cver=1&google_push=AaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_3KZBFMqCMRYgTBI7ZKOw&google_cver=1&google_push=AaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 102

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_cver=1&google_push=AaAOQGGYYmfNugRUY_sXuQpsWjSSNc6UADFBHUvm_ZEFwNynbo__0KaYva8EQUCd0JU5NsizUNpUvA_jdVaJJ8R2eP-PUw47fMhHyIU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGGYYmfNugRUY_sXuQpsWjSSNc6UADFBHUvm_ZEFwNynbo__0KaYva8EQUCd0JU5NsizUNpUvA_jdVaJJ8R2eP-PUw47fMhHyIU

Request Chain 103

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP8uCEpacmWUXR1Mmx7Q_D4&google_cver=1&google_push=AaAOQGFdBzvp7Jhh0tOi-GRctWlBvxztZgZNe5A5474xyDbsyvfyMniz6QoLxoKd61b9z6qMqtDC-Pjs6hwJ3QZgql9_zJ-rdHPNbmk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFdBzvp7Jhh0tOi-GRctWlBvxztZgZNe5A5474xyDbsyvfyMniz6QoLxoKd61b9z6qMqtDC-Pjs6hwJ3QZgql9_zJ-rdHPNbmk&google_hm=eS1CcDVYLmZGRTJwR2tSQmhMcFRzdlJaTFdLR3FiNU4udn5B

Request Chain 107

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEvL7ICBCwCRj0BDIIRwLrKvUwWRw HTTP 301
https://tpc.googlesyndication.com/simgad/7906533685533188139

Request Chain 109

https://redirector.gvt1.com/videoplayback?id=d14c434751ac1bee&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1688328035&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=4695A6EC4CDC212B21000C52B5C2C11B1C67C1AC.788A65C2D0173C110B12ADDDA0DD4E5535BCD249&key=ck2 HTTP 302
https://r2---sn-5hneknek.gvt1.com/videoplayback?id=d14c434751ac1bee&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1688328035&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6DECF6FB2EEF1E54D3908C138A9B66477D23C593.01E8034669380556C37063727A9CB8C3646237EC&key=cms1&cms_redirect=yes&mh=d8&mip=2a03:1b20:b:f011::2e&mm=28&mn=sn-5hneknek&ms=nvh&mt=1688320575&mv=u&mvi=2&pl=48

Request Chain 113

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFEgq2p6JE3Vn4YaS0notIhAOoyv2f32Ge4SG68YM7gwQsRd0He6j-WOr3-idWOMQS1VgdMwZ1zrDuSllTXWsenWuOJdkSd9Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFEgq2p6JE3Vn4YaS0notIhAOoyv2f32Ge4SG68YM7gwQsRd0He6j-WOr3-idWOMQS1VgdMwZ1zrDuSllTXWsenWuOJdkSd9Q

Request Chain 114

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM_iQxkqCiKXzjIOxvZmWzo&google_cver=1&google_push=AaAOQGGFflc9QC1jnh4o8uWH2LqorkmN1Xd37NwLqdhGbqfN4TDgq8uIrrAj3c6WY5bio97CqLzU_1rijqBovX6hqErpPVRHT-HKEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFflc9QC1jnh4o8uWH2LqorkmN1Xd37NwLqdhGbqfN4TDgq8uIrrAj3c6WY5bio97CqLzU_1rijqBovX6hqErpPVRHT-HKEw

Request Chain 115

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_cver=1&google_push=AaAOQGErPX_ueQX-pxjg5B_iLMSUjhhB_DNDWVb2Re29WmfSFG-eZ6Bi2Hbqw2DHopXz97fg0luKv5vgDEB8yjWEW07XoqNw0Qi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGErPX_ueQX-pxjg5B_iLMSUjhhB_DNDWVb2Re29WmfSFG-eZ6Bi2Hbqw2DHopXz97fg0luKv5vgDEB8yjWEW07XoqNw0Qi4

Request Chain 116

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcnxKIKCwGZom_kFZtdzfM&google_cver=1&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==

Request Chain 117

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKpMkXitORSJTWKuCkxWSJ8&google_cver=1&google_push=AaAOQGE1qGJ6vvFb4zyylAyZJQ6bvFD3gDaezWrBthiJbnjJ7-N6etpuZdjvzH2fHfAwVgNn9PR-Ij0xchsns86flC5RYiJH9siPlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0ODk0NDU1MDcyOTYyMzcwNQ&google_push=AaAOQGE1qGJ6vvFb4zyylAyZJQ6bvFD3gDaezWrBthiJbnjJ7-N6etpuZdjvzH2fHfAwVgNn9PR-Ij0xchsns86flC5RYiJH9siPlg

Request Chain 118

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFrGjm1DKeUssBdqC77SPLs&google_cver=1&google_push=AaAOQGHsbH0iNDayQJuZpGE7rGymUmbC7Fd8pknbt1mqO4lkViTMN11ZdEOPFFR2yutT2iVipzCzvO_XL8Bnzy0sGJbyELsOV-WORAs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHsbH0iNDayQJuZpGE7rGymUmbC7Fd8pknbt1mqO4lkViTMN11ZdEOPFFR2yutT2iVipzCzvO_XL8Bnzy0sGJbyELsOV-WORAs HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request loginfb Show response
mdundo.com/
Redirect Chain

https://mdundo.com/profile/130145/
https://mdundo.com/loginfb

11 KB
4 KB

92ms
92ms

Document
text/html

159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8fa1bdaac22c1ae2fac95f44ae2b9dc6e66116e59b2eabb74abd297028069cbe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Jul 2023 18:00:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Jul 2023 18:00:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://mdundo.com/loginfb
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 192ms
66ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3743c6f1dd7dbe1a3677bc1304a36ea74dca1aeb1c5a687cfd4cdf5574e9925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 17:14:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK normalize.css
mdundo.com/media/css/lib/ 8 KB
3 KB 31ms
31ms Stylesheet
text/css 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/media/css/lib/normalize.css
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d14fd5e2878e4af0e1e5d59fbb18d86fa17cf34bf15506ee64770828f79f4352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2017 16:09:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"58b05aba-1e3e"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK styles.min.css
mdundo.com/media/css/ 47 KB
10 KB 63ms
31ms Stylesheet
text/css 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/media/css/styles.min.css?6
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 11b8f67c842cd30296045ea9e03a39881951bb458f70b7b229381ccfac676ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 11:19:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63e8cb43-ba85"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 195ms
73ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6YSQ4ZFSK

