mcmpiqq.top Open in urlscan Pro
154.211.15.189 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mcmpiqq.top/?thread-79.htm
Submission Tags: falconsandbox
Submission: On March 05 via api (March 5th 2024, 12:09:59 pm UTC) from US — Scanned from DE

Summary HTTP 183 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 21 domains to perform 183 HTTP transactions. The main IP is 154.211.15.189, located in Hong Kong and belongs to YISUCLOUDLTD-HK YISU CLOUD LTD, HK. The main domain is mcmpiqq.top.
TLS certificate: Issued by R3 on January 14th 2024. Valid for: 3 months.

This is the only time mcmpiqq.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	154.211.15.189 154.211.15.189	138152 (YISUCLOUD...) (YISUCLOUDLTD-HK YISU CLOUD LTD)
41	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	163.181.92.235 163.181.92.235	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
23	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
29	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	44.232.45.117 44.232.45.117	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:26d... 2600:9000:26da:9400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:400a:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
7 14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:1c::8	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	52.211.226.3 52.211.226.3	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 2	63.34.236.122 63.34.236.122	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1 2	23.219.216.4 23.219.216.4	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:1f13:800... 2600:1f13:800:7782:fa8a:453b:3668:d090	16509 (AMAZON-02) (AMAZON-02)
183	30

15 154.211.15.189 (Hong Kong)

ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK)

mcmpiqq.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.235 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.232.45.117 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-45-117.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26da:9400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400a:80a::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (San Francisco, United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.116 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5lznl7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.226.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-226-3.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.236.122 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-236-122.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.236.220.17 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.219.216.4 (Atlanta, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-216-4.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7782:fa8a:453b:3668:d090 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161 ade.googlesyndication.com — Cisco Umbrella Rank: 306	996 KB
43	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 bid.g.doubleclick.net — Cisco Umbrella Rank: 891 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 562	271 KB
15	mcmpiqq.top mcmpiqq.top	297 KB
13	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1260 r3---sn-4g5lznl7.c.2mdn.net — Cisco Umbrella Rank: 479446 s0.2mdn.net — Cisco Umbrella Rank: 321	3 MB
13	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	78 KB
11	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 831 static.adsafeprotected.com — Cisco Umbrella Rank: 673 fw.adsafeprotected.com — Cisco Umbrella Rank: 860 dt.adsafeprotected.com — Cisco Umbrella Rank: 650	175 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 imasdk.googleapis.com — Cisco Umbrella Rank: 479	142 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 256	6 KB
5	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	912 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1421	452 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 618	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 940 s.tribalfusion.com — Cisco Umbrella Rank: 2540	1 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 64350	1 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10388	12 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 123528 ia.51.la — Cisco Umbrella Rank: 104780	6 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 662	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 4018	573 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1541	588 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 849	715 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12613	1 KB
183	21

	Domain	Requested by
41	pagead2.googlesyndication.com	mcmpiqq.top pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
29	tpc.googlesyndication.com	googleads.g.doubleclick.net mcmpiqq.top imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com mcmpiqq.top googleads.g.doubleclick.net
15	mcmpiqq.top	mcmpiqq.top
14	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
10	s0.2mdn.net	mcmpiqq.top s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	csi.gstatic.com	imasdk.googleapis.com
6	fonts.googleapis.com	googleads.g.doubleclick.net mcmpiqq.top
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	googleads4.g.doubleclick.net	mcmpiqq.top
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	mcmpiqq.top googleads.g.doubleclick.net
3	static.adsafeprotected.com	googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net mcmpiqq.top
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects mcmpiqq.top
2	ade.googlesyndication.com	mcmpiqq.top
2	skydeutschland.demdex.net	1 redirects googleads.g.doubleclick.net
2	r3---sn-4g5lznl7.c.2mdn.net	mcmpiqq.top
2	fonts.gstatic.com	fonts.googleapis.com
2	hm.baidu.com	mcmpiqq.top
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	m.exactag.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	pixel.adsafeprotected.com	1 redirects
1	ia.51.la	mcmpiqq.top
1	js.users.51.la	mcmpiqq.top
183	36

This site contains links to these domains. Also see Links.

Domain
bbs.xiuno.com
www.51.la

Subject Issuer	Validity	Valid
mcmpiqq.top R3	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-02-20` - `2024-04-30`	2 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2024-02-28` - `2025-03-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://mcmpiqq.top/?thread-79.htm
Frame ID: 78A095C73FDBCFD52FCA3C12D5BF470B
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 0BA9A8ADA1108F7CA58FDCF19A97F9DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&adk=1812271804&adf=3025194257&lmt=1709640593&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640593656&bpp=3&bdt=119&idt=220&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=881236743585&frm=20&pv=2&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: A4839E77892CA993FB11A68CD71B38E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Frame ID: 71D6ECBF4A5C676CF1AD296C50187B84
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 084B43142831EC23C3C8F76D73EA4AD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 4A91AEDBC1DF5E3E25FD8F05770396A8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 9C8CF31921A104542E9F8877786B4B6D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 8E675B00F050B4BEB45E793962D46AF5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 86544DA6F889A997D02F39E2CA6EB969
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%B6%E6%94%B9%E3%83%AD%E9%87%91%E8%9E%8D%E3%81%84%E3%81%8D%E3%81%98%E5%96%84%E9%96%8B%E3%81%8F%E3%83%97%E3%80%81%E3%82%8F%E3%81%B6%E9%96%89%E3%81%8B%E8%AD%98%E3%82%8A%E5%AD%A6%E8%A8%88%E8%AC%9B%E5%BC%B7%E3%81%B9%E3%82%8B%E3%81%A7%E5%B8%AB%E3%82%84%E3%81%AB%E3%81%99%E3%81%8A%E3%82%89%E7%9F%A5%E5%8B%89%E3%81%AE%E3%81%8C
Frame ID: 27CF5EBC0BCF8A2F1BFDDB8D9D6960EB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B0F1281DE598218774DFAA5DB08CD25
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D1740D2EF62597BE814C1211695DA2CD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 526C48CA03491A05B9DD9FD60BDEC309
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPiAgYcCMAE&v=APEucNVmWqA-1YPLT_3BXvEvrynI3HnpIDHMp4sBC6ZLhLJCr__u0MkKRTKJkIYXRQwyN2M3JuB7XRv-Y3dIuhogfoDLQC0rgWby_r0WUqJLSA8GX4JIlmWqTUW9pxMpEXCaKwr7-Ax0ndRS6-gDgOclZLIeY7ANTB7VswM8VHOLxLE1dbebYBY
Frame ID: 3E90502BDFC843DAE06FC8FBE8FE0057
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2BBE3BC4CC10355F254C7E54EE43833D
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js
Frame ID: 1364AB1D7A73BF3050106DAB647AACA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3CBBCCE6E7855D3086ECEA026F8EE4EA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js
Frame ID: 3A514789A4B683C3A61DE1144FD543A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js
Frame ID: 924E654F1B208250841C58ED019108A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 61F75835A89DFF6E365AF171F2A1C8F7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250
Frame ID: A693C4ADEB81363A8CFB21BC5BD72D2A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYs72zhgIwAQ&v=APEucNVkrsl0SXtvx4FCMIt2js0uiiRvn0j-vT2m3T7_Oo2AI8dxJLfnbflY5X3H_ml_xS_IfSfx6pRAEfTKAVzcgQStp5v3IdYgdukANYe_uHZJ42DpIPwJIV_Eh-zu20UriTquR3fL8aWn8ld2wouNSdRydQfUMGLYOoo-L3TYbwhN7VLZPao
Frame ID: 42CD2666691E0BEADAC263509C6B889D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 87A3CD1F774DBDBAD4AB1DB2FA37ACBA
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D045270C572BA9E1CB97AE13658130B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2617A0A6FD5DD1933E2832F8EE7FF7BE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3245162412506913621/index.html?ev=01_250
Frame ID: 0948F04E56F54CA68CDE563E52C86FB3
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C23F6512BA759597FC163C504D784C0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 32EA3E9CDB4699608B6704AB3770F332
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7BD5B0DE10EDD963E619383EE98BE03
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

四季報記者が注目する2024年大化け期待の10銘柄（11月27更新)-株価予想-MCM揭示板

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

183
Requests

90 %
HTTPS

43 %
IPv6

21
Domains

36
Subdomains

30
IPs

7
Countries

5190 kB
Transfer

9393 kB
Size

33
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://bbs.xiuno.com/
Title: Xiuno BBS 4.0.4

Search URL Search Domain Scan URL

URL: https://www.51.la/?comId=21505529
Title: 51La

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://pixel.adsafeprotected.com/rfw/st/1878143/78657673/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015817291&ias_pubId=pub-4383418722826066&ias_chanId=1&ias_placementId=21021886065&bidurl=https://mcmpiqq.top/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gAF3WJ05ukZHeU_IdHaJrW HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjBIFDbBoqt6Om3l2QZdYI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjBIFDbBoqt6Om3l2QZdYI&google_cver=1&C=1

Request Chain 82

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZecLklVbLaUAAELtABlK9AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjki0vWycDEitC4ovcpp9k&google_cver=1

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGy-kOTIImYf5tMc0fC59c0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGy-kOTIImYf5tMc0fC59c0%26google_cver%3D1

Request Chain 84

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D

Request Chain 91

https://gcdn.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/1007FF57B792463F0B6E9A641FE54346E08E9AC7.0224D79941A09520AE918089E2EB2E1DEA630118/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/51526C3F5F0F91A4EB7754C20C1447B7A2B029AB.2C9EF75586BEA44EC14D5DF720467DCD5F15D7DF/key/cms1/cms_redirect/yes/mh/bX/mip/2a01:4a0:5a::8/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1709639452/mv/u/mvi/3/pl/42/file/file.mp4

Request Chain 107

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=210662259&d_placement=387525181&d_campaign=31430666&d_bust=2943451182&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=210662259&d_placement=387525181&d_campaign=31430666&d_bust=2943451182&gdpr=&gdpr_consent=

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZecLklVbLV8AAAlWABkHvgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECcqBHVeUwojtZaD9AV6KZQ&google_cver=1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D

Request Chain 144

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA7Sfq8nMdtFx2zdtrnK6Pc&google_cver=1&google_push=AXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA7Sfq8nMdtFx2zdtrnK6Pc&google_cver=1&google_push=AXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 145

https://um.simpli.fi/gp_match?google_gid=CAESEIns9wn1gSwEps_77S_1Q0w&google_cver=1&google_push=AXcoOmSiSTSZRPIHvkwmhxCkyATAHM7kg4jNl3wEI3m0qYFSeQraAGivtE0tDsxVS37t3dSyegtHmLpA9o9DPGlX4qiV73N9v_WXYSSP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=419E5461C21042E89A27DBF1886A2A33&google_push=AXcoOmSiSTSZRPIHvkwmhxCkyATAHM7kg4jNl3wEI3m0qYFSeQraAGivtE0tDsxVS37t3dSyegtHmLpA9o9DPGlX4qiV73N9v_WXYSSP

Request Chain 146

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG2tKrnAWys2zs6T3kRyjH0&google_cver=1&google_push=AXcoOmS136R3yinCx8boZuPkVurR0CKVWsvv01dUo4GAwNpI6X7oM1ZnTLHUBrqonojSGfBtAV62P3LfpODI_PtCco-s8IwWWDCaEMhy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzM0Mjg1MDQ0MzQ0OTkyMzc0Mw%3D%3D&google_push=AXcoOmS136R3yinCx8boZuPkVurR0CKVWsvv01dUo4GAwNpI6X7oM1ZnTLHUBrqonojSGfBtAV62P3LfpODI_PtCco-s8IwWWDCaEMhy

Request Chain 147

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPw25NPLMWyp7PBHQVkcOpw&google_cver=1&google_push=AXcoOmQBbYZMONLrT2CcBAsqwWkmuwxb_CnRbu_klxoXPbGaCUVh23s3TBiHxykvt8XSnOvNnD35W6bhfzoOKSLveAWl2URjmjJx0dST HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&gdpr=1&process_consent=T&google_hm=fns4HA1UQY4E6t960_6z-A&google_push=AXcoOmQBbYZMONLrT2CcBAsqwWkmuwxb_CnRbu_klxoXPbGaCUVh23s3TBiHxykvt8XSnOvNnD35W6bhfzoOKSLveAWl2URjmjJx0dST

Request Chain 149

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKGMIz9RiRlA6KgBi7gi0e0&google_cver=1&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP_lO9Mbl62C2nMmfKZMNYeHceMR HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKGMIz9RiRlA6KgBi7gi0e0&google_cver=1&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP_lO9Mbl62C2nMmfKZMNYeHceMR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzNjgxOTM1NTA1MjkwMTA5OQ&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP_lO9Mbl62C2nMmfKZMNYeHceMR

Request Chain 150

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI43jFGQ1H3wm79z5DAARao&google_cver=1&google_push=AXcoOmT2s0_WVGz7NwWUKtXjrm4UdfpDjZ3l-RnB0WU4PbiL_OrFf5oEsiYA8uNOGvq4ue3pQzk_j144WHv_xWqECde0Eci7hmaBcFmr1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT2s0_WVGz7NwWUKtXjrm4UdfpDjZ3l-RnB0WU4PbiL_OrFf5oEsiYA8uNOGvq4ue3pQzk_j144WHv_xWqECde0Eci7hmaBcFmr1A HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 159

https://fw.adsafeprotected.com/rfw/st/1953786/78330309/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015863773&ias_pubId=pub-4383418722826066&ias_chanId=1&ias_placementId=21048705571&bidurl=https://mcmpiqq.top/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j0RTyRETLxnjqg_iyCLY9K&adContainerId=brand_safety_kwvnZfO2DsqzjuwPwNeZ2AQ&cbFunctionName=goog_wrapCb_kwvnZfO2DsqzjuwPwNeZ2AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fmcmpiqq.top&adsafe_type=g&adsafe_url=https%3A%2F%2Fmcmpiqq.top%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4383418722826066%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D854766408%26pi%3Dt.aa~a.3713792823~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1709640594%26rafmt%3D1%26to%3Dqs%26pwprc%3D6085169274%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fmcmpiqq.top%252F%253Fthread-79.htm%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1709640594611%26bpp%3D1%26bdt%3D1074%26idt%3D0%26shv%3Dr20240229%26mjsv%3Dm202402270101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C825x280%26nras%3D2%26correlator%3D881236743585%26frm%3D20%26pv%3D1%26ga_vid%3D1721056475.1709640594%26ga_sid%3D1709640594%26ga_hid%3D1313205084%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44795921%252C95325753%252C95320376%252C95321866%252C95324161%252C95325784%252C95326936%26oid%3D2%26pvsid%3D3676971400239924%26tmod%3D1558946393%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D2&adsafe_type=bed&adsafe_jsinfo=,id:e1bd7d6c-2704-786c-951a-620a4c57413a,c:65qvi4,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-767c495c85-l9d96,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,tdt:s,fm:u69fHY3+11%7C12%7C131%7C141*.1953786-78330309%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C171%7C172%7C1811%7C1812%7C1813,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:13,oid:47532393-dae9-11ee-8b39-2a5e7c012c2c,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_kwvnZfO2DsqzjuwPwNeZ2AQ&cbFunctionName=goog_wrapCb_kwvnZfO2DsqzjuwPwNeZ2AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