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50c90f7d19bf35f05af29be6a8f4f9d473b20285adb04fe3faf84157db4bf8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 257ms
123ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13c48fd0cfdb61cbaf33b51ce9c216914e63146db5473f2e136f86a2e978f49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25861
x-xss-protection: 0
server: cafe
etag: 447 / 19540 / m202306270101 / config-hash: 4433571151520717869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
49 KB 263ms
121ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf403367ac32b3afe739ce962025f55d9b15267de58f338033c7b973f260291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Origin: https://mdundo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49386
x-xss-protection: 0
server: cafe
etag: 17841442988060957491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK adsbyopera.js Show response
res.adx.opera.com/adx/ 116 KB
36 KB 159ms
36ms Script
application/javascript 2a02:26f0:ab00::5c7a:d71a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/adsbyopera.js
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::5c7a:d71a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: d99a930974713deba51d4839e9aef2275f41036e220514a7f3dc165130ce3e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 35796
Last-Modified: Mon, 24 Apr 2023 06:41:25 GMT
Server: Tengine
ETag: "64462495-1ceb9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Tue, 01 Aug 2023 18:00:33 GMT

GET
H/1.1 200
OK logo.png
mdundo.com/media/img/ 5 KB
5 KB 33ms
31ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/logo.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 58c556a77e1091ea10a769e3dcd5f78ce23da8b8f8cecc5e0c6bec4f6982a19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-1263"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4707
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK search.png
mdundo.com/media/img/ 837 B
1 KB 98ms
30ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/search.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4f91c1a82b10ae7114c24b5209184946d2077504317445146b12ad241f5faf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-345"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 837
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK login.png
mdundo.com/media/img/ 2 KB
2 KB 98ms
31ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/login.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 95f5781079435ee28d5944187bf013b60680a54311038914048c7d426940f14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-749"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1865
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK favicon.gif
mdundo.com/media/img/ 382 B
699 B 102ms
31ms Image
image/gif 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/favicon.gif
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4b4623dcf73eed08e1b1f1647f5930eaceb8cd577e113cf1d55871edbf74a2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Mon, 29 Oct 2012 11:19:23 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "508e663b-17e"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK fblogin.png
mdundo.com/media/img/ 5 KB
6 KB 88ms
31ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/fblogin.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b0f6dfbdb0c4661c98625afa1b6e73167265db04cbfc21f7347abe74c561a91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 29 Nov 2019 13:57:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5de123ca-154d"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5453
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK fb_ico.png
mdundo.com/media/img/social/ 975 B
1 KB 69ms
30ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/social/fb_ico.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c734b0c73ede2b80c38da454f7f032b1fdc89c6ca267f6cb04dde785f7dd8cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-3cf"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 975
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK tw_ico.png
mdundo.com/media/img/social/ 1 KB
2 KB 58ms
33ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/social/tw_ico.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3792b26878c08fef3901b4a2be810c3b5f686a0511563dda0fcb0d82b81225d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-563"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1379
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK insta_ico.png
mdundo.com/media/img/social/ 1 KB
1 KB 89ms
33ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/social/insta_ico.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 67e3252b91889bf16e4e28affed531d22ff53cbc5d3f166f5e878e00e44006be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-472"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1138
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK all.js Show response
mdundo.com/media/js/ 160 KB
58 KB 35ms
35ms Script
application/javascript 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/media/js/all.js?6
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 467465a3654f2c4f08ccbc36629f748403ea87e7f4a2293f5b084adbd7f37be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jun 2023 09:28:47 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"648836cf-27f5d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Mon, 03 Jul 2023 18:00:33 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 284ms
116ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18399
x-xss-protection: 0
server: cafe
etag: 5565525223662320794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 209ms
70ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Jul 2023 16:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5111
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 02 Jul 2023 18:35:22 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 204ms
62ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mdundo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 149929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:21:44 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/932117244/ 3 KB
2 KB 233ms
96ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932117244/?random=1688320833439&cv=9&fst=1688320833439&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmdundo.com%2Floginfb&tiba=Login%20to%20continue&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0c510fbbbc60d84f9d31a91f4b9241db940540e65ee3c00e647cfae49ef4eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 16:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6190
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 01 Jul 2024 16:17:23 GMT

GET
H2 200 aframe Show response
s.adx.opera.com/ Frame 976F 752 B
501 B 160ms
28ms Document
text/html 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adx.opera.com/aframe
Requested by: Host: res.adx.opera.com
URL: https://res.adx.opera.com/adx/adsbyopera.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 2a84e9173acb8ff38f6073b54b3991ffa66518a26de8385587140b9c663d0a40

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 390
content-type: text/html; charset=utf-8
date: Sun, 02 Jul 2023 18:00:33 GMT
server: Tengine
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 29 B
231 B 70ms
63ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=890240494&t=pageview&_s=1&dl=https%3A%2F%2Fmdundo.com%2Floginfb&ul=en-us&de=UTF-8&dt=Login%20to%20continue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAAC~&jid=1735661157&gjid=1726804844&cid=1837079349.1688320834&tid=UA-5519182-38&_gid=790220616.1688320834&_slc=1&z=151611210

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d9b94254ff67b4613d006d73b35a3db604cf7e20cb652afc45b1bd13a92e41e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdundo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 117ms
34ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5519182-38&cid=1837079349.1688320834&jid=1735661157&gjid=1726804844&_gid=790220616.1688320834&_u=IGBAgAABAAAAAG~&z=1246607767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdundo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Jul 2023 18:00:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ 346 KB
119 KB 302ms
174ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4721105574136909&plah=mdundo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c3ffafe2bad86136dc0d54b7dbb154328b343075788dfaa8cd72242e55179a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121738
x-xss-protection: 0
server: cafe
etag: 15698148493363838636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame CCE8 10 KB
5 KB 73ms
56ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 120ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6YSQ4ZFSK&gtm=45je36s0&_p=890240494&_gaz=1&cid=1837079349.1688320834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688320833&sct=1&seg=0&dl=https%3A%2F%2Fmdundo.com%2Floginfb&dt=Login%20to%20continue&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6YSQ4ZFSK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 36ms
35ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H6YSQ4ZFSK&cid=1837079349.1688320834&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6YSQ4ZFSK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 205ms
81ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H6YSQ4ZFSK&cid=1837079349.1688320834&gtm=45je36s0&aip=1&z=103254687

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 84ms
71ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E07LZWMW45&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71a06c9feb69e86491cc0c622ab63a245c54e2d241a5b6c1ce3c3a54c5f42516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 100ms
86ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6YSQ4ZFSK&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7e706570de2442ab9a83fddfa63d5398391910b7818c11e6ea02967fad30284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 18:00:33 GMT

GET
H/1.1 200
OK base.709c2c6.chunk.js Show response
res.adx.opera.com/adx/static/js/ Frame 976F 200 B
757 B 36ms
36ms Script
application/javascript 2a02:26f0:ab00::5c7a:d71a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/base.709c2c6.chunk.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::5c7a:d71a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e50c3c0d0dd92899cabafcbee9cc437c3c9e0b52920462955b4a0f43b758daf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 129
Last-Modified: Wed, 29 Mar 2023 07:23:51 GMT
Server: nginx
ETag: "6423e787-c8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Tue, 01 Aug 2023 18:00:33 GMT