183 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mcmpiqq.top/ 15 KB
6 KB 1287ms
292ms Document
text/html 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

58bcd12224e4b53d88e2522bc6a2fbd881b6b0c9779981f76715f70eb67d0e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 12:08:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bootstrap.css
mcmpiqq.top/view/css/ 188 KB
35 KB 253ms
252ms Stylesheet
text/css 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/css/bootstrap.css?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

72dc56075db25b8cb35e6192e07971f0044a7c8e3405976e9182f2708ea81e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-2f153"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 bootstrap-bbs.css
mcmpiqq.top/view/css/ 5 KB
2 KB 502ms
501ms Stylesheet
text/css 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/css/bootstrap-bbs.css?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

0527638da5cb4455dd25616e9113dc6d8b2a2d63989ee12ca78d780412d0d9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-148a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 logo.png
mcmpiqq.top/view/img/ 4 KB
4 KB 503ms
502ms Image
image/png 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcmpiqq.top/view/img/logo.png

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

4417db3e0a94f67044d631ce204c42930c942f9f4a256382ed3d1f40e5a07de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: "5e0598d2-f62"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3938
expires: Thu, 04 Apr 2024 12:08:03 GMT

GET
H2 200 37.png
mcmpiqq.top/upload/avatar/000/ 7 KB
7 KB 504ms
503ms Image
image/png 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcmpiqq.top/upload/avatar/000/37.png?1699969700

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

f7b4e779eea355f97221c949d95a8de10ad7bf1a95279b9fd9e770370b4ccc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 13:48:20 GMT
server: nginx
etag: "65537aa4-1ac6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6854
expires: Thu, 04 Apr 2024 12:08:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 78ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4383418722826066

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

235be0ebe8f5ab6040ae571ad05509fbb51d8b96d67e088272f59354e1878684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Origin: https://mcmpiqq.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51143
x-xss-protection: 0
server: cafe
etag: 5993648408203797853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 05 Mar 2024 12:09:53 GMT

GET
H2 200 bbs.js Show response
mcmpiqq.top/lang/en-us/ 281 B
494 B 487ms
485ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/lang/en-us/bbs.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

bea6234767b68cbdd27f84b8be30cdcc0e88796a9019d5dffd3a663080a95290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: "5e0598d2-119"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 281
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 jquery-3.1.0.js Show response
mcmpiqq.top/view/js/ 258 KB
89 KB 488ms
486ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/jquery-3.1.0.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-40657"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 popper.js Show response
mcmpiqq.top/view/js/ 79 KB
24 KB 732ms
731ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/popper.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

902aea836b9d18783322e1034ae317152d996c2a69b7afae68416ee8fa664ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-13d25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 bootstrap.js Show response
mcmpiqq.top/view/js/ 113 KB
25 KB 733ms
731ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/bootstrap.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

280d5be3f0172c54794c9eb84130b1d3903cdfde02d95f15325358881b4ddc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-1c20b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 xiuno.js Show response
mcmpiqq.top/view/js/ 56 KB
19 KB 733ms
732ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/xiuno.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

ad5294d4c86a8dbc7ae7d78f9c12ba12e7a823cae7ff1b1a2523ca701ca671e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-e1d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:03 GMT

GET
H2 200 bootstrap-plugin.js Show response
mcmpiqq.top/view/js/ 11 KB
4 KB 733ms
732ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/bootstrap-plugin.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

b3a1ed0ea726d14b5a64504b365e9c009efa4e30e242a9550276f60df0ad6519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-2a1d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:04 GMT

GET
H2 200 async.js Show response
mcmpiqq.top/view/js/ 34 KB
7 KB 734ms
732ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/async.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

384002b5c7ca93ea41ecd7893e8bf015d9394608ea04c8b18c7914e87a850092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-87aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:04 GMT

GET
H2 200 form.js Show response
mcmpiqq.top/view/js/ 1005 B
1 KB 734ms
733ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/form.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

0eec2e3e361b1e81b0230cdf337ea87f94a75bcf0d9aed63b98e09d51fcba515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: "5e0598d2-3ed"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1005
expires: Wed, 06 Mar 2024 00:08:04 GMT

GET
H2 200 bbs.js Show response
mcmpiqq.top/view/js/ 7 KB
2 KB 734ms
733ms Script
application/javascript 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/js/bbs.js?1.0

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

fc7510d1c4897a91cf86c80f0084aae535eba4d388cad1d1494ddce1f97d28d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/?thread-79.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: W/"5e0598d2-1a52"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 06 Mar 2024 00:08:04 GMT

GET
H/1.1 200
OK 21505529.js Show response
js.users.51.la/ 5 KB
6 KB 261ms
192ms Script
application/javascript 163.181.92.235
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21505529.js
Requested by: Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.235 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a05ff950824d8b08be92e73ba8d1f2bb375cd7e9f9272ce1d424e213a1ee2ca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 12:09:53 GMT
Via: cache25.l2de2[178,178,200-0,M], cache10.l2de2[180,0], ens-cache8.de5[183,183,200-0,M], ens-cache6.de5[185,0]
X-Swift-CacheTime: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Tue, 05 Mar 2024 12:09:53 GMT
Content-Length: 5207
Server: Tengine
Ali-Swift-Global-Savetime: 1709640593
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
EagleId: a3b55c9a17096405936315537e

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 954ms
380ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?aa8d78d2a991292e1875b102dfe48d73

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

1966eb7cf96d5d97b64bebd9d220232fecd529f5570c042a9ebb3e1f980dd98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 12:09:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 47927f0606deeb2e863738566457a48c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11259

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 407 KB
138 KB 88ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4383418722826066&plah=mcmpiqq.top&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4383418722826066

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec26fc6755b272d976a91be1dfe7d0cbc1ed4c32b6c44bb9981f4d676e236fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140927
x-xss-protection: 0
server: cafe
etag: 3680691954198048561
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:53 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/ Frame 0BA9 9 KB
4 KB 30ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4383418722826066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 08:53:38 GMT
etag: 5035419970550746386
expires: Tue, 19 Mar 2024 08:53:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A483 551 KB
107 KB 689ms
688ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&adk=1812271804&adf=3025194257&lmt=1709640593&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640593656&bpp=3&bdt=119&idt=220&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=881236743585&frm=20&pv=2&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=230

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4383418722826066&plah=mcmpiqq.top&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4643cc09b7781e622ae5625a43f7f9bbdec8fe5cb6f36ab022fdf0d107934eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
expires: Tue, 05 Mar 2024 12:09:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fontawesome-webfont.woff2
mcmpiqq.top/view/font/ 70 KB
70 KB 499ms
499ms Font
font/woff2 154.211.15.189
YISUCLOUDLTD-HK Y...

General

Check archive.org

Show headers Download Go to

Full URL

https://mcmpiqq.top/view/font/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/view/css/bootstrap.css?1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.211.15.189 , Hong Kong, ASN138152 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mcmpiqq.top/view/css/bootstrap.css?1.0
Origin: https://mcmpiqq.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:08:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Dec 2019 05:38:26 GMT
server: nginx
etag: "5e0598d2-118d8"
content-type: font/woff2
accept-ranges: bytes
content-length: 71896

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71D6 92 KB
28 KB 557ms
557ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed5216a99d280d089cb2a2b09e5fcbcbf8fbe54a428885c46f63fc1097127abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
expires: Tue, 05 Mar 2024 12:09:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 go1
ia.51.la/ 0
317 B 665ms
250ms Image
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21505529&rt=1709640594560&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%2520%25E5%259B%259B%25E5%25AD%25A3%25E5%25A0%25B1%25E8%25A8%2598%25E8%2580%2585%25E3%2581%258C%25E6%25B3%25A8%25E7%259B%25AE%25E3%2581%2599%25E3%2582%258B2024%25E5%25B9%25B4%25E5%25A4%25A7%25E5%258C%2596%25E3%2581%2591%25E6%259C%259F%25E5%25BE%2585%25E3%2581%25AE10%25E9%258A%2598%25E6%259F%2584%25EF%25BC%258811%25E6%259C%2588&ing=1&ekc=&sid=1709640594560&tt=%25E5%259B%259B%25E5%25AD%25A3%25E5%25A0%25B1%25E8%25A8%2598%25E8%2580%2585%25E3%2581%258C%25E6%25B3%25A8%25E7%259B%25AE%25E3%2581%2599%25E3%2582%258B2024%25E5%25B9%25B4%25E5%25A4%25A7%25E5%258C%2596%25E3%2581%2591%25E6%259C%259F%25E5%25BE%2585%25E3%2581%25AE10%25E9%258A%2598%25E6%259F%2584%25EF%25BC%258811%25E6%259C%258827%25E6%259B%25B4%25E6%2596%25B0)-%25E6%25A0%25AA%25E4%25BE%25A1%25E4%25BA%2588%25E6%2583%25B3-MCM%25E6%258F%25AD%25E7%25A4%25BA%25E6%259D%25BF&kw=&cu=https%253A%252F%252Fmcmpiqq.top%252F%253Fthread-79.htm&pu=
Requested by: Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 05 Mar 2024 12:09:55 GMT
Content-Length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 166 KB
56 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5400a3dfc045561b7448c9910fa432b75c57506cb91c5405e8d1f2727c01397f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57342
x-xss-protection: 0
server: cafe
etag: 5797478176661398844
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 084B 29 KB
12 KB 488ms
487ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d944ffae1b0883b0232ea1004225f2ee7af53c5e0f8c40484e5f392eb41a1ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12635
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:55 GMT
expires: Tue, 05 Mar 2024 12:09:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/ Frame 71D6 23 KB
9 KB 45ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 71D6 9 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:36:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/ Frame 71D6 15 KB
3 KB 30ms
8ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 16:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 16:40:07 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/ Frame 71D6 379 KB
132 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34cf5ba670b3eae17378288357603fe520e0dff85b58097e492945dd35c4ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134699
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 14:08:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 71D6 20 KB
8 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:33:14 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/ Frame 4A91 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 22:09:32 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 22:09:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/ Frame 9C8C 9 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 22:09:32 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 22:09:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/ Frame 8E67 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 22:09:32 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 22:09:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/ Frame 8654 9 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 22:09:32 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 22:09:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4A91 5 KB
767 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:35:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27CF 818 B
481 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%B6%E6%94%B9%E3%83%AD%E9%87%91%E8%9E%8D%E3%81%84%E3%81%8D%E3%81%98%E5%96%84%E9%96%8B%E3%81%8F%E3%83%97%E3%80%81%E3%82%8F%E3%81%B6%E9%96%89%E3%81%8B%E8%AD%98%E3%82%8A%E5%AD%A6%E8%A8%88%E8%AC%9B%E5%BC%B7%E3%81%B9%E3%82%8B%E3%81%A7%E5%B8%AB%E3%82%84%E3%81%AB%E3%81%99%E3%81%8A%E3%82%89%E7%9F%A5%E5%8B%89%E3%81%AE%E3%81%8C

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b957b5f68da88dd939ba7f9543e60e22bd20f6a2ea09896a15a23a87c1a45a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 12:09:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27CF 8 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f9c8e8bc991879beac20d773034e76bf154576b50d177b0575836ae9be52c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:22:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 27CF 2 KB
875 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/ Frame 27CF 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/abg_lite_fy2021.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B0F 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:44:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 27CF 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/window_focus_fy2021.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 08:49:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 27CF 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:33:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 27CF 207 KB
63 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 13:09:04 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 27CF 36 KB
15 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 04:05:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/ Frame 4A91 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 9518204868993021864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 01:12:51 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A91 205 B
519 B 29ms
10ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:20 GMT
x-content-type-options: nosniff
age: 59854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Mar 2025 19:32:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A91 604 B
695 B 35ms
15ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:35 GMT
x-content-type-options: nosniff
age: 11839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Mar 2025 08:52:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/ Frame 4A91 22 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 02:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 02:53:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9C8C 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:11:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 9C8C 2 KB
856 B 14ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/ Frame 9C8C 23 KB
9 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D174 143 B
166 B 10ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:44:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 9C8C 3 KB
1 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 08:49:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 9C8C 20 KB
8 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:33:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9C8C 207 KB
63 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 13:09:04 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 9C8C 36 KB
15 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 04:05:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8E67 14 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 10:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 8E67 2 KB
822 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/ Frame 8E67 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:34:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 526C 143 B
166 B 12ms
11ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:44:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 8E67 3 KB
1 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 08:49:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 8E67 20 KB
8 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:33:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8E67 207 KB
63 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 13:09:04 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 8E67 36 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 04:05:18 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E90 624 B
246 B 45ms
45ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPiAgYcCMAE&v=APEucNVmWqA-1YPLT_3BXvEvrynI3HnpIDHMp4sBC6ZLhLJCr__u0MkKRTKJkIYXRQwyN2M3JuB7XRv-Y3dIuhogfoDLQC0rgWby_r0WUqJLSA8GX4JIlmWqTUW9pxMpEXCaKwr7-Ax0ndRS6-gDgOclZLIeY7ANTB7VswM8VHOLxLE1dbebYBY

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
expires: Tue, 05 Mar 2024 12:09:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2BBE 93 KB
33 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:54 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 2BBE
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/78657673/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015817291&ias_pubId=pub-4383418722826066&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
481 B

40ms
6ms

Image
image/gif

2600:9000:26da:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol: H2
Server: 2600:9000:26da:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 7324812
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: t3n9KlEu6kip6_OMe6CxnnRfAW73SjXGGjvRqkQGtZUuZb4rpzltLA==

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: nginx
x-server-name: app05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 2BBE 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/window_focus_fy2021.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 08:49:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 2BBE 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:33:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2BBE 207 KB
63 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 13:09:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BBE 42 B
63 B 38ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bl8tktQDYwPmXEsNEGcnnpR25rGd5Qgjd6lk6fYVa6maWAmNzwAbevddWA5wyEI5wt_4Stf0Q-rshugI7Phr5TZPQvk-CkfTGvFA8NI5gaMYw4YDE

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 374ms
374ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1915541109&si=aa8d78d2a991292e1875b102dfe48d73&v=1.3.0&lv=1&sn=29050&r=0&ww=1600&u=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&tt=%E5%9B%9B%E5%AD%A3%E5%A0%B1%E8%A8%98%E8%80%85%E3%81%8C%E6%B3%A8%E7%9B%AE%E3%81%99%E3%82%8B2024%E5%B9%B4%E5%A4%A7%E5%8C%96%E3%81%91%E6%9C%9F%E5%BE%85%E3%81%AE10%E9%8A%98%E6%9F%84%EF%BC%8811%E6%9C%8827%E6%9B%B4%E6%96%B0)-%E6%A0%AA%E4%BE%A1%E4%BA%88%E6%83%B3-MCM%E6%8F%AD%E7%A4%BA%E6%9D%BF