GET
H/1.1 200
OK common.0cf7663.chunk.js Show response
res.adx.opera.com/adx/static/js/ Frame 976F 143 B
747 B 80ms
39ms Script
application/javascript 2a02:26f0:ab00::5c7a:d71a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/common.0cf7663.chunk.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::5c7a:d71a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1fda13d33f8a8bd3f9ea1c77bd5be5e609b2c3461ab7b8fa947fecbcf4c55cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 119
Last-Modified: Wed, 29 Mar 2023 07:23:51 GMT
Server: nginx
ETag: "6423e787-8f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Tue, 01 Aug 2023 18:00:33 GMT

GET
H/1.1 200
OK runtime~aframe.3025f2d.js Show response
res.adx.opera.com/adx/static/js/ Frame 976F 1 KB
1 KB 112ms
28ms Script
application/javascript 2a02:26f0:ab00::5c7a:d71a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/runtime~aframe.3025f2d.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::5c7a:d71a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: 329420b0a47f69760e4809709789bf3082acff188be0cc3e6986c333eed15072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 783
Last-Modified: Wed, 29 Mar 2023 07:23:51 GMT
Server: Tengine
ETag: "6423e787-58f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Tue, 01 Aug 2023 18:00:33 GMT

GET
H/1.1 200
OK aframe.b7106a2.js Show response
res.adx.opera.com/adx/static/js/ Frame 976F 64 KB
24 KB 113ms
29ms Script
application/javascript 2a02:26f0:ab00::5c7a:d71a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/aframe.b7106a2.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::5c7a:d71a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: 35069aa6a1e3224600d977b91de86deb653e36c78db715ceea2d1f36c0f588d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 18:00:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 23585
Last-Modified: Wed, 31 May 2023 02:11:56 GMT
Server: Tengine
ETag: "6476acec-1008e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Tue, 01 Aug 2023 18:00:33 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 208ms
78ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5519182-38&cid=1837079349.1688320834&jid=1735661157&_u=IGBAgAABAAAAAG~&z=770689026

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 104ms
79ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5519182-38&cid=1837079349.1688320834&jid=1735661157&_u=IGBAgAABAAAAAG~&z=770689026

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/932117244/ 42 B
455 B 139ms
71ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/932117244/?random=1688320833439&cv=9&fst=1688320800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmdundo.com%2Floginfb&tiba=Login%20to%20continue&fmt=3&is_vtc=1&random=2182660528&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/932117244/ 42 B
154 B 85ms
78ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/932117244/?random=1688320833439&cv=9&fst=1688320800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmdundo.com%2Floginfb&tiba=Login%20to%20continue&fmt=3&is_vtc=1&random=2182660528&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 36ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E07LZWMW45&gtm=45je36s0&_p=890240494&_gaz=1&ul=en-us&sr=1600x1200&cid=1837079349.1688320834&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&_s=1&dl=https%3A%2F%2Fmdundo.com%2Floginfb&dt=Login%20to%20continue&sid=1688320834&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E07LZWMW45&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 37ms
36ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E07LZWMW45&cid=1837079349.1688320834&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E07LZWMW45&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 84ms
83ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E07LZWMW45&cid=1837079349.1688320834&gtm=45je36s0&aip=1&z=1149571898

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 189ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mdundo.com&callback=_gfp_s_&client=ca-pub-4721105574136909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4721105574136909&plah=mdundo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c82a1e3c64347ccd66750e438c0c29e1ded4ca2de406fbd79690d7028980590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 221ms
63ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mdundo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
94ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=main-header%20js_main-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B18 469 KB
93 KB 1521ms
1509ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4721105574136909&output=html&adk=1272721408&adf=3838797007&lmt=1688320834&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmdundo.com%2Floginfb&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688320833581&bpp=14&bdt=548&idt=474&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=186023508596&frm=20&pv=2&ga_vid=1837079349.1688320834&ga_sid=1688320834&ga_hid=890240494&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C44788441&oid=2&pvsid=2823135172351736&tmod=187113750&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=520

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a6070ad0cf3acb4ad3f5d34503ccf5e3d94bc9ae3238d8e5be78ce0f49150fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 95170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 18:00:35 GMT
expires: Sun, 02 Jul 2023 18:00:35 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixels Show response
s.adx.opera.com/usersync/ Frame 976F 425 B
407 B 74ms
66ms XHR
application/json 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adx.opera.com/usersync/pixels?uid=a0f9c092-2d85-46f9-8b84-6ed6164a410d&gaid=&oid=
Requested by: Host: res.adx.opera.com
URL: https://res.adx.opera.com/adx/static/js/aframe.b7106a2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 125379f7a1488b18beff9eff52709ac9e6eca95edaf74570c38e1095b5a9e7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/aframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:34 GMT
content-encoding: gzip
server: Tengine
content-length: 293
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2

200

sync
t.adx.opera.com/ Frame 976F
Redirect Chain

https://creativecdn.com/cm-notify?pi=opera
https://creativecdn.com/cm-notify?pi=opera&tc=1
https://t.adx.opera.com/sync?vendor=60039&uid=AjIkU2zWJLUmwtp8lHbs&pi=opera&tc=1

35 B
375 B

34ms
34ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60039&uid=AjIkU2zWJLUmwtp8lHbs&pi=opera&tc=1
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://t.adx.opera.com/sync?vendor=60039&uid=AjIkU2zWJLUmwtp8lHbs&pi=opera&tc=1
pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT, Sun, 02 Jul 2023 18:00:34 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 976F
Redirect Chain

https://sync.taboola.com/sg/OperaSCoD/1/cm
https://t.adx.opera.com/sync?vendor=60151&uid=f4589e4d-34dc-43b6-9116-8c356ca5dfbb-tuctb9b40c2

35 B
375 B

49ms
31ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=f4589e4d-34dc-43b6-9116-8c356ca5dfbb-tuctb9b40c2
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://t.adx.opera.com/sync?vendor=60151&uid=f4589e4d-34dc-43b6-9116-8c356ca5dfbb-tuctb9b40c2
date: Sun, 02 Jul 2023 18:00:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29606

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 976F 0
75 B 173ms
38ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=14&gdpr=&gdpr_consent=
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:34 GMT
content-length: 0

GET
H2

200

sync
t.adx.opera.com/ Frame 976F
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=D6F9F0779859CE00

35 B
375 B

42ms
42ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=D6F9F0779859CE00
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Jul 2023 18:00:34 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=D6F9F0779859CE00
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 18:00:34 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 976F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=opera_browser&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=opera_browser&endpoint=eu

0
0

136ms
52ms

Image
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=opera_browser&endpoint=eu
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

location: https://eus.rubiconproject.com/usync.html?p=opera_browser&endpoint=eu
access-control-allow-origin: *
date: Sun, 02 Jul 2023 18:00:34 GMT
access-control-allow-credentials: true
server: AkamaiGHost
content-length: 0