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Mar 2024 12:09:54 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 71D6 0
54 B 486ms
161ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ltebv9ku&c=8139984471445&slotId=4069992235722.5&qqid=CI68uMKL3YQDFXRGkQUdygYF4w&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 71D6 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:16:13 GMT
x-content-type-options: nosniff
age: 57221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 20:16:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 71D6 15 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:37:46 GMT
x-content-type-options: nosniff
age: 23528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 05:37:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71D6 0
20 B 38ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CNKJBkgvnZY6rBvSMxdwPyo2UmA7piNbTdfuSv-SdEuCCoeanQhABIKLPxWpglfqagqwHoAHcxoqJKcgBBakC-SegnlMzsj6oAwHIA5sEqgSSAk_QlNEkcGP9wMmjYkAmsV6L0KkHzoMLArDCWMvsgnQqDScKbb1ltoCKkWlddgkGX3AxE5ZRMWoOPWkcEWj6tPLnxgQNIJJaMb4nQcM1Yq_cUcPqrX2cYTcFxv3klO7fAZpB9YJwA1R4PB8WJxqp0BiiHj1EP_xkH_cECZ0e5saMN50WQq4T9oVVL1vi9-AE3FWWuwB1mxBIYN9LavN_-iuf14fw5VZ3brjFmPyJCwM_yqNQA91pKu6WCpimOWPY4KisOhkPVlA4aVzDQhuzao4n1uozb1m7x294Q_qDruTRfrNgzhpxx1FDW_jwqVdrHFroWcvaJ6Pqzgl_vPMY--FT7iPR0CowpqMoZDkkKdsbebvABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIKwiA4YAQEAEYHzIHqoKA4J-ADToJgECAgISAgJQoSL39wTpYmpG3wovdhAOACgHICwHgCwGADAGqDQJERbAThMLxFtATANgTCogUAtgUAdAVAfgWAYAXAegXAQ&eventType=clickstring&clientTime=1709640594807&ai=CNKJBkgvnZY6rBvSMxdwPyo2UmA7piNbTdfuSv-SdEuCCoeanQhABIKLPxWpglfqagqwHoAHcxoqJKcgBBakC-SegnlMzsj6oAwHIA5sEqgSSAk_QlNEkcGP9wMmjYkAmsV6L0KkHzoMLArDCWMvsgnQqDScKbb1ltoCKkWlddgkGX3AxE5ZRMWoOPWkcEWj6tPLnxgQNIJJaMb4nQcM1Yq_cUcPqrX2cYTcFxv3klO7fAZpB9YJwA1R4PB8WJxqp0BiiHj1EP_xkH_cECZ0e5saMN50WQq4T9oVVL1vi9-AE3FWWuwB1mxBIYN9LavN_-iuf14fw5VZ3brjFmPyJCwM_yqNQA91pKu6WCpimOWPY4KisOhkPVlA4aVzDQhuzao4n1uozb1m7x294Q_qDruTRfrNgzhpxx1FDW_jwqVdrHFroWcvaJ6Pqzgl_vPMY--FT7iPR0CowpqMoZDkkKdsbebvABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIKwiA4YAQEAEYHzIHqoKA4J-ADToJgECAgISAgJQoSL39wTpYmpG3wovdhAOACgHICwHgCwGADAGqDQJERbAThMLxFtATANgTCogUAtgUAdAVAfgWAYAXAegXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 71D6 0
54 B 480ms
161ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ltebv9mf&c=8139984471445&slotId=4069992235722.5&qqid=CI68uMKL3YQDFXRGkQUdygYF4w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.kr&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 71D6 32 KB
19 KB 108ms
64ms XHR
text/xml 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BMwyIMQ_1c8M9ww-VlGWA-3TPEWA6U01zIYLJJ_OUbMYjWVh4IRX4pR44Fqm-WvELBPjcZ5OgIQdefbWnW4B6acK7Jqg&cry=1&dbm_d=AKAmf-DZv5Y70oJM2n8eNgMZ-Ut7cVWpiifOG14eBtQ0bN8U5xjnf1d4kj_thVB_6LytJvAcFbn1yN5pFZghtNT52xJE6O0ovEBdBNk2wxtZYq6MwvlwsO4OXXxFglMsfhlKjsg2mRRz6zVg7Ijby_kcvSjdDeqOyjNpTsCgPwiuoh6Mli_TQeABJekLh2cEwiZsrC342UuwFfC1hcxwWfm1_ydWnSwIZDo8fY1vUf0s9tJX0U0VDC5uimgF3_dMxV7nzpuwhDn4C5zKUA0W24Z1kfVF2ZJHFCkMxMadycQecUe7ZqVKbb97ki5T4A1osb0GrAK3fhv4HowMFANgmXQADpzrvcmMAGv9tu5kZgiI0ZtVbLjwtkMjJebZsxZoO93roH8ZT5pGlj7fTr_jhBsU96Ko3lPhaV4GvptCzMVhLBcHxVoA7nJe5L_0mPfCRwdi3fUAc3TFfScksnXaqw8wnfY3rzK6lrvF5bk9ctL2c8GM3MBx5kSGD6owjxfFn0UJviAjZ6BMW3KoceRM_JtvzcHdv5OvpHfCrHOjq32ZknZe1hWU324wS80fosfsJgnzRNo2XilhkB6LQz74p7bvG8WKejGeLpXpgdl3Icei3uNMOZUhacUDcU9OcuEEp4YsTl-etydwdgh24bJC0q1CfPn8eJtCQWN8cHYKpFAMNB1ozmTrrTAnhhJ11BXAHhQ1XwuSUJuY9wAQHJJ-WYBHHO0SrfTLYneG-O5m1avpgUZUzzE07a3aOS-83jI6yuhgXlCwm52XkXR90m_cy99aZrrpKH2lKLVK1LF5aHxRCVCoQC9AO-GgXKR_CvXsrRlBMVmp5Ie1SjDrh5Cxkigud_32abTr7oFF0fBZJJzbZIghGXEt4heSNE5GiKTi8NfdV83FOclIuGlzygM5zJg1ur-jV6oOohomUVMiw8gVt40QaBJUHsZMqWiEAZqzbce2l56WDffT5-pFagZ1oA5Nb8bkCVdZ2DNrsZyHsa599d7khUVO_UNLp85ZIUXLUUGNMFTTHYPCVbCbGmYspzKqJb7hjgz4KnRTgzxiyqZBUbOKFd6jehMxckLoejCWdqC-6gMZx_dANDA7KLG2wUaTvrSpm4MNBBkvuFofYnwOC2h1s9uDDyIkvGwuJM2Sp22gYHUIaUxZk2sWXzP5_ODp1GVytmPM5J0VI_fgWPmLvxfTF2Clgx21tJOxPiv5tgnNxxVSAayKsXgKHWGVt7MS5J2wisvNXf2ksfhW0BYCk37qlhbchTQ8N1vKPenUzvGAn6t68y2kjBcgv7HEh4X-Pmuoyp6oGRAkYm3jsMjBY5MD-PUtqGFYSNkybkOm5B1kFzz-6y6Lt9D3-pAlZFx3o8l94vmaF1Y4QMogZ8WlvFzQ5eLyG1V5Yvvn2_n18hsygZzulj4rahRRYKw2tYez-O30iwxmfq3rKH5bO5xR-9VO4fXPP-CT1WC6483T9T5SwoSaljXdW3hFUExUduoEH5LpZMJahKM1bEEwLlzGoDsg-UgjUbp9PaTTE0iQ5bhah6r_1TvQHgwO39QDPTY8R1rLOix4Sa-DWTVG_WN21yH6e3Wm4WV4jWiOGJam0oFhN-o1iP3bQhGDmV3QWyGWr5XOT-BBfdZZC9dvNVw6vH2UZryYYeESjJKmJ1OMDAGWlEk45MhqS2BeDrDpeYhJVSEKFLMyq7THvz9S4o8w0gcc3TGgorYaaGC_rrq_fU8TrJLCCDlA3_nhfZrSPkCNf9CKHhhd22YGsXEJjmOfm6us0eZFAqcNiLEO-4K76q5u4Ej5I7rTCcsIwe3I1_tN1pmujq4MmG4Nw9gSOVccpdg2lFgCTvHXdQ3WZHirLfgnS7DwWanYj2E8xKEeuBH2PawcmXCOYj6DSaYk7unRhU2wPMTAkHwXcwIx3Ih7eHMxBLGhqrekFKrW5SFsPvmIfMt3cQfNTigfiwi5UZij6zvhL4ipKKi12qHQjrbQm1V6_TIju4LwOF44EMgp_E02syT2vgGsbv5xe2wTRmOBKzhMGA_5Q5V_fVKl3_Tg69tkeBWU1uAIQsWDR3gUsybv-gi_mWdNp04F3orjmZe1kkvZZzvEnW-IiYv2QbjynBeLrlevArGPU8OM_FVqQ1hhriuPv1SWJ0Va6Jbz4Y1S3QYtcg2Ab5ScrllWlHhTDj8fMAGTUEF_fEm4Xxzw83lewyjco3LtXkeWAzQ2tq2u639U3Fm5Ia3vClXiRHnWzbPeC-mQEprc4KQ4kIIoReRo9xmG5xn3Vw9r4jEM0tqhYqZlxUWuSlMTRtxWk1un-GYy6Jsy-w28j5FaxrH9JMWLFexuUZAHLnZtzixNRyCm_KsNTQyw62O8Wo8q269pW_VwLvA5zvAaerUs0NP_wLxDY4IBXztbf4B90e-DVwzOt_YX_BOs3R-g0GQOI5ziFecc8Inuk8N6vtAG_IA6cpp-mrVzRfr6KGAN7UTQ0MvQGtvUaufTjJocFtlp3IlXRaPcfwpog2BLf2otddnFOSYOo9ZurkEjrOCJzc5mmIKTE2ykKLrl4aD4AIJ_OSjGSHpkr5im7wlblIZG9UyqDzR614abUoHq_C5A9MLYJXlwNuUIiYqNPZqrVZZ5Vi5gALUfSgpO4fTPOEMAtCZwzM-Vu9_KAJSDOrqSmHts3N8BrdRXqSKRvLTBoJMY6Y66V6Cwbjw8JLbpz7uqDU0Oe7p1syKVUSU4cSs5d2Ahkt4O2IWRgdnjbZtwziUPvf4BlMxLIlP6hOL3m5znZuVjm2aQLA78oW6-vHHnF_LgRyg_FOlTYcYvh9fuJzs1mjsB1dpwlpVUS16bh3kcVNIk-x_4v5_NTltN14V5gEYXJ-liC5Gaj_4WRLOrOdyLiMZ_r_oEWAgbUITi8pJEJAEXdaBYDmaG72Q8TJzFvIrMP-SNZpgkLJ23xVbdg1RdjsbjHQPIQ6puqdM47uy71hseyo7R346bi9bLc7N5SkQ89KqCQ4clkyN7xtwJWQpPVAf2QHbviMADRf9BJhXmbvHzutVKZOyrC6wJnc5FNZz2AWHh8-asgTBBwk_Qa7GxzthuNGWWmbMbWHrdMdKapb5-vNrLqBgK9d3YvoJfhGoetXJdddASvk82yCN5bRve57PNKP-XK6wo9je6kvLYhH5KbH9akBxkwU553ys0Yt2CnapdWK7X2X9lMsT399HTcKKyqUUSf_0K9VC71kwKgWEja5BzEg5K4HB0cp98ZtUe00YBRaVApTrlUNNr1EjCxEyStYfjm0-N3ImASVw848BerPJSt380yP-lFC0I2VihrmCfsvHPp7MhsGGUOxgrnKZTbxxEYwAYxTq6k8tOSc482m4XnVb8RmNm0-EysUUKqPtOaPvqQ0M6Fv-2gbOf5vf2oK2N7JdhPy22cnzLte6pKvt70CRwYXmgQarBid0uh7AoQR1CC9qgAdC43GGOXMJf7Qhz8rJvDDAWgK_qBomfl5WZ90TYkOE4DtCIg_o5XCuQ6j5Kfw-PF41Jr_tqChzjuUSagFnQgCEvXfQoP3NxL7-7zTiwA6rKmAXHI2jdRpKHTFzAkhULz4sGtX3L8K0M522jyo0_iEGCKMN_tgF56knIjNlRMilqmywu200uPDFkMX90QUckLawAzUeZy_eqxtCsH6WdcuH4zuE2-N0SGts8IOAWSp_AOp9L1Nze9WvRqHLkBi6azdpQlBQT9T-j-SfyQlNjSJH0qvIZtLeVVdzyFCbHYrCvFdfIdrSacAcE8ayM-9r0nRJAd7oRv2loXyiK4vsafO7gjtmAvip90CDzUH5gqrU8e369_XXU31l1fq_763NregjgyLwx1f2UqjWSJj1gjP7HBRs_r36V33AWJzK7PvD0ynP6fUHihmdCp0iPG8EjkM-3bpskRqKT-LAm2sA9yZpYkNRtTCKaBFWB-asK-JvXHBvssiAMyOyJpHc16XH5thheBzcUAljwUnulouo6scIAih2ZvKXB7mgdQdXK1MJkJ7B0IOibtq6oGSgAbEm6OqjPwq9IJkI5XdRXl3fBFA8y&cid=CAQSTgB7FLtqnQqdu6iNjvh5AtOzCaBoAWT125wntM1M3jMBGrRZPrz_VyddbkZO18AJLnePeXRa5cN07BWTaneknz3n9L7pUomAoazeE2nCZRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

05770eb4147292926c124257fd14ab53c7f969a03c921bf2fc112257d4e80798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18303
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 71D6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 545467f135c9b2827524a447ad61ed4070c525822a8b23ece94955659a296157

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B0F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
expires: Tue, 05 Mar 2024 12:09:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D174
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
expires: Tue, 05 Mar 2024 12:09:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 526C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
expires: Tue, 05 Mar 2024 12:09:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3E90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjBIFDbBoqt6Om3l2QZdYI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjBIFDbBoqt6Om3l2QZdYI&google_cver=1&C=1

43 B
766 B

46ms
46ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjBIFDbBoqt6Om3l2QZdYI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPiAgYcCMAE&v=APEucNVmWqA-1YPLT_3BXvEvrynI3HnpIDHMp4sBC6ZLhLJCr__u0MkKRTKJkIYXRQwyN2M3JuB7XRv-Y3dIuhogfoDLQC0rgWby_r0WUqJLSA8GX4JIlmWqTUW9pxMpEXCaKwr7-Ax0ndRS6-gDgOclZLIeY7ANTB7VswM8VHOLxLE1dbebYBY
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydyWC8b8NXelaiWhcaSI1wbMR4%2FcEuBCtIPKsK4ChmlbUVxzkRdHL4ptwu3vv9vgYjJ34nxVCUVrvhIhaR7rYszvlqVRkfdfcqSFGz8CU8WDBoPuS7WPxKeOifzH4EHaRc0T8kd2GdkNGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85f9fff67f5b65d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPXkwFxVBhMUMG%2FKh4p82MSUOOxC%2BEhr3tnGt7wHuIZ91Xdmpy2CxYkOEvvOdGpvvUXOnllsa6zkELNK%2F3hZQknctQqsYGIOC%2BzNO1xsFv6uAoufcyTUxhYDDQOmg01V2McjZiQsbE18JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEGjBIFDbBoqt6Om3l2QZdYI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 85f9fff64ea68f3c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3E90
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZecLklVbLaUAAELtABlK9AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjki0vWycDEitC4ovcpp9k&google_cver=1

43 B
738 B

35ms
35ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjki0vWycDEitC4ovcpp9k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPiAgYcCMAE&v=APEucNVmWqA-1YPLT_3BXvEvrynI3HnpIDHMp4sBC6ZLhLJCr__u0MkKRTKJkIYXRQwyN2M3JuB7XRv-Y3dIuhogfoDLQC0rgWby_r0WUqJLSA8GX4JIlmWqTUW9pxMpEXCaKwr7-Ax0ndRS6-gDgOclZLIeY7ANTB7VswM8VHOLxLE1dbebYBY
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diNWyKhw1AKbD4lN8Ze3cIzduTGdJfHGui%2FAxTd%2B9zLYlZouW5T%2FKiznfcuL0tu9mu2S5WTE2KPWolpDgGPfyVrXl8nTaO%2Fa2JT%2F66Ze92rctLS%2FLL%2F7gDQt%2BAYsyA9EK2TpaEODXSinsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85f9fff69f7865d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjki0vWycDEitC4ovcpp9k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 3E90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGy-kOTIImYf5tMc0fC59c0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGy-kOTIImYf5tMc0fC59c0%26google_cver%3D1

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGy-kOTIImYf5tMc0fC59c0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPiAgYcCMAE&v=APEucNVmWqA-1YPLT_3BXvEvrynI3HnpIDHMp4sBC6ZLhLJCr__u0MkKRTKJkIYXRQwyN2M3JuB7XRv-Y3dIuhogfoDLQC0rgWby_r0WUqJLSA8GX4JIlmWqTUW9pxMpEXCaKwr7-Ax0ndRS6-gDgOclZLIeY7ANTB7VswM8VHOLxLE1dbebYBY

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
an-x-request-uuid: a21d5f3b-fd33-40d3-847f-d430dc08f340
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.199; 80.255.10.199; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
an-x-request-uuid: 0839a9c6-614c-4a34-bc96-be258ee64782
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGy-kOTIImYf5tMc0fC59c0%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.199; 80.255.10.199; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E90
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
an-x-request-uuid: 806ee32c-1ba3-42b7-a18a-00e73060e84f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D
x-proxy-origin: 80.255.10.199; 80.255.10.199; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71D6 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI6Z9kgvnZY6rBvSMxdwPyo2UmA7piNbTdfuSv-SdEuCCoeanQhABIKLPxWpglfqagqwHoAHcxoqJKcgBBakC-SegnlMzsj6oAwGqBI8CT9CU0SRwY_3AyaNiQCaxXovQqQfOgwsCsMJYy-yCdCoNJwptvWW2gIqRaV12CQZfcDETllExag49aRwRaPq08ufGBA0gkloxvidBwzVir9xRw-qtfZxhNwXG_eSU7t8BmkH1gnADVHg8HxYnGqnQGKIePUQ__GQf9wQJnR7mxow3nRZCrhP2hVUvW-L34ATcVZa7AHWbEEhg30tq83_6K5_Xh_DlVnduuMWY_IkLAz_Ko1AD3Wkq7pYKmKY5Y9jgqKw6GQ9WUDhpXMNCG7Nq1iY0N6CFNykDxp0AQWbVUGtfAdr3r7Ct66p00voKXUIEvHmAoWDEL8rgEYEtUTlJeYzBD8kWts3lGDj-_IcTAcAEqLyPls8E4AQDiAWH5oLHTZIFCQgiGAFIxO-YApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH3P7a6AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHChCExiAY58KAgALSCCsIgOGAEBABGB8yB6qCgOCfgA06CYBAgICEgICUKEi9_cE6WJqRt8KL3YQDgAoByAsBsBOEwvEWyBOx7pLkA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi00MzgzNDE4NzIyODI2MDY2GADoFwE&sigh=GMiUEveJjUo&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqnQqdu6iNjvh5AtOzCaBoAWT125wntM1M3jMBGrRZPrz_VyddbkZO18AJLnePeXRa5cN07BWTaneknz3n9L7pUomAoazeE2nCZRgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BBE 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1990933590738&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BBE 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1990933590738&version=m202401290101&ct=76&x=1&cor=8657584897791328000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2BBE 94 KB
39 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DU_KT7CGRgdaO9BL1hbys5CrpySJZgx6GFmiXGe5R-gl97Eqj_Wv6_4K9NduAnraOzKoEBE6cNYvXh_kB1uX5CgKMwCE9D5r1bORVbYKYaihLLBc5VPl6a_yIgx1_TmrVcSLLMCws0UTpNN1wEXCcPZd8YvdedDnGT0rLbkPFTwmr5q4Eag9Z7mg_MBAuKIMAKaRo5jSVPmDJnlrOBx-yVls70Zg&dbm_d=AKAmf-DCLDzaK2yXXvp8h_-7AD-8LCIR0mRjRfjEgOLZK4v8LJRxR6hkoPEGlbNbX7IS9nqAw6e3__EVWXBe4kkVFEqfF-agbgGyHj1BNq8EWpn6BoPSJLu4St_oOypaWbaq-ojAb4CA6ZrA0TbtWHvuHSLc534fkbcIgqFuNjhUvQn-PmN68Z37lm0NEhZcKHq4AgVIU0hvnVO3xLpZkYOqJhakH8zJNwwq2UPif_8RJkLRHSMesPH_1EqHWuUDqc-S3xDViAxS5r3PVfHIRPPGaflEADsJ87bE8eu9g_QQ7cqQGto8ncvinqslDpLr4aVxmA8vlw9K-aXwZch03nLriVWG63NLPMPMDRoQFHLmuWUFeuivB-q6pQdsqt5UsYOLPpKQkfHDVPrXRAUFn7TQ5v90LPrTDB1Gq7uJJ0t1sUxRhqjyZUTu5ddNXfEWERqbhbl4MAyBWxUuMXUiBy1By99JYX6HO0_OaT01rnd0Q2k_5XxsnHfw9D69zcu7gma3FX_NnNkb4xpLP-H6fsrpVtODEEhl5v7cHxvJDCtvA46kC9h6zeLq308F9IDyoRvzLPS7aLqz_KAdfzfgCLB7TApesKKj8LU8EfkfIDrML2JNfCJTtkaBnjRuBujfW_foHjs9S9TNXnax8RgOiRipRev4gvPJQDBfllOOVMcC6PhvU2wB4SGzzRLQlj1Ob6NyMZoPfKnyVj-I4C5Try_yoUkefNIMR1GOdnZmKItCW-ooZJ-ooRaQAdRsfYzTAhYbfk8Ddtwjs6562UDx3XJEpIhkcVCFO3HAmoX734ZJ_DvSNMWLk_iNmNbavTVIKLTm9w_BCHqERGGf7ixwF4fLDZ8CdJNSYzLoSyr3G02ZxsFzeSRTUWoLIaMYCuJEsDEYO_lpwzxl32IPatGQ4wgb0d4tHCNeCJ80BdBOq6acZyNKuNoTZEAcJvkBSE8e_vfbJHmRYTCzTNEG5cUk3FkJYZFUh6UxRjAgEB_JiwsFXPpBfsURyauItK2iUbWuO7vcZazLpi8f0ZgbAi4HODHpIKV_iz2kU4kW0baixSxl2ezH_hf4b5j_m2Hzb3jvVC-lFS0kAsIDnQwMji-zqdBbGed6pd0GTTsuJ2BymwiCMztZ9I2QQMzCL2xe3Q3ew3LddJXfHWscP62Je2b4bh-oIb7C_Dm837vvdnAbZl7pBvSco8gwJNcEefdHosO5iThK9YAegnpyT8452QBrv3nqEtwbAa8cx-avqfBWrsXWHUfiEouBZw_lwaaQKcbY7y9zpbUyGzMa9-YcVVBLk1vERUG9K9ylaBBOFmEIdvZ8C-1PUzNGkTYPWU0Fhk6p9kqto6Kx0pKlxHcSPBD2DoogVEyEqOkWNCUqPedo64XP0XvjHQ4noRcx8aZZX6XR61a5vzpvtu08FWvZP0TkgoA42vmcZdRwdCUZYWuDo4DcpeIi63kW79U10d5WkI1zP33pF6hZnXL3f6n8PRmhH_GpzzRfj0Avo_0amSqStWOd1OVkYNp_D5G3NqMqQTO87SKG4epnfF1M-hkoRQoiBru_VyhnxaJB-gWfljsi5S__kCkis7pODMALPjyAhPc1vh7nOqp2imBlB5z5zN3Wh_P0ZmdYR_3NFEZkFdkE3o6-chSnZunHl0Q_0nk4y5mkXNahRya8GzqqZMqMxchczIbg4B4Xwt4ncyf2N4xA53PC-F4js3KOuOqwT4wB3VZDym00CdJFG40Q-EfQ2jtrFidoBkpaO4MdcsMa22SrO9YwhiC7pr_5cSL8CW0cim39zSlp1NbUHABnjS-fOCZE2q_9tChgmN5pi79-1oo36xT0-ACZvEuM85p88-FfxAg4PCmC6DX7JD_JjG_QvTU2izVatDhhOhANbXeg_T289Jo8__Av8nh7oP5EOwua0SLnUXmvB1a69ZNkuNzCzhRV985UFjEwgewAkF8wv4tlLoqYNxA1wsyomfFAHA9ktogYicgyulA1eisb2HuZSOtyEB53sGNOYgO_dEnrA2OitKXXVTTR1sNlAcAfnFer3zTeotm1XeQzqB3bM343fD0P12RhWW1pcmvyGjxH85BogKAC6s9OXbOQt92zUQzMwhDK_26nKfe8I3bBksHGax4xqHP7S9FLLVOIUy2qXIKzQEzsNAs6YKKdXjIwJSasjyz5EBThZHfTL6EZVQggHBrFJv2lsK6tTdu319Q1-6vn8jmg_A_MNuqEe7QYu3XCuPfyj6piUSfsG9SxQz3TzuHBoqksTAtmXat8pL02rGOb09ClBQWKhYoGH1oxExcr2hD_0FyeHTDGpikiTXGRpEg4CsMImbZyCHu0IMaXJLOh0a8hl1egM_rMPTasckpQ1U_-jE2Rvbz_BbhgPijmrS1Ix96DeExv7_gAceg3v6I6mGnwhYcEbTtqmFGIkkXFCDVicI_BA2H5Sly89MNXy1vPbNZgDv5cGI4j4b6qiazgeO1jpucsHR9O3FWgkx78OFRaIcTvMyaBXKXuVOmk0gRdy0Do-tmyxPivHQuiYnPOv6njK0RllCEy6lGipGr8OreQM3my7X5LqK49hfubRKGu5eBEUBvi0btToDUWOY_jAM_4zLFhBXZtd05pRwI8I0xTzR_4x8mXBiCOMCEdEK0x409iWR0z701VekUigfuJRKVAA89x7Mengp3K4zIN2I6M2cBld8qK2zMdqDRoJF6F7ImYZ8KX_rxwu2OgY8GWr5iqb8dBEm8OJDd7Q2pD3jq9g-4GCpDrhrpXjR6NNRvND6D8g3fiYleCfOksCYAcTxVKqb0Dnuw3aBfOEU0iu-nDMTaBqGuYyPIUAUb64zx1xKWbZ5BysIfsCFn7EPxtFi5xJxETbsKX_oBYdHhF6zu8LkMfXbzKiKOHbzwgvdgARae0gM8XAquNH-NUznXYuD6kG9Y8SpWqklwogHbaVHwas_Jgnl1V0VK4YIc3GlNHztwI0A2n6rTYdIw1OzrpleIPMEKc06QjDr3e3k0rOgR_PGjkn-lCFUrUjzyNgVHpm5D1S4BIc95Gt5PyUvOS2zNOFGYdOld1hjNVtgVloos1ZwtlVxFKCVvlyQ5nxHg-vZhwNgIZ9cxRo4W2RhS8QuZbzb-slVT3ltApT5Bgc9lWeYjEQef7Vax7Q0MzZ3e_7eZa6_hkU9LJQBYFW5PQywhtyKix6T0UjXggVEscA6oj6XxJ0A5UeyYXtiKXIXC_NQ-CRdKuwaGWzc2RFtn1t7ZTbLLfviYJTw_vGUUi-DVq49wKEkwNe5vOGbMqRf4QMC0i605Llg-ZavcgXa25RFVraF8eANKMpTOPSpAW_0IOnE0HbgNDnOpYOLf3IHk5pYS2X7NjR3m6pECv6GTpFQuUfvnzAJeHI2ueaf71LdMHTS0_16Ekyx1MeIYEtlFsHRDAZX2J5XE1rvJB3P57MBqIOqgbd5E7U4LYx4dmFesRZHbNMYx7hYAFVI48h7SIuAVu66y79QkPblRYK28gKRkHCocpltZ1gX5oJE0nVnwKQ5qmp85MNvCwrMLzlU8YTFWIbge9oosUeF4KEdblCx5IkcqLaqd3Vj3IO5BN4X-8voccNlRCHC0EGjCB7_L9kI5fYKLeKOFyGCZ9J7SDcS2HSzIhdZvXNlb5LSL3PSgZnePRLytgOJ8HubeDle6s7DBQNToO5bUOTh9zn8-P_6rAUrBLO-E043fy_Lz8_D-AtfqJUKDPxHwd5DOJDwl_Ag64wyqrraPgPTtqkcWIz_h1iKIkikt0SCDrp57nFVzt4J5Q3eySu1vrCGvipoKbFK-UbwF9fXEn58jIHBjWoHNO1FL7-RfW5SkRKYMz7FbvPDMPOE7cQwyZ3dV9nqnZZI7vU4Ca_d0sH1Qwu9y-Vzp62QYBxoLEj-I&cid=CAQSTgB7FLtqUMzjMkS664vq1vIxAquIFxFzgiOPKLpplh2w0D2bwMjuoVJiyPHUiq7EHBctKyBJZgsqFKzflPOn86KozuPM-5MKqZ5nMIvZLxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fmcmpiqq.top%2F&ds=l&xdt=1&iif=1&cor=8657584897791328000&adk=1877897942&idt=55&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18130d41cfa13c342fd6593fc292694bf4a4eee0aaf6f067657be312ed627afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39987
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 71D6 0
234 B 361ms
159ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ltebv9mp&c=8139984471445&slotId=4069992235722.5&qqid=CI68uMKL3YQDFXRGkQUdygYF4w&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 71D6 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:58:09 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/acao,ctier,expire,id,... Frame 71D6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/ip,ipbits,expire,id,itag,so...
https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/acao,ctier,ex...