GET
H2 200 getuid
eb2.3lift.com/ Frame 976F 37 B
140 B 79ms
29ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ 155 KB
53 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0158d96de0eba412f8459bfa1a80dbc545ca9112fa9679ca5361fbaba2db7b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53952
x-xss-protection: 0
server: cafe
etag: 13813780871423290153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:35 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ 91 KB
31 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f44c81828d36742949faa0c27e9e2ef0e787594c08f246c721280748c67d7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31956
x-xss-protection: 0
server: cafe
etag: 3783620287495082574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 64ms
64ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mdundo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 0C9B 10 KB
4 KB 55ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sat, 15 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 3E32 10 KB
4 KB 55ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sat, 15 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame FA50 10 KB
4 KB 55ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sat, 15 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0C9B 4 KB
767 B 67ms
66ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 17:43:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0C9B 205 B
649 B 223ms
59ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:07:28 GMT
x-content-type-options: nosniff
age: 3188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 17:07:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0C9B 604 B
695 B 224ms
60ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 13:21:06 GMT
x-content-type-options: nosniff
age: 16770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 13:21:06 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 0C9B 20 KB
9 KB 221ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 19:00:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3E32 2 KB
973 B 265ms
127ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 18:04:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 3E32 23 KB
9 KB 288ms
153ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3E32 3 KB
1 KB 276ms
142ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 829C 1 KB
643 B 72ms
59ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Mon, 03 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3E32 20 KB
8 KB 197ms
65ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3E32 0
0 63ms
62ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6EETk4QwII9K5S5U6aNhv2yh5woF0LXlhrcQfmQBOTnB7vuU7biUgL_xQQsJSki_1MDvYPSFQzCy5jQkXefL_xXzZAQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E32 179 KB
56 KB 119ms
95ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 3E32 33 KB
14 KB 299ms
169ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FA50 2 KB
926 B 248ms
129ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 18:04:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame FA50 23 KB
9 KB 247ms
130ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FA50 3 KB
1 KB 255ms
139ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CB35 1 KB
643 B 72ms
61ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Mon, 03 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FA50 20 KB
8 KB 188ms
73ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA50 0
0 63ms
62ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQql1iLLMOGx7u9B1zKBLMA9w3r1gsmnPJxNn0luAKYaLxV58Li7iss3WE5eLf2tO0TK4fVnbaDGkdfThCCkSlsoi-kuA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA50 179 KB
56 KB 76ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame FA50 33 KB
14 KB 291ms
179ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame E4FC 9 KB
4 KB 146ms
64ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:17 GMT

GET
H2 200 87fe08141a3fb38049790eb575348d9e.js Show response
www.gstatic.com/mysidia/ Frame E4FC 152 KB
56 KB 150ms
68ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/87fe08141a3fb38049790eb575348d9e.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b0760560c6a927791a613999870c414478a6f3f657d92e1b905790c43dbe95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 00:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57248
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:51:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E4FC 7 KB
1 KB 74ms
72ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 17:00:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E4FC 2 KB
926 B 207ms
128ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 18:04:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame E4FC 23 KB
9 KB 222ms
143ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E4FC 3 KB
1 KB 247ms
168ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:39:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E4FC 20 KB
8 KB 194ms
115ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E4FC 0
0 68ms
67ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmjwNZKBiBdbX6qikRWmOk8Y9J9USbYwv9POfPH0uPyHBczAMI7LP-UJqStEHpmQGt3rZFaBRbeXWJWUJl8x88v5eclw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4FC 179 KB
56 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame E4FC 33 KB
14 KB 270ms
191ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 829C 0
104 B 714ms
58ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOt7ylOBi4MyK9CEq6pcIJg&google_cver=1&google_push=AaAOQGHZX73YXim9EoPPbhwAtcHw1QJlHKipMV-XNm1CSeVvE-VGeT8k36IC6qQBxTkNf5NQzPLSpNJkhiUlR2WLf5PhBmldfmshJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:36 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 829C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM_iQxkqCiKXzjIOxvZmWzo&google_cver=1&google_push=AaAOQGGI53teA0rTZ0yNn9Htb_kgE5JWKSz8_a4nU9IGOGJryXrJoePBs_W36cRIzeLpDfd6g7_l7YOX7619NRq5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGI53teA0rTZ0yNn9Htb_kgE5JWKSz8_a4nU9IGOGJryXrJoePBs_W36cRIzeLpDfd6g7_l7YOX7619NRq5BoLB6cjeUaC-aQ

170 B
232 B

68ms
68ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGI53teA0rTZ0yNn9Htb_kgE5JWKSz8_a4nU9IGOGJryXrJoePBs_W36cRIzeLpDfd6g7_l7YOX7619NRq5BoLB6cjeUaC-aQ

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 18:00:37 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x13 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGI53teA0rTZ0yNn9Htb_kgE5JWKSz8_a4nU9IGOGJryXrJoePBs_W36cRIzeLpDfd6g7_l7YOX7619NRq5BoLB6cjeUaC-aQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 829C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcnxKIKCwGZom_kFZtdzfM&google_cver=1&google_push=AaAOQGFh3VMUofED4n0-6NG753mmIC2FICadBM7D9ZLLBPMmD2CQksfE-aU9LNGKH82mglxCthKIfABGYruDzGu0F1lz...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAcnxKIKCwGZom_kFZtdzfM&google_cver=1&google_push=AaAOQGFh3VMUofED4n0-6NG753mmIC2FICadBM7D9ZLLBPMmD2CQksfE-aU9LNGKH82mglxCthKIfABGYruDzG...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3995823a-bea3-4da7-b148-7998543cc45c
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3995823a-bea3-4da7-b148-7998543cc45c
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=02b7d5d1-f78a-44ca-8b47-8fc89c5a9a9a&user_group=1&ssp=google&bsw_param=3995823a-bea3-4da7-b148-7998543cc45c
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==

170 B
188 B

65ms
65ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==
date: Sun, 02 Jul 2023 18:00:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 829C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP8uCEpacmWUXR1Mmx7Q_D4&google_cver=1&google_push=AaAOQGHFzVmLNz5BFO-YfidEPP3T5yK9ptj4ucArh0mN0nz7rjIy-pcGelztCwCNnSRAsZUbMC2p3xyMwAgl_RJ7VdFJ9Zt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHFzVmLNz5BFO-YfidEPP3T5yK9ptj4ucArh0mN0nz7rjIy-pcGelztCwCNnSRAsZUbMC2p3xyMwAgl_RJ7VdFJ9ZtnVTgkVg&google_hm=eS1KWndpQWhSRTJwRzFv...

170 B
232 B

68ms
68ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHFzVmLNz5BFO-YfidEPP3T5yK9ptj4ucArh0mN0nz7rjIy-pcGelztCwCNnSRAsZUbMC2p3xyMwAgl_RJ7VdFJ9ZtnVTgkVg&google_hm=eS1KWndpQWhSRTJwRzFvRDhQVUR3RWJlRjAzcmouUjFrcX5B

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Jul 2023 18:00:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHFzVmLNz5BFO-YfidEPP3T5yK9ptj4ucArh0mN0nz7rjIy-pcGelztCwCNnSRAsZUbMC2p3xyMwAgl_RJ7VdFJ9ZtnVTgkVg&google_hm=eS1KWndpQWhSRTJwRzFvRDhQVUR3RWJlRjAzcmouUjFrcX5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 829C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKpMkXitORSJTWKuCkxWSJ8&google_cver=1&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheFrX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKpMkXitORSJTWKuCkxWSJ8&google_cver=1&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isF...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI3NzU4NjQwMTczMTMzNjMxOA&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheF...

170 B
232 B

69ms
69ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI3NzU4NjQwMTczMTMzNjMxOA&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheFrXDNAyPEtQ5ZPW2wXCNfTc

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI3NzU4NjQwMTczMTMzNjMxOA&google_push=AaAOQGEcScvYn2CBGZRnMcJQ00CZ4Vx0DLg40gn5aivxDHiJd4ALNUlEohXYiA4bLtSkIXy7isFheFrXDNAyPEtQ5ZPW2wXCNfTc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 829C
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGsgjXZP-K-GrlZBs3Z0Gao&google_cver=1&google_push=AaAOQGE2cbhG8ep_Q9TTQZJei7l79H1loHSTDdnwog_mMJB-hKYZ8RBMAUw3R2FqhQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGE2cbhG8ep_Q9TTQZJei7l79H1loHSTDdnwog_mMJB-hKYZ8RBMAUw3R2FqhQMGR4FE-56pnsSh2Bl71mZUq0hCPqlLLr388-o&google_hm=...

170 B
243 B

69ms
69ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGE2cbhG8ep_Q9TTQZJei7l79H1loHSTDdnwog_mMJB-hKYZ8RBMAUw3R2FqhQMGR4FE-56pnsSh2Bl71mZUq0hCPqlLLr388-o&google_hm=C1gpBUsDQXuU4pEfqoHGo90

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGE2cbhG8ep_Q9TTQZJei7l79H1loHSTDdnwog_mMJB-hKYZ8RBMAUw3R2FqhQMGR4FE-56pnsSh2Bl71mZUq0hCPqlLLr388-o&google_hm=C1gpBUsDQXuU4pEfqoHGo90
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 829C
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFrGjm1DKeUs...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHwmr8ZOsMt4VGGTGj4x7vWudwdmPr3U44EV8pVDoF4gtWQ65qRY504qQPx5Dl9BkYJHrPeKJ-1jlPdX3bO83Ytw8_5e-amnTA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

67ms
58ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 18:00:37 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 829C 0
49 B 717ms
65ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5X9bx7ztSxTe1nAfOVXXPxn2p30DLYXUse9rHALZ6-AlYPpiKAi1gsazxQEJeC-DubxA931Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CB35
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBMRVDJM1yDGtmtgwqkMTis&google_cver=1&google_push=AaAOQGHF9hxms-6nlMOHo5n9O8qYlFwPLzqG-iaIwye7fkUIx_Rre8gtYqeNK431Nqxuxn8U5qP3r5HNkS5naVQXOuMIx_6jTvGR6zs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk2NjU0NjU0MzY2MzEyNzU0OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBMRVDJM1yDGtmtgwqkMTis&google_cver=1

43 B
398 B

114ms
33ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBMRVDJM1yDGtmtgwqkMTis&google_cver=1
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 18:00:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBMRVDJM1yDGtmtgwqkMTis&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CB35 0
103 B 693ms
59ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOt7ylOBi4MyK9CEq6pcIJg&google_cver=1&google_push=AaAOQGHuQsA15MHOlCbo_LsBHOdInQCiL652LD44Wq1KC1hmZeg8KWEg8F-eFedaYExPSCZGx-0BcLqU9omVlB-hEl8cofKELaQoysE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:36 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CB35
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFazPJHzbL5iI9gDwM7hV68EtegkG0zm_8bb4n1C-0...

170 B
232 B

69ms
69ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFazPJHzbL5iI9gDwM7hV68EtegkG0zm_8bb4n1C-0Hmf0pIH7cmUN-mCyDYl-hXan6YZqvMttM6sCaaMj0l5t25o93GvqzmWM

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 18:00:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFazPJHzbL5iI9gDwM7hV68EtegkG0zm_8bb4n1C-0Hmf0pIH7cmUN-mCyDYl-hXan6YZqvMttM6sCaaMj0l5t25o93GvqzmWM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CB35
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB_3KZBFMqCMRYgTBI7ZKOw&google_cver=1&google_push=AaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_3KZBFMqCMRYgTBI7ZKOw&google_cver=1&google_push=AaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5...

43 B
417 B

214ms
205ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_3KZBFMqCMRYgTBI7ZKOw&google_cver=1&google_push=AaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e08ca116e061d90-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1376
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_3KZBFMqCMRYgTBI7ZKOw&google_cver=1&google_push=AaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE7GGXxQPJC9kXA5yVrSuvRxOGbP58mhwM5sz1V877F9q5lUsQ6_I9m3t4W7OnEvH72zvQ7UCUBC4nrjOmCwkna41zFxC5c-_Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e08ca0f9aef1d90-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB35
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGGYYmfNugRUY_sXuQpsWjSSNc6UADFBHUvm_ZEFwNynbo__0KaYva...

170 B
188 B

82ms
74ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGGYYmfNugRUY_sXuQpsWjSSNc6UADFBHUvm_ZEFwNynbo__0KaYva8EQUCd0JU5NsizUNpUvA_jdVaJJ8R2eP-PUw47fMhHyIU

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688320837.052971,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGGYYmfNugRUY_sXuQpsWjSSNc6UADFBHUvm_ZEFwNynbo__0KaYva8EQUCd0JU5NsizUNpUvA_jdVaJJ8R2eP-PUw47fMhHyIU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CB35
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP8uCEpacmWUXR1Mmx7Q_D4&google_cver=1&google_push=AaAOQGFdBzvp7Jhh0tOi-GRctWlBvxztZgZNe5A5474xyDbsyvfyMniz6QoLxoKd61b9z6qMqtDC-Pjs6hwJ3QZgql9_zJ-...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFdBzvp7Jhh0tOi-GRctWlBvxztZgZNe5A5474xyDbsyvfyMniz6QoLxoKd61b9z6qMqtDC-Pjs6hwJ3QZgql9_zJ-rdHPNbmk&google_hm=eS1CcDVYLmZGRTJwR2t...