0
0

66ms
8ms

Fetch
video/mp4

2a00:1450:4001:1c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/51526C3F5F0F91A4EB7754C20C1447B7A2B029AB.2C9EF75586BEA44EC14D5DF720467DCD5F15D7DF/key/cms1/cms_redirect/yes/mh/bX/mip/2a01:4a0:5a::8/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1709639452/mv/u/mvi/3/pl/42/file/file.mp4

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:1c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 12:09:55 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3039087
Last-Modified: Wed, 29 Nov 2023 18:17:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 05 Mar 2024 12:09:55 GMT

Redirect headers

date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 669
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/51526C3F5F0F91A4EB7754C20C1447B7A2B029AB.2C9EF75586BEA44EC14D5DF720467DCD5F15D7DF/key/cms1/cms_redirect/yes/mh/bX/mip/2a01:4a0:5a::8/mm/42/mn/sn-4g5lznl7/ms/onc/mt/1709639452/mv/u/mvi/3/pl/42/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 71D6 453 B
585 B 40ms
39ms Image
image/png 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4383418722826066

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Tue, 05 Mar 2024 12:59:54 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 71D6 0
54 B 359ms
162ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ltebv9py&c=8139984471445&slotId=4069992235722.5&qqid=CI68uMKL3YQDFXRGkQUdygYF4w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1716&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.o4~atrd.o6~videopreviewvisible.o8&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1364 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:38:25 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3CBB 23 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 08:49:39 GMT
expires: Wed, 05 Mar 2025 08:49:39 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A51 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:38:25 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2BBE 111 KB
39 KB 55ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 03:55:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/ Frame 2BBE 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DU_KT7CGRgdaO9BL1hbys5CrpySJZgx6GFmiXGe5R-gl97Eqj_Wv6_4K9NduAnraOzKoEBE6cNYvXh_kB1uX5CgKMwCE9D5r1bORVbYKYaihLLBc5VPl6a_yIgx1_TmrVcSLLMCws0UTpNN1wEXCcPZd8YvdedDnGT0rLbkPFTwmr5q4Eag9Z7mg_MBAuKIMAKaRo5jSVPmDJnlrOBx-yVls70Zg&dbm_d=AKAmf-DCLDzaK2yXXvp8h_-7AD-8LCIR0mRjRfjEgOLZK4v8LJRxR6hkoPEGlbNbX7IS9nqAw6e3__EVWXBe4kkVFEqfF-agbgGyHj1BNq8EWpn6BoPSJLu4St_oOypaWbaq-ojAb4CA6ZrA0TbtWHvuHSLc534fkbcIgqFuNjhUvQn-PmN68Z37lm0NEhZcKHq4AgVIU0hvnVO3xLpZkYOqJhakH8zJNwwq2UPif_8RJkLRHSMesPH_1EqHWuUDqc-S3xDViAxS5r3PVfHIRPPGaflEADsJ87bE8eu9g_QQ7cqQGto8ncvinqslDpLr4aVxmA8vlw9K-aXwZch03nLriVWG63NLPMPMDRoQFHLmuWUFeuivB-q6pQdsqt5UsYOLPpKQkfHDVPrXRAUFn7TQ5v90LPrTDB1Gq7uJJ0t1sUxRhqjyZUTu5ddNXfEWERqbhbl4MAyBWxUuMXUiBy1By99JYX6HO0_OaT01rnd0Q2k_5XxsnHfw9D69zcu7gma3FX_NnNkb4xpLP-H6fsrpVtODEEhl5v7cHxvJDCtvA46kC9h6zeLq308F9IDyoRvzLPS7aLqz_KAdfzfgCLB7TApesKKj8LU8EfkfIDrML2JNfCJTtkaBnjRuBujfW_foHjs9S9TNXnax8RgOiRipRev4gvPJQDBfllOOVMcC6PhvU2wB4SGzzRLQlj1Ob6NyMZoPfKnyVj-I4C5Try_yoUkefNIMR1GOdnZmKItCW-ooZJ-ooRaQAdRsfYzTAhYbfk8Ddtwjs6562UDx3XJEpIhkcVCFO3HAmoX734ZJ_DvSNMWLk_iNmNbavTVIKLTm9w_BCHqERGGf7ixwF4fLDZ8CdJNSYzLoSyr3G02ZxsFzeSRTUWoLIaMYCuJEsDEYO_lpwzxl32IPatGQ4wgb0d4tHCNeCJ80BdBOq6acZyNKuNoTZEAcJvkBSE8e_vfbJHmRYTCzTNEG5cUk3FkJYZFUh6UxRjAgEB_JiwsFXPpBfsURyauItK2iUbWuO7vcZazLpi8f0ZgbAi4HODHpIKV_iz2kU4kW0baixSxl2ezH_hf4b5j_m2Hzb3jvVC-lFS0kAsIDnQwMji-zqdBbGed6pd0GTTsuJ2BymwiCMztZ9I2QQMzCL2xe3Q3ew3LddJXfHWscP62Je2b4bh-oIb7C_Dm837vvdnAbZl7pBvSco8gwJNcEefdHosO5iThK9YAegnpyT8452QBrv3nqEtwbAa8cx-avqfBWrsXWHUfiEouBZw_lwaaQKcbY7y9zpbUyGzMa9-YcVVBLk1vERUG9K9ylaBBOFmEIdvZ8C-1PUzNGkTYPWU0Fhk6p9kqto6Kx0pKlxHcSPBD2DoogVEyEqOkWNCUqPedo64XP0XvjHQ4noRcx8aZZX6XR61a5vzpvtu08FWvZP0TkgoA42vmcZdRwdCUZYWuDo4DcpeIi63kW79U10d5WkI1zP33pF6hZnXL3f6n8PRmhH_GpzzRfj0Avo_0amSqStWOd1OVkYNp_D5G3NqMqQTO87SKG4epnfF1M-hkoRQoiBru_VyhnxaJB-gWfljsi5S__kCkis7pODMALPjyAhPc1vh7nOqp2imBlB5z5zN3Wh_P0ZmdYR_3NFEZkFdkE3o6-chSnZunHl0Q_0nk4y5mkXNahRya8GzqqZMqMxchczIbg4B4Xwt4ncyf2N4xA53PC-F4js3KOuOqwT4wB3VZDym00CdJFG40Q-EfQ2jtrFidoBkpaO4MdcsMa22SrO9YwhiC7pr_5cSL8CW0cim39zSlp1NbUHABnjS-fOCZE2q_9tChgmN5pi79-1oo36xT0-ACZvEuM85p88-FfxAg4PCmC6DX7JD_JjG_QvTU2izVatDhhOhANbXeg_T289Jo8__Av8nh7oP5EOwua0SLnUXmvB1a69ZNkuNzCzhRV985UFjEwgewAkF8wv4tlLoqYNxA1wsyomfFAHA9ktogYicgyulA1eisb2HuZSOtyEB53sGNOYgO_dEnrA2OitKXXVTTR1sNlAcAfnFer3zTeotm1XeQzqB3bM343fD0P12RhWW1pcmvyGjxH85BogKAC6s9OXbOQt92zUQzMwhDK_26nKfe8I3bBksHGax4xqHP7S9FLLVOIUy2qXIKzQEzsNAs6YKKdXjIwJSasjyz5EBThZHfTL6EZVQggHBrFJv2lsK6tTdu319Q1-6vn8jmg_A_MNuqEe7QYu3XCuPfyj6piUSfsG9SxQz3TzuHBoqksTAtmXat8pL02rGOb09ClBQWKhYoGH1oxExcr2hD_0FyeHTDGpikiTXGRpEg4CsMImbZyCHu0IMaXJLOh0a8hl1egM_rMPTasckpQ1U_-jE2Rvbz_BbhgPijmrS1Ix96DeExv7_gAceg3v6I6mGnwhYcEbTtqmFGIkkXFCDVicI_BA2H5Sly89MNXy1vPbNZgDv5cGI4j4b6qiazgeO1jpucsHR9O3FWgkx78OFRaIcTvMyaBXKXuVOmk0gRdy0Do-tmyxPivHQuiYnPOv6njK0RllCEy6lGipGr8OreQM3my7X5LqK49hfubRKGu5eBEUBvi0btToDUWOY_jAM_4zLFhBXZtd05pRwI8I0xTzR_4x8mXBiCOMCEdEK0x409iWR0z701VekUigfuJRKVAA89x7Mengp3K4zIN2I6M2cBld8qK2zMdqDRoJF6F7ImYZ8KX_rxwu2OgY8GWr5iqb8dBEm8OJDd7Q2pD3jq9g-4GCpDrhrpXjR6NNRvND6D8g3fiYleCfOksCYAcTxVKqb0Dnuw3aBfOEU0iu-nDMTaBqGuYyPIUAUb64zx1xKWbZ5BysIfsCFn7EPxtFi5xJxETbsKX_oBYdHhF6zu8LkMfXbzKiKOHbzwgvdgARae0gM8XAquNH-NUznXYuD6kG9Y8SpWqklwogHbaVHwas_Jgnl1V0VK4YIc3GlNHztwI0A2n6rTYdIw1OzrpleIPMEKc06QjDr3e3k0rOgR_PGjkn-lCFUrUjzyNgVHpm5D1S4BIc95Gt5PyUvOS2zNOFGYdOld1hjNVtgVloos1ZwtlVxFKCVvlyQ5nxHg-vZhwNgIZ9cxRo4W2RhS8QuZbzb-slVT3ltApT5Bgc9lWeYjEQef7Vax7Q0MzZ3e_7eZa6_hkU9LJQBYFW5PQywhtyKix6T0UjXggVEscA6oj6XxJ0A5UeyYXtiKXIXC_NQ-CRdKuwaGWzc2RFtn1t7ZTbLLfviYJTw_vGUUi-DVq49wKEkwNe5vOGbMqRf4QMC0i605Llg-ZavcgXa25RFVraF8eANKMpTOPSpAW_0IOnE0HbgNDnOpYOLf3IHk5pYS2X7NjR3m6pECv6GTpFQuUfvnzAJeHI2ueaf71LdMHTS0_16Ekyx1MeIYEtlFsHRDAZX2J5XE1rvJB3P57MBqIOqgbd5E7U4LYx4dmFesRZHbNMYx7hYAFVI48h7SIuAVu66y79QkPblRYK28gKRkHCocpltZ1gX5oJE0nVnwKQ5qmp85MNvCwrMLzlU8YTFWIbge9oosUeF4KEdblCx5IkcqLaqd3Vj3IO5BN4X-8voccNlRCHC0EGjCB7_L9kI5fYKLeKOFyGCZ9J7SDcS2HSzIhdZvXNlb5LSL3PSgZnePRLytgOJ8HubeDle6s7DBQNToO5bUOTh9zn8-P_6rAUrBLO-E043fy_Lz8_D-AtfqJUKDPxHwd5DOJDwl_Ag64wyqrraPgPTtqkcWIz_h1iKIkikt0SCDrp57nFVzt4J5Q3eySu1vrCGvipoKbFK-UbwF9fXEn58jIHBjWoHNO1FL7-RfW5SkRKYMz7FbvPDMPOE7cQwyZ3dV9nqnZZI7vU4Ca_d0sH1Qwu9y-Vzp62QYBxoLEj-I&cid=CAQSTgB7FLtqUMzjMkS664vq1vIxAquIFxFzgiOPKLpplh2w0D2bwMjuoVJiyPHUiq7EHBctKyBJZgsqFKzflPOn86KozuPM-5MKqZ5nMIvZLxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fmcmpiqq.top%2F&ds=l&xdt=1&iif=1&cor=8657584897791328000&adk=1877897942&idt=55&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 21:02:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/ Frame 2BBE 30 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 9162932350781899495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:55:12 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2BBE 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 13:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 13:46:32 GMT

GET
DATA 200
OK truncated
/ Frame 2BBE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 018050169771cf9946f9bdfa5284535a9d9c7c90616189d2a8a28f4046c2e792

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 924E 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:38:25 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 61F7 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 16:16:15 GMT
expires: Tue, 04 Mar 2025 16:16:15 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CBB 51 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:38:25 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2469615605381150846/ Frame A693 15 KB
5 KB 24ms
9ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93873af7a813c879f0cf347e3766be979509b08ce5147646101e1a5fb1f6c84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 14768
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4973
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 08:03:47 GMT
expires: Wed, 05 Mar 2025 08:03:47 GMT
last-modified: Mon, 12 Feb 2024 15:35:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2BBE 0
0 124ms
60ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstx8iY_9oQpWmqU-DLpJ75GbQIp78KZB0cjAWq1lTx6e6E9HMNFqSs0FgwQgk4BJGUxcgvzBmzGUPVtOs2RHZXUS5Q-5238q-WnhPxElls3o_Err-2q050XKc-Lun43UxxcJX85LJdKKtymv-gIjoZIZR_OTsI8tvmpY5ewggIwH-yw2qnZ43le5m0nSzdb_1KSh2AgFttIFDaKK92rA4pswb0frFoA74ghKG5mkUOF--AmtY1JYjdeP5R9wPckRjpecjKkwFN0TxFKsip6QmfCKG2kbiFfqkCu2-DBJheIKup0mYtfWG40pwt8WSD8DWkTwCEqC7QmlkAiYfyfViw4yvuARv-fOdxl_h-ky2ImDR3lgDnnrAuNu3Vh63h3HWi5W-EkG6nQkYraQJiTXvH7wO1pxImdjnJLz66MloUDyD69jfHLuqf63t3HOCWzfFtt5KofD9_rQCs7J8FpHuCTJLIOTGT15UU3hbuw5u--b53fB1ny9m79ZcMzDuUxvQ2vocctygTQJ3iXFYnI8M1mk2l7P4qaNP9vrLmpp9achycuGBWG7JdJwgNfn1R9bj0TZ8yHXdITfJm8Wb5xoaxU_jkIMawYaZvoea8LHGr8XA2-zVpjBqQiLufFiep_fXd1rX0iaNiVGxGHFyy6F9E8r0bccNyn74TWv8b7MvD61knUuVCDynEhnLIjfbxmoWL4bWZxRQCaalDm0Efgc6EIuNDgx2JFhKx94L8oyGB8POBFyqmPqnUVF8_F50wMwe9L0sDeD2qOCTkzBs5sD1p2ahmk5CstJ7tRSZ-k00pORJa_tWz1WQjAiOcIFeu3m7pqZNVlBFqMHZc3S-l1wJOfD_EQPe5RMSWacnnbut49lY2xesrE4mMedof-Ps_hmsBfU5DG8HcofSMkk46RctfjTX_FRQh5hItiQKD6lThSIc_uvDKkbNqOw-n4SjTkr-IQ6Sqd9WBXeqaCtyb73CYQTsVLke75Ne4e10vBPqtApiKgPKwzPN4Xo-iBDQBrnZQ7JHloAt0Fn-j2MzQfHHZH5Z2A1vI2MQ8gSodpR8Llvi-O0ITeiKe5vsTro6l39JGIw7oqAaSrh3R8skT0JuLjqmVZ74BcUC7PEL2Ox1GEUImimA9BPIs4A16wLxFgk0W5mXwcwaGYXOHhe0Ul0K-InNJQgwpECG8nOwsdHcCgYBX4DAxFwhlLkoyQtnsnOLYIfSLDOCoRwbXuhUremh0aT7TIM0Lop8mm5rNOWF6gnu0ZauHTPO7yxuipglJZw0irESyVaV4Aq7w3Q3Lnx9sl6G0dTxKRE8zqI3iDKh0b8aN6D7smnIRRcvZZgLLp0C6PjXVSghj0K8QO7x26Nm85DrHO5938DpW048KoaWKOVjXexslT_7iXVi97_ydx3tjNve0MzuLwXpD11sdVC9xe3CQwG54clVCCQxLqbaggB-Ltb9Ub_xXRKfbTGuQx2NoE5ZKa_Q&sai=AMfl-YTORzG5ApTkpD3Eyuj8C-l9HoPGES8B8AUGd9CArpTjtnKHwHdpXIGKpNeNXsD8kUpF419ptihRiXGuXUU4Gk1Dn5GC2Yjq-JYpAb3FbBYwXGkX2zdxNMz1ruSqH0cQtQuh9wzWHwAU9x87idgJ4y3Lr-evtDsK-WVPFMOfr0GeNuTNSu49ZYVmbaUS5uUhGNk3wBAmDZFxaWOFx_e5OFARcMYxx9sy6ZYLgQ4OShFcUgzVdWFDFV1ysPfmX25iSSiTN0ZklKOuOVdZjcmtpDYt1UyfCqwMEqkWuaEBZgng1o6_BSL6zno7-qOACaM&sig=Cg0ArKJSzEbwHKdRnIU_EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=102&cisv=r20240229.73433&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 2BBE
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=210662259&d_placement=387525181&d_campaign=31430666&d_bust=2943451182&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=210662259&d_placement=387525181&d_campaign=31430666&d_bust=2943451182&gdpr=&gdp...