170 B
232 B

66ms
66ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFdBzvp7Jhh0tOi-GRctWlBvxztZgZNe5A5474xyDbsyvfyMniz6QoLxoKd61b9z6qMqtDC-Pjs6hwJ3QZgql9_zJ-rdHPNbmk&google_hm=eS1CcDVYLmZGRTJwR2tSQmhMcFRzdlJaTFdLR3FiNU4udn5B

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Jul 2023 18:00:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFdBzvp7Jhh0tOi-GRctWlBvxztZgZNe5A5474xyDbsyvfyMniz6QoLxoKd61b9z6qMqtDC-Pjs6hwJ3QZgql9_zJ-rdHPNbmk&google_hm=eS1CcDVYLmZGRTJwR2tSQmhMcFRzdlJaTFdLR3FiNU4udn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CB35 43 B
363 B 670ms
44ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEKUBQKhlOe14Dq4DKJXnbQo&google_cver=1&google_push=AaAOQGFMJjRu0Ta3tSUpdbhixrzPAt9QrWWrIIcW3sJcKutzRlWXtT5rX18NFgq04oeVnLhIoDbNlghvl9GoR7_HBG6UTN7P5H0e3-U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:36 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 233305
expires: Sun, 02 Jul 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CB35 0
130 B 696ms
65ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiS3RN2pG_hRIwLASU1XuYPf178KmJjCzbM4uqvbj_ZK1946DLRSTQqyuBnhB1TmygD2fF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame E4FC 0
234 B 763ms
272ms Ping
image/gif 2a00:1450:4019:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljlqmuux&c=6988341553510&slotId=3494170776755&qqid=COnV3ZzN8P8CFb01rQYd9nMEOg&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/87fe08141a3fb38049790eb575348d9e.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

7906533685533188139
tpc.googlesyndication.com/simgad/ Frame E4FC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEvL7ICBCwCRj0BDIIRwLrKvUwWRw
https://tpc.googlesyndication.com/simgad/7906533685533188139

885 KB
885 KB

60ms
58ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7906533685533188139

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341bff796ee4cdcba541297b829a188128ea67a9cbac5c9cce1f7508adebb36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:16:03 GMT
x-content-type-options: nosniff
age: 521074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906542
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 09:43:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Jun 2024 17:16:03 GMT

Redirect headers

date: Sun, 02 Jul 2023 07:37:56 GMT
x-content-type-options: nosniff
server: cafe
age: 37360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7906533685533188139
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Aug 2023 07:37:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0707 1 KB
643 B 67ms
60ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Mon, 03 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

206

videoplayback
r2---sn-5hneknek.gvt1.com/ Frame E4FC
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=d14c434751ac1bee&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1688328035&sparams=ip,ipbits,expire,id,...
https://r2---sn-5hneknek.gvt1.com/videoplayback?id=d14c434751ac1bee&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1688328035&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

141ms
30ms

Media
video/mp4

2a00:1450:400e:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hneknek.gvt1.com/videoplayback?id=d14c434751ac1bee&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1688328035&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6DECF6FB2EEF1E54D3908C138A9B66477D23C593.01E8034669380556C37063727A9CB8C3646237EC&key=cms1&cms_redirect=yes&mh=d8&mip=2a03:1b20:b:f011::2e&mm=28&mn=sn-5hneknek&ms=nvh&mt=1688320575&mv=u&mvi=2&pl=48

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:400e:16::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c6af65a37cb3dee2ccd93ef7d39512564abdf38bd311fdce937e04ca0b693ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 02 Jul 2023 18:00:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jun 2023 18:41:18 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1439286/1439287
cache-control: private, max-age=6898
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1439287
expires: Sun, 02 Jul 2023 18:00:37 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-5hneknek.gvt1.com/videoplayback?id=d14c434751ac1bee&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1688328035&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6DECF6FB2EEF1E54D3908C138A9B66477D23C593.01E8034669380556C37063727A9CB8C3646237EC&key=cms1&cms_redirect=yes&mh=d8&mip=2a03:1b20:b:f011::2e&mm=28&mn=sn-5hneknek&ms=nvh&mt=1688320575&mv=u&mvi=2&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame B0AD 37 KB
14 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:51 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame B6ED 37 KB
14 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:51 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0707 0
103 B 33ms
29ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOt7ylOBi4MyK9CEq6pcIJg&google_cver=1&google_push=AaAOQGEcaWnEAIf2dgBfC5ytm7nEjRlMSOuCim1AH9Wn2xLmus3k_g3u033eNGBIQ8ezv1824-CuE_KnCeijod96ZBYBwsCRrXu7HQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0707
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFEgq2p6JE3Vn4YaS0notIhAOoyv2f32Ge4SG68YM7...

170 B
188 B

85ms
67ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFEgq2p6JE3Vn4YaS0notIhAOoyv2f32Ge4SG68YM7gwQsRd0He6j-WOr3-idWOMQS1VgdMwZ1zrDuSllTXWsenWuOJdkSd9Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 18:00:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUtZWDYyZHQxUWcxbmY1&google_gid=CAESEGVTRhpc6XNnOI4Zs_qdZ0w&google_cver=1&google_push=AaAOQGFEgq2p6JE3Vn4YaS0notIhAOoyv2f32Ge4SG68YM7gwQsRd0He6j-WOr3-idWOMQS1VgdMwZ1zrDuSllTXWsenWuOJdkSd9Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0707
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM_iQxkqCiKXzjIOxvZmWzo&google_cver=1&google_push=AaAOQGGFflc9QC1jnh4o8uWH2LqorkmN1Xd37NwLqdhGbqfN4TDgq8uIrrAj3c6WY5bio97CqLzU_1rijqBovX6h...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFflc9QC1jnh4o8uWH2LqorkmN1Xd37NwLqdhGbqfN4TDgq8uIrrAj3c6WY5bio97CqLzU_1rijqBovX6hqErpPVRHT-HKEw

170 B
188 B

84ms
66ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFflc9QC1jnh4o8uWH2LqorkmN1Xd37NwLqdhGbqfN4TDgq8uIrrAj3c6WY5bio97CqLzU_1rijqBovX6hqErpPVRHT-HKEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 18:00:37 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFflc9QC1jnh4o8uWH2LqorkmN1Xd37NwLqdhGbqfN4TDgq8uIrrAj3c6WY5bio97CqLzU_1rijqBovX6hqErpPVRHT-HKEw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 02 Jul 2023 18:00:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0707
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGErPX_ueQX-pxjg5B_iLMSUjhhB_DNDWVb2Re29WmfSFG-eZ6Bi2H...