42 B
732 B

46ms
45ms

Image
image/gif

52.211.226.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=210662259&d_placement=387525181&d_campaign=31430666&d_bust=2943451182&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Server

52.211.226.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-226-3.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v057-04f2bca97.edge-irl1.demdex.com 10 ms
pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: J6bhEMfMRUE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v057-0b318dcce.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: gEq8Qqk2QdU=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=210662259&d_placement=387525181&d_campaign=31430666&d_bust=2943451182&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 2BBE 43 B
1 KB 64ms
18ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015817291&extPm=551567480&extCr=21021886065&gdpr=&gdpr_consent=&rnd=2943451182

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 05 Mar 2024 12:09:54 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 05 Mrz 2024 12:09:55 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A693 236 KB
63 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 42CD 624 B
242 B 47ms
46ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYs72zhgIwAQ&v=APEucNVkrsl0SXtvx4FCMIt2js0uiiRvn0j-vT2m3T7_Oo2AI8dxJLfnbflY5X3H_ml_xS_IfSfx6pRAEfTKAVzcgQStp5v3IdYgdukANYe_uHZJ42DpIPwJIV_Eh-zu20UriTquR3fL8aWn8ld2wouNSdRydQfUMGLYOoo-L3TYbwhN7VLZPao

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 87A3 93 KB
33 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 87A3 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 08:49:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/ Frame 87A3 20 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240229/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:33:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 87A3 0
0 16ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRm7vg6J9iYIkG9Qlm9C0eKnByOTNKSeEFLAcCTNXJNND6igdm8-BMbnEQPjrfaODaZ39FMu61XMz9XnIN0htfSIpHL7w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 87A3 207 KB
63 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 13:09:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87A3 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhSix4DYa3EO201GaFe6vXROfX5LODKTfPmo5-EbDEEOeNpzc0W-FLi6JgKNeG0V5Mc2tKvN2EgudJ-uvVMcXpNYHkGcl_COHaQ8iZ_Jg6tGGiopU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-4g5lznl7.c.2mdn.net/videoplayback/id/8561c36580b618e9/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741176594/sparams/acao,ctier,expire,id,... Frame 71D6 3 MB
3 MB 18ms
7ms Media
video/mp4 2a00:1450:4001:1c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2866e8917942a3ef4fa7cf6eacd61e51a0534b17134b0d1219a5f1c7f3886bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 05 Mar 2024 12:09:55 GMT
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3039086/3039087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3039087
last-modified: Wed, 29 Nov 2023 18:17:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 61F7 51 KB
20 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:38:25 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 42CD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1

43 B
737 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYs72zhgIwAQ&v=APEucNVkrsl0SXtvx4FCMIt2js0uiiRvn0j-vT2m3T7_Oo2AI8dxJLfnbflY5X3H_ml_xS_IfSfx6pRAEfTKAVzcgQStp5v3IdYgdukANYe_uHZJ42DpIPwJIV_Eh-zu20UriTquR3fL8aWn8ld2wouNSdRydQfUMGLYOoo-L3TYbwhN7VLZPao
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3aPCzHeY3%2FDwG1sqjWRZ1YKsaJTPU7H7aM%2FnAEmSPl6GZlbuNfAffP8U8DQfX3qnJ6itP7loV%2BrTFMqg0aUAeh%2BExTKXU2YzOcwZ6aPH9nsHKaDG0puu6PbhzXpDiCx%2FW3caX%2B9cM9KGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85f9fff8299d65d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 42CD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZecLklVbLV8AAAlWABkHvgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1

43 B
728 B

32ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYs72zhgIwAQ&v=APEucNVkrsl0SXtvx4FCMIt2js0uiiRvn0j-vT2m3T7_Oo2AI8dxJLfnbflY5X3H_ml_xS_IfSfx6pRAEfTKAVzcgQStp5v3IdYgdukANYe_uHZJ42DpIPwJIV_Eh-zu20UriTquR3fL8aWn8ld2wouNSdRydQfUMGLYOoo-L3TYbwhN7VLZPao
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zev8Ncg3UtYUJf4VrrIqHmbjTbu%2F8Kn3w5EkKYOVBOGzqJ9IviOlo5YnhweRUmiCe6S5YDKiOEbCPioA5CWf9eS3zdHcRWcZ9kLRAo5WsJ49rWpsyUdy0cDSogrN96PdSsYCLG99LN9nMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85f9fff85a0c65d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHul145efFP5l1CY4gYI_YY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 42CD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECcqBHVeUwojtZaD9AV6KZQ&google_cver=1

43 B
1 KB

33ms
33ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECcqBHVeUwojtZaD9AV6KZQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYs72zhgIwAQ&v=APEucNVkrsl0SXtvx4FCMIt2js0uiiRvn0j-vT2m3T7_Oo2AI8dxJLfnbflY5X3H_ml_xS_IfSfx6pRAEfTKAVzcgQStp5v3IdYgdukANYe_uHZJ42DpIPwJIV_Eh-zu20UriTquR3fL8aWn8ld2wouNSdRydQfUMGLYOoo-L3TYbwhN7VLZPao

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
an-x-request-uuid: 749b2e86-df96-43da-b898-4ab24bd58ed1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.199; 80.255.10.199; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECcqBHVeUwojtZaD9AV6KZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42CD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
an-x-request-uuid: aa6148b9-acb6-46eb-99e5-5541a1a882cf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3OTg3ODAwNTI1MjU2NTI0NA%3D%3D
x-proxy-origin: 80.255.10.199; 80.255.10.199; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_oe=ChMIks_nwovdhAMV6o4nAh0_5QSaEAAYACCmrJNiQhMIjry4wovdhAMVdEaRBR3KBgXj;dc_eps=AHas8cDOz1jskWm-i8xmCUlEtfHruFFepn8fqMj9Y2Kc-V6_aCUo9vcWDOmxStLWzYej2iB0EQg3vHfroLf-furaCjq_jS1E3g;met=1;acvw=sv%3D...
ade.googlesyndication.com/ddm/activity/ Frame 71D6 42 B
401 B 79ms
44ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIks_nwovdhAMV6o4nAh0_5QSaEAAYACCmrJNiQhMIjry4wovdhAMVdEaRBR3KBgXj;dc_eps=AHas8cDOz1jskWm-i8xmCUlEtfHruFFepn8fqMj9Y2Kc-V6_aCUo9vcWDOmxStLWzYej2iB0EQg3vHfroLf-furaCjq_jS1E3g;met=1;acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D557339501;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1709640595199;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D6 42 B
64 B 52ms
50ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CNKJBkgvnZY6rBvSMxdwPyo2UmA7piNbTdfuSv-SdEuCCoeanQhABIKLPxWpglfqagqwHoAHcxoqJKcgBBakC-SegnlMzsj6oAwHIA5sEqgSSAk_QlNEkcGP9wMmjYkAmsV6L0KkHzoMLArDCWMvsgnQqDScKbb1ltoCKkWlddgkGX3AxE5ZRMWoOPWkcEWj6tPLnxgQNIJJaMb4nQcM1Yq_cUcPqrX2cYTcFxv3klO7fAZpB9YJwA1R4PB8WJxqp0BiiHj1EP_xkH_cECZ0e5saMN50WQq4T9oVVL1vi9-AE3FWWuwB1mxBIYN9LavN_-iuf14fw5VZ3brjFmPyJCwM_yqNQA91pKu6WCpimOWPY4KisOhkPVlA4aVzDQhuzao4n1uozb1m7x294Q_qDruTRfrNgzhpxx1FDW_jwqVdrHFroWcvaJ6Pqzgl_vPMY--FT7iPR0CowpqMoZDkkKdsbebvABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIKwiA4YAQEAEYHzIHqoKA4J-ADToJgECAgISAgJQoSL39wTpYmpG3wovdhAOACgHICwHgCwGADAGqDQJERbAThMLxFtATANgTCogUAtgUAdAVAfgWAYAXAegXAQ&sigh=bd9VFJiTAag&label=part2viewed&ad_mt=13&acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D557339501&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1709640595199

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 71D6 0
159 B 54ms
52ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCAjDND-NQWMvg78JGKdh6QULR0PGSPVKhiuQC85zrUPT-JGX0OICtqo2v41ROS6TXWFI_9qc8A4B9Jo2vIGueDoHOMy7zi3RxZxzx5qSSUa-_DZKk7FXzNGj81PyelFmPAHcGNbB0ZGwEUqld3u9U6LTU_gq8nZkEEhClMMHH5HhGqYREDochZHlVmqP1iw7j1s90-r5pZ13dsna_2bj6zYC1ZXpBNPJmyVpIap8WdJnUqX4NS1Nr7Fd9M5l5z7OzW4WK2_ls3lSHi2ImJyNoPpBIFCFPEbGdY7aWi7FoGXNmv9W5s9hJDDTCyBeagLv-dlTrzMzQaXR5gvqkDakpqAMQ0zN-aMdhzdPgnPhBdGQ0dk5uvgAtsT6BDpn8jVCBFcDdUAWJ2teGC0Vvo0RNojZ9_9reFygkNVgzBnct7F4x3qxdRJfx1mBJGgT0y8C-yNAQgDSMOCj7TBVT9ApAhzJznftkbDaN1dktPrnsWDIwO0XFIVmdwpUH2cfII-Cwi0fO4EkLlzzS1XZEx3G1ju6ZEUtkdaXTc9yl2iR5Lbq7HmG03zUSmw0zEIk72yUi9WY3-zA9k31X0Vr4cTgvz790NTdNvkEla-ipaELcGCZyNPC41wIM59SK2CuYSGrhsiHKID86cpoLac9ZUie9QftUegOGfA5iK6pFrf8DZd-CoYZbe5jrtPrrrxbhLr1C2SUSkmQOEaSV6L3cs6T09IHO3DGCSRSDkEGsiU50ZGqTI9HO1IoowZDEwLRexGH7himPOr5dVLgRWpeVjvmiGz5FehiFdb8aADBCoJFGRrY0O94bCkVOUO7b7_CB26VEB2kcpDpTLjvTtqb5AURHfbnFhRY1sxwbInAdwZRbMb5fKxzkfcDyX21sVngtANCpOmNt32nB8LqvzPut3kWsHt8IvQpZj49zOTiVmGJSti331OwZOck8F_Re0qf6k3nGP9Dc7Px9TFaykw_86yawLYcY6V9arvs_-mvSW6IY_qtWLZgn8_SNtTzdy77TKjt9KHWpdfgg8vLNbcmyOJiuo0Gz6x9EkVtt28htByOjS4oAN5QPSModiHw4__wDiuWgBHpXtGok-f9R8wo-aEoA4zYgEseVDqcCQH5O5vj88snuDvIpZWA3aqpT1SAic8QNlGCKhRfD4EdrrtepTVMyurbmVRUZTUMux-bzCtLKh59xOcFUIvbyRi1QXW0gP-NmKPMzMhZ2BA9cHsTPLXlkn9FCsKtTBEX_0vEt4YTXU4T__WJtEUOtUc0_ik05NRIuaKHAzlY7_pODGZYsDcIGxogPzB9tGzoH2fct7zXYIJE6YIU2AO9mXZLTEVun6SHvJQ&sai=AMfl-YQJmwBD-MZbSS_D3f1LxvPpyuIKDoWni08LQylHrZurUDiTQMcd-1s1ZpqM_AmkFyQXr1FOqUv_SHcz9eHyyLudLU8z75F-7Tvl-dPK6LH0oAri8DbRQRTJLVg9YlEP5XEhHu_XmZVG7_9r1j2Tbx1JDAO_fmwX2-6eZbk9wKR91FjzKWCKpjMw4Tg_51s1Cb5ipidkoS2XFsilVxaAJuviNEE088oGsAjICyQ-ZdBVqhgF2Nfdszqvj_mTbj8he89M4mKYUiIIOUHcMdpxSq5J6dJmiPoGLPfbKA&sig=Cg0ArKJSzIjN-Q4u9yaWEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 71D6 0
16 B 54ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEPuL_Y8EGOfCgIACIAEwAQ&v=APEucNVyTp0pde2L1QF0CBBq6GFpA6pIu_dJvAYzZqLaZJ9OyafPHFbhMIz97i5hcCVcsrA8Arksr30kTDhfqWOR3whg-jqc5A

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71D6 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 71D6 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_I7lgpXwtlBd4Op82LFyon8FxM4d_zC81j61IaA1AxnWf8jD8l-_Dsw7PGJ3tZ6EVJew8WpdIQ08TmVwNbZSVB_JidG3k5VACLxX4G6UMfp-BVTrOZMCSn0UCMSQEXiPZ18QwyxAViBS0-brxxAOe4-Kv411vhA5skEFxWTDs&sai=AMfl-YTRAyT62wBGFdIcXJPSJ5OBJt__zzKhRQA-6ayT1W7uBAnGMZUkTYrxJSWnTtYnfRlCyFqvCkl050sKho-hiR5tgAXUzQwW8uCIdiev9hdDa_zH77MTkAcRQWGzZ1USvO6IhkCLS5fiF0pXCPNo&sig=Cg0ArKJSzL1Et1NYPMAgEAE&cid=CAQSTgB7FLtqnQqdu6iNjvh5AtOzCaBoAWT125wntM1M3jMBGrRZPrz_VyddbkZO18AJLnePeXRa5cN07BWTaneknz3n9L7pUomAoazeE2nCZRgB&id=lidarv&acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D557339500&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1709640595199&avm=1

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D6 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CNKJBkgvnZY6rBvSMxdwPyo2UmA7piNbTdfuSv-SdEuCCoeanQhABIKLPxWpglfqagqwHoAHcxoqJKcgBBakC-SegnlMzsj6oAwHIA5sEqgSSAk_QlNEkcGP9wMmjYkAmsV6L0KkHzoMLArDCWMvsgnQqDScKbb1ltoCKkWlddgkGX3AxE5ZRMWoOPWkcEWj6tPLnxgQNIJJaMb4nQcM1Yq_cUcPqrX2cYTcFxv3klO7fAZpB9YJwA1R4PB8WJxqp0BiiHj1EP_xkH_cECZ0e5saMN50WQq4T9oVVL1vi9-AE3FWWuwB1mxBIYN9LavN_-iuf14fw5VZ3brjFmPyJCwM_yqNQA91pKu6WCpimOWPY4KisOhkPVlA4aVzDQhuzao4n1uozb1m7x294Q_qDruTRfrNgzhpxx1FDW_jwqVdrHFroWcvaJ6Pqzgl_vPMY--FT7iPR0CowpqMoZDkkKdsbebvABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIKwiA4YAQEAEYHzIHqoKA4J-ADToJgECAgISAgJQoSL39wTpYmpG3wovdhAOACgHICwHgCwGADAGqDQJERbAThMLxFtATANgTCogUAtgUAdAVAfgWAYAXAegXAQ&sigh=bd9VFJiTAag&label=vast_creativeview&ad_mt=13&acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12693%26vmtime%3D13%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D557339503&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1709640595199

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 71D6 0
54 B 158ms
158ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ltebv9q3&c=8139984471445&slotId=4069992235722.5&qqid=CI68uMKL3YQDFXRGkQUdygYF4w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1716&mt=video%2Fmp4&vs=576x1024&dm=12000&ple=0&umsem=0&event_name=first_play&asset_bytes=200504&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.vf~ff.vm~videopreviewstarted.vn
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87A3 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3341686345799&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87A3 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3341686345799&version=m202401290101&ct=76&x=1&cor=15745601939091212000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 87A3 107 KB
41 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-tylpCKIcST-zMg2NCL78Ql0mh9B2rVEWB3sKUAgZpWa4gWMYlSrn3-Nvk85BnKFWO5BL7bXTxnco1Gkwn1f1xc_ZVNSai-3Yo5FMk5tXPlYIQXi8-9ZAQ8MiFzSUP0xyXagdyoapSMhC5y80URWXsTBo0M2awY2C66Q6rcwaTcqjRPJn3wR__-fbN0Fc7lipskJ1DN8luUwi6-pWWrZ1i52gcw&dbm_d=AKAmf-B1ICmG2xo7cmXbbXEu8guIdaA4d1qGmYqROGqIh0G7ZOWeW1qc0B6MQ_l6UfRJk_O_YtQx7yrIsLpc7l9PodQaIAkNcGuRbyw7mg-t4aj6kY-m9AUmobpJKh9_3iQeOeo_4wLkRwHVtsjFqxYUW6EWD_hdGmbDasDKN8t6Y42mYCpBmjqf7v8Oc5n12E9QuUh2zdL9PCXU9MP7jQAPOs7jH1GQhOW2kzobruM7Anxfk39huTTgh8j5ZbsT8qShYZ6yBkNVkT14fV6yJ8uCnJnWx3KgAe5eHj3xeUHFDcBQ9MNzE3cWx53FfadYd7cdUrKSYs1yK30iTLSqbkxu-16lTQHpXDnZWVwNck-Bg-DK4dOASzbi1cw34AZP0a8MXhuXVGDabd7fZXs0VAgACUemxyqUgCz7f6p8FVRkDpN4K91mjNrGPUmqvN1023dLe40p3_ssdHfxH3T2uS_IX3Az202mo_Da4u3aU24g6NZuCLqvxnf-aFBJgqWXF3j2x8oGeii6RTxkyZMRqZwg8BFWEfJuNMjb285eYLV2FL2dDxSTZhM_mjL7PVsYQty58HrWGTsNgUJuHKwsxgmS4s7ZTioTXVh2e4RqPoeAF3qWa27J6gpEnl8e0aUJY4yO2CFExYDOajoQR2hD0r0bpLbSTxrrCyYlm_HHFHEl4DzZLBNOd9ePY5thuGoxltuWDF-41l0fNwLUVoSxXXdcfCck3schtKfuMrrYCFsI76_TH0INEi-qq2tkamhgp0TJaWmJX9mEzKEes2GGxKTx8X7-kMFwz9AT8NmIpjFcQy1-q7C5gnBhGracR7-oxZGSx-ctDs2oqJxwkn3S_9U8TyGd1p2NABc28zyKBPVXvG5xLDlQuuQVo8H7KRzIql7QMWvhA5bX6m1SPtoavcgKBXlcyF7BAhaJrb32sbh_qTLgYp4dVA-059Bp_7FKVZHw4a4FpTifvXq4qiytTnxjlJxde7G7feQ4AyeyajXIxk525XFW4rh9KL5YMr_NqSbxD_YLzpfdAVMkqkDMp3fSXhRpPlAOy1fKcXy6Bk-f1KfMk4iiaPhNbPx4hOvbgMkQFM_7BYeZJk1bfroe5_hnBU9qvW-Fd0NHL8_QhZBf2suy8l8E5Bv_NfpEL07b-XikK0BhLVWv-wdjqWc-lGgJ_3XBG6WIni3B5nEpd9rX6HixkeCcLEJrEXE-Qq0Wux735HWygKfCouAqU-Cpj4QZpiOCu8MCplG2bEXOAyO9afTGeB8EdsiLUiV4DgCRHCvVu2801PLTRA4uzftYBYzu8o431PeVXo7QjEfJShrrR8_7JeLqmH8pjlXS_KrYkbHIUAKEKSWD0T8IIaXmi5KAIpDduQRiA2uSqBW2VKczG1Vt79m_Kq2OhnXYzpy0Z62kbsjnrLR4vJlkWTqCZwYJwA6xkNUt2uJwnYNggDp0D62YwcgbZ2DFIDUfLmc8RFdrVCEqRVkwwc7DfSq52gIP4bqIkpWOvP1jvxitZat_-smuG2TeKik7HlmoWwFjKiELkKTtHJFfFU3zr7bPKEdi7CGydrcJNa5GYPSt1kUVzWlA2hLTauMUChuG-et2r9JrSjgAgBOsvqO0eGVGPteh48yV-fVyClKrxE4ikTxk6xZ4i4hPMvMnQrcX4UnMwx5cfIyQCYEhcgtZPpV0v29Dvjjdh1WO1qQ_Y7jGra9d_5DrlN9fnzxbR1Ev8eFEmoIgyKSYiyFMo6Rx9EklhT0pEi_TEOhtfzx5IjvRGniXe_JZ9_onTD2wlrIOufMkG82JVuJ5iDAhnfmSzpEJZzWDCNrtPcaw_KilLQYdQQ71vCTJcQmN78kot7zglaMBZm8wpu3ykaClehxT_nGj7M_z95vi_HkEKUJDCagw8eIQhVFShJIxKsG9up9s2xB7dl40JkmLiHXJLmjasBf0-LlHl0WS6S41IsQ0Oa73JwRNGmGDjVlpPSzV8ZW3eWzhC5eh1Vp_OhsmPclgrCafi2V-Gt9pVz_njof6tyu3c9j4RqOS8AuRbQUg15tDABkr3GmRkzNqt_Ky1mupH5QOrd5eOPfQcZuakQeLRCGLQm1BmC7JbpF07Dmrnu_TlPYlqWhPkrRv2OobTScm9Abo0a_9nQabu9JAcNUaatz0Ijk5RaGyh-G9RhAtkRMjPrO7QW0s9hnhaf8b-paJFJdyiRkbgt6WvmZhOUSbkKxZl-uui0_ZRa5NlGaSZMIQTbu25htKuAvmnUbSFra7MrdTHx8LHSnKPNhPXh6V2_DSoH7uTAn8CdPqSV6O3PwW1lQY6c4iZDTO-9NaR65Foj7meRTsh4YLUHRlIo0EMH23VTKD0mwIqxeMWnGPNIxWibHbjBzfmK7n8PGzplj62wz038V75yBDD126fTOrK8l_ElqE9WHri2b6qM6yzMQT_PnXfUgYkIseVHXHPRv5MR3fnFf0ur3JZcCgyYUiEDptxdqEFCwDzfGsk6V6ksBgRfNbxzyCJ6eipSJ1s0AE00vabOk3VCs0N5fM-0pBmYLXhMjB2C2dOOZc9hbGnuCnP8Fjm7yWvrXwcPOVmNQ-8JwHnbGAtm_HpkruY0V5sQzGRCFd_zhpcBGLaj32YjI0G4Us93XQDEKldPFWZQ3jmZ4NEb0gCAyeIYV4BAmeIaMB6YC6sfLjKwr0zLBSI_it5_knMnakNUXWZePdt6hwHTrrx4sNUmf2mciyUAIABgiPdz7XnvWLZ3FvOC4WF_enmLjlaDvmbFuUhvit3G-vPzX-JGaxhVd-_qd_mGghmNyrgrf20fScWVIig5keuAgHDL4UTTPW60xn5ZfSYpKAG6qOy5xnP6Laz7D5o3eo-h8lR2EYm3IA91jFzs6eYDhAxrcVwXZD37L2S5jPf39DSQeoPTZEWQEZQIZAwrCBjzPV1RZ5U8QN66jLlclDbEwovxvQqF_S3f-dpamm4wihTxp1mulzYoRPBHeuHl3D3Q7LVc2JU2CxIrXy_gIX5t-L0YKwv9SJeKbULZegGUj7WmQhYIjsBbuW8zZFb1wBjfRLUwHlx76e9u-2iHkw-oEACTrPAV1_lcUwzEToui8EZaLfbgVXp8RfPHwduqm6tJfxdvNXfzvL5ZqAfbjZFIv9RH_JLrkC-dgFBtQYULRUe9VDrxpjTUWWkqXfaTWv75G7tEW3YYhSo5_K6pqvHwSBeQSC9i8cR7KDTcdJ-09P2rxxqZrfg-BxZk49pOF5RUf0x1el1_6mdRDbfYqYhZzosKGpJ53KtHh6nXtr5nwQNQgBAzWMrvRAqCe_JkTqYFJo-bpNm2KmUD-fLg7a5KSpL2esFQWq_YoCyApTs9Nk2xI711ZaxxGJtWZM5I_8TdNAYjW6aPyWmx5JLYnegPqn2q5EZflO4_HVPWyP94XPoquh01IDJ06yQH6-whQHY975AQk7N1cR0fM4s0_HrBzZ2-cuQlinM6ELZOon1cbfHAWiRTzC_TjJQ2A-0CjMKzLT8P8Py2L_WGKWLXUW6SzWSV_hFL7XQgUzL120zkUTXs7Q1hta5vre8EqyDFAf2qAwOJU2nLF7_t9NZ121840x4luBiZt1alyrNeAZqZeNpSFBQ7tbN0FOXPfW4bwNMEfNojdNOJVkTnJPQLhvhAB5e3wBygpFS9TSGFCIxIYGWZ6pZesGLwRWJ7BDsoeircH6hBLCFffiUO88MRp37bMIOrf5uQb2yLbccV9EC-ug-OMiGD48V56CUE4ZSY-xv70IyYNb_CXHYD_ydT6rKrLhWOrLdJqjvoi-nd0dAcTW__eSxVk8KpQsZO0VCwTPGAbru6dmpIOcjcJvIJXb_1gKACNagCHHZf0ajOWa6DeHUayaUrpyaAJYMqhOYoypxmhJ1aZAf_eXtlFM-CvWm0Zhqy-NzvAm3w4nkSZZdRXgRcfWvDZH5G0vDqqTh8ePXyvGT_t5PlE6ec8WJgY7ux6oFYTriSlOsxOKPPI1&cid=CAQSOwB7FLtq1d1VVYbWExmwGK40DoOT6o4ZoQ3zZueN06TwkWH6NUghrDymeHDAg-MbDPfo-kbM5uzwXyxTGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fmcmpiqq.top%2F&ds=l&xdt=1&iif=1&cor=15745601939091212000&adk=497053792&idt=54&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070550c7821764e949d81d059df4254f2d15ac68089c798c9ce4e0934f5dc464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42454
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2BBE 0
0 43ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstx8iY_9oQpWmqU-DLpJ75GbQIp78KZB0cjAWq1lTx6e6E9HMNFqSs0FgwQgk4BJGUxcgvzBmzGUPVtOs2RHZXUS5Q-5238q-WnhPxElls3o_Err-2q050XKc-Lun43UxxcJX85LJdKKtymv-gIjoZIZR_OTsI8tvmpY5ewggIwH-yw2qnZ43le5m0nSzdb_1KSh2AgFttIFDaKK92rA4pswb0frFoA74ghKG5mkUOF--AmtY1JYjdeP5R9wPckRjpecjKkwFN0TxFKsip6QmfCKG2kbiFfqkCu2-DBJheIKup0mYtfWG40pwt8WSD8DWkTwCEqC7QmlkAiYfyfViw4yvuARv-fOdxl_h-ky2ImDR3lgDnnrAuNu3Vh63h3HWi5W-EkG6nQkYraQJiTXvH7wO1pxImdjnJLz66MloUDyD69jfHLuqf63t3HOCWzfFtt5KofD9_rQCs7J8FpHuCTJLIOTGT15UU3hbuw5u--b53fB1ny9m79ZcMzDuUxvQ2vocctygTQJ3iXFYnI8M1mk2l7P4qaNP9vrLmpp9achycuGBWG7JdJwgNfn1R9bj0TZ8yHXdITfJm8Wb5xoaxU_jkIMawYaZvoea8LHGr8XA2-zVpjBqQiLufFiep_fXd1rX0iaNiVGxGHFyy6F9E8r0bccNyn74TWv8b7MvD61knUuVCDynEhnLIjfbxmoWL4bWZxRQCaalDm0Efgc6EIuNDgx2JFhKx94L8oyGB8POBFyqmPqnUVF8_F50wMwe9L0sDeD2qOCTkzBs5sD1p2ahmk5CstJ7tRSZ-k00pORJa_tWz1WQjAiOcIFeu3m7pqZNVlBFqMHZc3S-l1wJOfD_EQPe5RMSWacnnbut49lY2xesrE4mMedof-Ps_hmsBfU5DG8HcofSMkk46RctfjTX_FRQh5hItiQKD6lThSIc_uvDKkbNqOw-n4SjTkr-IQ6Sqd9WBXeqaCtyb73CYQTsVLke75Ne4e10vBPqtApiKgPKwzPN4Xo-iBDQBrnZQ7JHloAt0Fn-j2MzQfHHZH5Z2A1vI2MQ8gSodpR8Llvi-O0ITeiKe5vsTro6l39JGIw7oqAaSrh3R8skT0JuLjqmVZ74BcUC7PEL2Ox1GEUImimA9BPIs4A16wLxFgk0W5mXwcwaGYXOHhe0Ul0K-InNJQgwpECG8nOwsdHcCgYBX4DAxFwhlLkoyQtnsnOLYIfSLDOCoRwbXuhUremh0aT7TIM0Lop8mm5rNOWF6gnu0ZauHTPO7yxuipglJZw0irESyVaV4Aq7w3Q3Lnx9sl6G0dTxKRE8zqI3iDKh0b8aN6D7smnIRRcvZZgLLp0C6PjXVSghj0K8QO7x26Nm85DrHO5938DpW048KoaWKOVjXexslT_7iXVi97_ydx3tjNve0MzuLwXpD11sdVC9xe3CQwG54clVCCQxLqbaggB-Ltb9Ub_xXRKfbTGuQx2NoE5ZKa_Q&sai=AMfl-YTORzG5ApTkpD3Eyuj8C-l9HoPGES8B8AUGd9CArpTjtnKHwHdpXIGKpNeNXsD8kUpF419ptihRiXGuXUU4Gk1Dn5GC2Yjq-JYpAb3FbBYwXGkX2zdxNMz1ruSqH0cQtQuh9wzWHwAU9x87idgJ4y3Lr-evtDsK-WVPFMOfr0GeNuTNSu49ZYVmbaUS5uUhGNk3wBAmDZFxaWOFx_e5OFARcMYxx9sy6ZYLgQ4OShFcUgzVdWFDFV1ysPfmX25iSSiTN0ZklKOuOVdZjcmtpDYt1UyfCqwMEqkWuaEBZgng1o6_BSL6zno7-qOACaM&sig=Cg0ArKJSzEbwHKdRnIU_EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=251&vt=11&dtpt=148&dett=3&cstd=102&cisv=r20240229.73433&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBB 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BIzXtkgvnZZK-NeqdnsEPv8qT0AkAAAAAOAHgBAI&bg=!5uWl5arNAAaCCwxOogs7ADQBe5WfOCg9qaXsVzszdclC05SFjAEB7AiSJlpJzqu9DLLcbWBL34pMGeQXfudQHQJ-_AQvAgAAAHlSAAAAAWgBBwoAiP5K0zc2J74FX5j9wgvqolxP9jUY35h2b9gEoW0Jjx8-F4w_qwLhVBupMJeDTLsfha3b_BlYVGvaPdHFVB9uM_Cz80D-bNktnOtKL_UWcAba_Kwz7_h-uGfF3YX053HInWjj3tNjQk5ygNqnbZlOI0_pXaszPFlfNSRpNOIpQs2F39QgiZoXdkKZAuGiI8jssW9gzippiI4_xRXpG0SZyeYDG5oUUuOytT-3ENNLd2sisS-rdcEyCb4TyFkGh51xRcldT62wy4tQSPF4CYQ0Z7MsaQ_eT5i6nM317OW5GClpYJDXEmz8bzTaxrlcOH6VPETZUxVANt8k9FjE9TWAcjdcRVXlpmeFF51UZNPzNz7xxJ6zxtxFmBmz73xJo_QS8To93i6A20ZRAmipP0yMZKVN7OVM4o_lpTc4AH-UEkjAKYbQ8HHloyMDCLI2FwY8qz-dtxUIlA15ju79srpi0LRnKZcdV4r1gA5CwN3fQwShs4qvOqBlVqEXhwtXVUmEdVKnZ-rlqEdaPryxXXJ5X1Jt1CzVnxoQ4tm1EVeim8P9tgFm0TA4EAk2LVGLfyiXVaPwag5gIpEolmJIYFkpmeWISw-ktN5xboMsYs5h1VDBLNJmM18saj5vcxjHg9AR4FSi3xLBglPD_KJypN62TqmgcZmlIaVR9BuXUlOsMrpyRXhMFnvi3tbHbZcSlHZ6ygVThvbNqpfLMhooHALeuwDKWpSY4BM6UmslsKRxHft20LRb7JQ0pBwj19L3w5kUfG_ZmTAOZZjcbeg13-UAOHvXqleIIJjecGp9YFEuqutms1GiideURJa8AZqnNM53O8LL_GTZGI7368pwkFGC5OH93gOFKzOBQAhKfwQPzhAZ1tdbBZkFVkBuatr9LcsRKXEO3vIiQnZYEiAcfV0fFf02vGFv_GUszVuxvU5SBT-DvYsyo8A0qWGdTMQ4MZ32ytYi5M-LZIy-MjwTsgoT2akhYoXqK6ViqlvG6m7jkgcGTNjcuRVnGuhEUykRKlRJL26bDeOqLnOXBuld1CL1_SLEpFsKdqny2ksIHsGi5kEsKkscQ-3lFdNgRO28L92QV0OdNn7SehuhSN70B2_sU2ZzPSY3jhC8_UmUaTfa5Bxx_3_afRIy1QBIhZeQHM_BUmL8abMWYk0vS3uJSw