170 B
188 B

67ms
66ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGErPX_ueQX-pxjg5B_iLMSUjhhB_DNDWVb2Re29WmfSFG-eZ6Bi2Hbqw2DHopXz97fg0luKv5vgDEB8yjWEW07XoqNw0Qi4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688320837.127059,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcZy7INWwhzntowViLORy0&google_push=AaAOQGErPX_ueQX-pxjg5B_iLMSUjhhB_DNDWVb2Re29WmfSFG-eZ6Bi2Hbqw2DHopXz97fg0luKv5vgDEB8yjWEW07XoqNw0Qi4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0707
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcnxKIKCwGZom_kFZtdzfM&google_cver=1&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poG...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==

170 B
232 B

68ms
66ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGQOpCplxuVXl0yS0CByNXHkNdYogDXKseaoQZdOVasUtrpaTpFhg1K0UgbT0dPlMCUqoXPfWNB4MQ2Ev7p8poGrHwlTsOeog&google_hm=OZWCOr6jTaexSHmYVDzEXA==
date: Sun, 02 Jul 2023 18:00:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0707
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKpMkXitORSJTWKuCkxWSJ8&google_cver=1&google_push=AaAOQGE1qGJ6vvFb4zyylAyZJQ6bvFD3gDaezWrBthiJbnjJ7-N6etpuZdjvzH2fHfAwVgNn9PR-Ij0x...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0ODk0NDU1MDcyOTYyMzcwNQ&google_push=AaAOQGE1qGJ6vvFb4zyylAyZJQ6bvFD3gDaezWrBthiJbnjJ7-N6etpuZdjvzH2fHfAwVgNn9PR-Ij...

170 B
188 B

74ms
65ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0ODk0NDU1MDcyOTYyMzcwNQ&google_push=AaAOQGE1qGJ6vvFb4zyylAyZJQ6bvFD3gDaezWrBthiJbnjJ7-N6etpuZdjvzH2fHfAwVgNn9PR-Ij0xchsns86flC5RYiJH9siPlg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0ODk0NDU1MDcyOTYyMzcwNQ&google_push=AaAOQGE1qGJ6vvFb4zyylAyZJQ6bvFD3gDaezWrBthiJbnjJ7-N6etpuZdjvzH2fHfAwVgNn9PR-Ij0xchsns86flC5RYiJH9siPlg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 0707
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFrGjm1DKeUs...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHsbH0iNDayQJuZpGE7rGymUmbC7Fd8pknbt1mqO4lkViTMN11ZdEOPFFR2yutT2iVipzCzvO_XL8Bnzy0sGJbyELsOV-WORAs
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

61ms
60ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 18:00:37 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0707 0
49 B 73ms
70ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEmwkqkgTJBeavdDmYMtGm1FuUXhbd8Jd3NzR9ZkQ4GJX1Qa4j2H2ilS1jSVcy9TKu-wjjVA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 110ms
109ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7f6c41d7911a194b846d058a9090d42b9508fa193716e5d20828955ec41f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11070
x-xss-protection: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C03 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
71ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 18:00:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08EA 13 KB
5 KB 59ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 17:39:38 GMT
expires: Mon, 01 Jul 2024 17:39:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D839 783 B
533 B 66ms
66ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3312e4f9ece346ddb55b7ef332652fec87ea0575b832c3f18d23eac091764f5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1domVlmQUV-W1wodq_-yHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-1domVlmQUV-W1wodq_-yHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 18:00:37 GMT
expires: Sun, 02 Jul 2023 18:00:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D839 0
0 101ms
101ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=2823135172351736&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 08EA 37 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:54:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 08EA 0
10 B 57ms
57ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?348m7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:00:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mdundo.com/	1970-01-20 12:58:42	Name: mdundo_session Value: 2grp4o6gttrmbpt4taafuka4q3
mdundo.com/	1970-01-20 13:00:07	Name: mobile Value: 0
mdundo.com/	1970-01-20 21:44:16	Name: _pubcid Value: 3dffa528-6858-4211-893f-8f5363e7a25c
.mdundo.com/	1970-01-20 13:00:07	Name: _gid Value: GA1.2.790220616.1688320834
.mdundo.com/	1970-01-20 12:58:40	Name: _gat Value: 1
.mdundo.com/	1970-01-20 22:34:40	Name: _ga Value: GA1.1.1837079349.1688320834
mdundo.com/	1970-01-20 13:00:07	Name: visited Value: 1
mdundo.com/	1970-01-20 13:00:07	Name: clientId Value: 1837079349.1688320834
.mdundo.com/	1970-01-20 22:34:40	Name: _ga_H6YSQ4ZFSK Value: GS1.1.1688320833.1.0.1688320833.60.0.0
.mdundo.com/	1970-01-20 22:34:40	Name: _ga_E07LZWMW45 Value: GS1.2.1688320834.1.0.1688320834.60.0.0
.adx.opera.com/	1970-01-20 21:44:16	Name: UID Value: a0f9c092-2d85-46f9-8b84-6ed6164a410d
.mdundo.com/	1970-01-20 22:20:16	Name: __gads Value: ID=4d55bb8471008774-224880e881e20000:T=1688320834:RT=1688320834:S=ALNI_Mbk0n1gD_xNpGEar09aPOTONMU3Sg
.mdundo.com/	1970-01-20 22:20:16	Name: __gpi Value: UID=00000c8c478f7e36:T=1688320834:RT=1688320834:S=ALNI_MYPgpmLNVf8f9272Nyvyt4WfzOY3Q
.creativecdn.com/	1970-01-20 21:44:16	Name: u Value: AjIkU2zWJLUmwtp8lHbs
.creativecdn.com/	1970-01-20 21:44:16	Name: ts Value: 1688320834
.yandex.ru/	1970-01-20 22:34:40	Name: yuidss Value: 3108331061688320834
.yandex.ru/	1970-01-20 22:34:40	Name: yandexuid Value: 3108331061688320834
.doubleclick.net/	1970-01-20 22:20:16	Name: IDE Value: AHWqTUlO1j1CK6afcg1dOQIMSBDqSgyF-BBZ1rZ-80DrgnKN36YHJvWERguKQr6-8Gc
.bidswitch.net/	1970-01-20 21:44:16	Name: tuuid Value: 3995823a-bea3-4da7-b148-7998543cc45c
.bidswitch.net/	1970-01-20 21:44:16	Name: c Value: 1688320837
.bidswitch.net/	1970-01-20 21:44:16	Name: tuuid_lu Value: 1688320837
.turn.com/	1970-01-20 17:17:52	Name: uid Value: 6966546543663127549
.ctnsnet.com/	1970-01-20 21:44:16	Name: cid_0b5829054b03417b94e2911faa81c6a3 Value: 1
.ctnsnet.com/	1970-01-20 21:44:16	Name: gid_CAESEGsgjXZP-K-GrlZBs3Z0Gao Value: 1
.adform.net/	1970-01-20 13:43:19	Name: C Value: 1
.mathtag.com/	1970-01-20 13:41:52	Name: mt_mop Value: 4:1688320838
.w55c.net/	1970-01-20 22:30:21	Name: wfivefivec Value: 9KYX62dt1Qg1nf5
.yahoo.com/	1970-01-20 21:44:38	Name: A3 Value: d=AQABBEW7oWQCEGJ8FsUBAAWUA6KDkv7VW8YFEgEBAQEMo2SrZAAAAAAA_eMAAA&S=AQAAAk4m-YlEt32lFp7pagF096E
.w55c.net/	1970-01-20 13:41:52	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 14:25:04	Name: uid Value: 4648944550729623705
.everesttech.net/	1970-01-20 21:44:16	Name: everest_g_v2 Value: g_surferid~ZKG7RQAWJpw0IgAn
.tribalfusion.com/	1970-01-20 15:08:16	Name: ANON_ID Value: afnseFmge06ousnA7fvLlkYoMgZc9W9hKjhZaFOQZaH8K7KjaQfwZa0trEMko7ZbpGkl5Fi5B3KRZbI8yxAH3M5ZaPp
pool.admedo.com/	1970-01-20 21:44:16	Name: tuuid Value: 02b7d5d1-f78a-44ca-8b47-8fc89c5a9a9a
pool.admedo.com/	1970-01-20 21:44:16	Name: c Value: 1688320837
pool.admedo.com/	1970-01-20 21:44:16	Name: tuuid_lu Value: 1688320837

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
an.yandex.ru
c1.adform.net
certify-js.alexametrics.com
cm.g.doubleclick.net
creativecdn.com
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ius.ctnsnet.com
mdundo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
r.turn.com
r2---sn-5hneknek.gvt1.com
redirector.gvt1.com
region1.analytics.google.com
res.adx.opera.com
s.adx.opera.com
s.tribalfusion.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.taboola.com
sync.teads.tv
t.adx.opera.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
certify-js.alexametrics.com
141.226.228.48
142.250.186.98
151.101.130.49
159.69.149.44
178.250.7.11
185.184.8.90
185.29.132.245
185.86.138.155
2.16.97.41
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.58.212.162
23.218.164.71
23.37.42.132
2606:4700::6812:19ad
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9c
2a00:1450:400e:16::7
2a00:1450:4019:807::2003
2a02:26f0:ab00::5c7a:d71a
2a02:6b8::90
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:aef:9901:5093:3cb4
35.156.133.126
35.186.193.173
35.210.53.219
37.157.2.229
52.28.152.8
76.223.111.18
82.145.213.8
0158d96de0eba412f8459bfa1a80dbc545ca9112fa9679ca5361fbaba2db7b73
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3ffafe2bad86136dc0d54b7dbb154328b343075788dfaa8cd72242e55179a0
11b8f67c842cd30296045ea9e03a39881951bb458f70b7b229381ccfac676ab5
125379f7a1488b18beff9eff52709ac9e6eca95edaf74570c38e1095b5a9e7b9
13c48fd0cfdb61cbaf33b51ce9c216914e63146db5473f2e136f86a2e978f49e
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
1fda13d33f8a8bd3f9ea1c77bd5be5e609b2c3461ab7b8fa947fecbcf4c55cfa
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
2a84e9173acb8ff38f6073b54b3991ffa66518a26de8385587140b9c663d0a40
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329420b0a47f69760e4809709789bf3082acff188be0cc3e6986c333eed15072
3312e4f9ece346ddb55b7ef332652fec87ea0575b832c3f18d23eac091764f5c
341bff796ee4cdcba541297b829a188128ea67a9cbac5c9cce1f7508adebb36f
35069aa6a1e3224600d977b91de86deb653e36c78db715ceea2d1f36c0f588d1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b0760560c6a927791a613999870c414478a6f3f657d92e1b905790c43dbe95b
467465a3654f2c4f08ccbc36629f748403ea87e7f4a2293f5b084adbd7f37be8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b4623dcf73eed08e1b1f1647f5930eaceb8cd577e113cf1d55871edbf74a2e1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f91c1a82b10ae7114c24b5209184946d2077504317445146b12ad241f5faf45
50c90f7d19bf35f05af29be6a8f4f9d473b20285adb04fe3faf84157db4bf8e4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c556a77e1091ea10a769e3dcd5f78ce23da8b8f8cecc5e0c6bec4f6982a19a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f44c81828d36742949faa0c27e9e2ef0e787594c08f246c721280748c67d7ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67e3252b91889bf16e4e28affed531d22ff53cbc5d3f166f5e878e00e44006be
6a6070ad0cf3acb4ad3f5d34503ccf5e3d94bc9ae3238d8e5be78ce0f49150fb
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
6e50c3c0d0dd92899cabafcbee9cc437c3c9e0b52920462955b4a0f43b758daf
71a06c9feb69e86491cc0c622ab63a245c54e2d241a5b6c1ce3c3a54c5f42516
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c82a1e3c64347ccd66750e438c0c29e1ded4ca2de406fbd79690d7028980590
8fa1bdaac22c1ae2fac95f44ae2b9dc6e66116e59b2eabb74abd297028069cbe
95f5781079435ee28d5944187bf013b60680a54311038914048c7d426940f14e
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0c510fbbbc60d84f9d31a91f4b9241db940540e65ee3c00e647cfae49ef4eb0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
b0f6dfbdb0c4661c98625afa1b6e73167265db04cbfc21f7347abe74c561a91e
b7f6c41d7911a194b846d058a9090d42b9508fa193716e5d20828955ec41f61f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf403367ac32b3afe739ce962025f55d9b15267de58f338033c7b973f260291d
c6af65a37cb3dee2ccd93ef7d39512564abdf38bd311fdce937e04ca0b693ffc
c734b0c73ede2b80c38da454f7f032b1fdc89c6ca267f6cb04dde785f7dd8cf7
d14fd5e2878e4af0e1e5d59fbb18d86fa17cf34bf15506ee64770828f79f4352
d3743c6f1dd7dbe1a3677bc1304a36ea74dca1aeb1c5a687cfd4cdf5574e9925
d99a930974713deba51d4839e9aef2275f41036e220514a7f3dc165130ce3e6d
d9b94254ff67b4613d006d73b35a3db604cf7e20cb652afc45b1bd13a92e41e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3792b26878c08fef3901b4a2be810c3b5f686a0511563dda0fcb0d82b81225d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e706570de2442ab9a83fddfa63d5398391910b7818c11e6ea02967fad30284
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

mdundo.com Open in urlscan Pro 159.69.149.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

81 %HTTPS

55 %IPv6

33 Domains

48 Subdomains

30 IPs

11 Countries

3746 kBTransfer

6530 kBSize

35 Cookies

6 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mdundo.com Open in urlscan Pro
159.69.149.44 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

81 %
HTTPS

55 %
IPv6

33
Domains

48
Subdomains

30
IPs

11
Countries

3746 kB
Transfer

6530 kB
Size

35
Cookies

129 HTTP transactions
0 data transactions