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61F7 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJPgHkgvnZZy1OISojuwP7qO4uAwAAAAAOAHgBAI&bg=!UlGlUR7NAAaCCwxOogs7ADQBe5WfOKl7j5qMYDRjvO4etyLTOlkkKygY1m3x3u6vtF7o1mCGLFhrD9cW9qEj7bkHpGTLAgAAAGxSAAAAAWgBBwoAMQeVBfhY98bymFQO_dUN635897oc4t2U49A6Xyv34ir4FU1UEEISzuC1lHpO0fg1K4CZAxHJzmgQLjlppHYun-VKy4CwL6cnK6ghhn6n0od_IjVpaFnVzax4c-7Q6EDWGlpNhDKAsXK9EOtPX3InE7JTSF0NCXJu9PHGTLahy1SvebcEHGDEIg7a1TK5Iv09hkkOkvtm6SXY9l595cAS_301pWcPl8Uf50DMt83I-HJWhNSn5h2zgHDUvvMGe9wtPETFUf3eGiPeI31P_xqlVtQ5odjfwb_XaCZuHPSKRIwPF6nqOmsXXZvJoBmRqhBihGxD4RK42Dhz0YE0y-9_1ky3gujxsC6JDg0FVLsimaSfq06ObuqBD8vVd4gwtMOxlLo86ZkvnvG75ARF9EhfLrnBx2fyikDlEUBhuCIamrwHjWq50Y1qWntN4I_zazj63nlHlgdvig7pUAYC5T91j4IZSzE-Pt2kIwGK0Pct8RccjYVfe6MgUT30s5eoqa3LpPz5Ok3TYSo9u98bmdmUwqBXVJUhDdiblXXuyaBOj1iNnn8kSjx44RQGbZTuuiu7qSLvElTr4-gnPxLy-SNC78u_r40TGfKpLysFLe4ffag9Om8Ou2iDxJfwqdTzBVDgdaQnRuo6iAWNDi8iKheiBEXEoe2AAbicbCPsPGm6Vb7vfARQEIXmu8V_D8fp4tKw2zPMW4flIBqc3lrBT19iyydG0enIt5esBsriB4iDCdKZXC1IuRJGNacEWZuuFOpZCm130lv9kymplZqhevS8RfsccoZ3_tEI3pR88CtJrS9XyvpFM9364ptS7-QEpzm78KRDE2pGTXnuT5_9xIIEGmiswcGi06SQYbZHWZv7act_E-ibnklY_b_6R-UdyAbBPmHBPXXCl7eVmG4hq5auvIXv8Afi7gKcw0T_TzHlTXsJC_ED2KJo3O0qgAZWkFeTl2z4tFXSEmmnc5eteOsyMsxZF_cIUS62sJcspsfeHV2CAHBSjLd8OEWgtmzjfdn3MWmeky3EbBmImOfDBV3sqhVWq2dvLpqe7WU0Iu3fHUDNSBY67SUc6v9_KMf86LSmfCN-zMl0zzYy2AVIvicS_wMuec153A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1953786/78330309/ Frame 87A3 272 KB
80 KB 122ms
31ms Script
application/javascript 63.34.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1953786/78330309/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015863773&ias_pubId=pub-4383418722826066&ias_chanId=1&ias_placementId=21048705571&bidurl=https://mcmpiqq.top/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j0RTyRETLxnjqg_iyCLY9K
Requested by: Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.236.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-236-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c91ccbc3f5ee89592ed9642bf988e2b0f80a552a1f593e7d5adf19b83f6dbcce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 87A3 111 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 03:55:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/ Frame 87A3 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-tylpCKIcST-zMg2NCL78Ql0mh9B2rVEWB3sKUAgZpWa4gWMYlSrn3-Nvk85BnKFWO5BL7bXTxnco1Gkwn1f1xc_ZVNSai-3Yo5FMk5tXPlYIQXi8-9ZAQ8MiFzSUP0xyXagdyoapSMhC5y80URWXsTBo0M2awY2C66Q6rcwaTcqjRPJn3wR__-fbN0Fc7lipskJ1DN8luUwi6-pWWrZ1i52gcw&dbm_d=AKAmf-B1ICmG2xo7cmXbbXEu8guIdaA4d1qGmYqROGqIh0G7ZOWeW1qc0B6MQ_l6UfRJk_O_YtQx7yrIsLpc7l9PodQaIAkNcGuRbyw7mg-t4aj6kY-m9AUmobpJKh9_3iQeOeo_4wLkRwHVtsjFqxYUW6EWD_hdGmbDasDKN8t6Y42mYCpBmjqf7v8Oc5n12E9QuUh2zdL9PCXU9MP7jQAPOs7jH1GQhOW2kzobruM7Anxfk39huTTgh8j5ZbsT8qShYZ6yBkNVkT14fV6yJ8uCnJnWx3KgAe5eHj3xeUHFDcBQ9MNzE3cWx53FfadYd7cdUrKSYs1yK30iTLSqbkxu-16lTQHpXDnZWVwNck-Bg-DK4dOASzbi1cw34AZP0a8MXhuXVGDabd7fZXs0VAgACUemxyqUgCz7f6p8FVRkDpN4K91mjNrGPUmqvN1023dLe40p3_ssdHfxH3T2uS_IX3Az202mo_Da4u3aU24g6NZuCLqvxnf-aFBJgqWXF3j2x8oGeii6RTxkyZMRqZwg8BFWEfJuNMjb285eYLV2FL2dDxSTZhM_mjL7PVsYQty58HrWGTsNgUJuHKwsxgmS4s7ZTioTXVh2e4RqPoeAF3qWa27J6gpEnl8e0aUJY4yO2CFExYDOajoQR2hD0r0bpLbSTxrrCyYlm_HHFHEl4DzZLBNOd9ePY5thuGoxltuWDF-41l0fNwLUVoSxXXdcfCck3schtKfuMrrYCFsI76_TH0INEi-qq2tkamhgp0TJaWmJX9mEzKEes2GGxKTx8X7-kMFwz9AT8NmIpjFcQy1-q7C5gnBhGracR7-oxZGSx-ctDs2oqJxwkn3S_9U8TyGd1p2NABc28zyKBPVXvG5xLDlQuuQVo8H7KRzIql7QMWvhA5bX6m1SPtoavcgKBXlcyF7BAhaJrb32sbh_qTLgYp4dVA-059Bp_7FKVZHw4a4FpTifvXq4qiytTnxjlJxde7G7feQ4AyeyajXIxk525XFW4rh9KL5YMr_NqSbxD_YLzpfdAVMkqkDMp3fSXhRpPlAOy1fKcXy6Bk-f1KfMk4iiaPhNbPx4hOvbgMkQFM_7BYeZJk1bfroe5_hnBU9qvW-Fd0NHL8_QhZBf2suy8l8E5Bv_NfpEL07b-XikK0BhLVWv-wdjqWc-lGgJ_3XBG6WIni3B5nEpd9rX6HixkeCcLEJrEXE-Qq0Wux735HWygKfCouAqU-Cpj4QZpiOCu8MCplG2bEXOAyO9afTGeB8EdsiLUiV4DgCRHCvVu2801PLTRA4uzftYBYzu8o431PeVXo7QjEfJShrrR8_7JeLqmH8pjlXS_KrYkbHIUAKEKSWD0T8IIaXmi5KAIpDduQRiA2uSqBW2VKczG1Vt79m_Kq2OhnXYzpy0Z62kbsjnrLR4vJlkWTqCZwYJwA6xkNUt2uJwnYNggDp0D62YwcgbZ2DFIDUfLmc8RFdrVCEqRVkwwc7DfSq52gIP4bqIkpWOvP1jvxitZat_-smuG2TeKik7HlmoWwFjKiELkKTtHJFfFU3zr7bPKEdi7CGydrcJNa5GYPSt1kUVzWlA2hLTauMUChuG-et2r9JrSjgAgBOsvqO0eGVGPteh48yV-fVyClKrxE4ikTxk6xZ4i4hPMvMnQrcX4UnMwx5cfIyQCYEhcgtZPpV0v29Dvjjdh1WO1qQ_Y7jGra9d_5DrlN9fnzxbR1Ev8eFEmoIgyKSYiyFMo6Rx9EklhT0pEi_TEOhtfzx5IjvRGniXe_JZ9_onTD2wlrIOufMkG82JVuJ5iDAhnfmSzpEJZzWDCNrtPcaw_KilLQYdQQ71vCTJcQmN78kot7zglaMBZm8wpu3ykaClehxT_nGj7M_z95vi_HkEKUJDCagw8eIQhVFShJIxKsG9up9s2xB7dl40JkmLiHXJLmjasBf0-LlHl0WS6S41IsQ0Oa73JwRNGmGDjVlpPSzV8ZW3eWzhC5eh1Vp_OhsmPclgrCafi2V-Gt9pVz_njof6tyu3c9j4RqOS8AuRbQUg15tDABkr3GmRkzNqt_Ky1mupH5QOrd5eOPfQcZuakQeLRCGLQm1BmC7JbpF07Dmrnu_TlPYlqWhPkrRv2OobTScm9Abo0a_9nQabu9JAcNUaatz0Ijk5RaGyh-G9RhAtkRMjPrO7QW0s9hnhaf8b-paJFJdyiRkbgt6WvmZhOUSbkKxZl-uui0_ZRa5NlGaSZMIQTbu25htKuAvmnUbSFra7MrdTHx8LHSnKPNhPXh6V2_DSoH7uTAn8CdPqSV6O3PwW1lQY6c4iZDTO-9NaR65Foj7meRTsh4YLUHRlIo0EMH23VTKD0mwIqxeMWnGPNIxWibHbjBzfmK7n8PGzplj62wz038V75yBDD126fTOrK8l_ElqE9WHri2b6qM6yzMQT_PnXfUgYkIseVHXHPRv5MR3fnFf0ur3JZcCgyYUiEDptxdqEFCwDzfGsk6V6ksBgRfNbxzyCJ6eipSJ1s0AE00vabOk3VCs0N5fM-0pBmYLXhMjB2C2dOOZc9hbGnuCnP8Fjm7yWvrXwcPOVmNQ-8JwHnbGAtm_HpkruY0V5sQzGRCFd_zhpcBGLaj32YjI0G4Us93XQDEKldPFWZQ3jmZ4NEb0gCAyeIYV4BAmeIaMB6YC6sfLjKwr0zLBSI_it5_knMnakNUXWZePdt6hwHTrrx4sNUmf2mciyUAIABgiPdz7XnvWLZ3FvOC4WF_enmLjlaDvmbFuUhvit3G-vPzX-JGaxhVd-_qd_mGghmNyrgrf20fScWVIig5keuAgHDL4UTTPW60xn5ZfSYpKAG6qOy5xnP6Laz7D5o3eo-h8lR2EYm3IA91jFzs6eYDhAxrcVwXZD37L2S5jPf39DSQeoPTZEWQEZQIZAwrCBjzPV1RZ5U8QN66jLlclDbEwovxvQqF_S3f-dpamm4wihTxp1mulzYoRPBHeuHl3D3Q7LVc2JU2CxIrXy_gIX5t-L0YKwv9SJeKbULZegGUj7WmQhYIjsBbuW8zZFb1wBjfRLUwHlx76e9u-2iHkw-oEACTrPAV1_lcUwzEToui8EZaLfbgVXp8RfPHwduqm6tJfxdvNXfzvL5ZqAfbjZFIv9RH_JLrkC-dgFBtQYULRUe9VDrxpjTUWWkqXfaTWv75G7tEW3YYhSo5_K6pqvHwSBeQSC9i8cR7KDTcdJ-09P2rxxqZrfg-BxZk49pOF5RUf0x1el1_6mdRDbfYqYhZzosKGpJ53KtHh6nXtr5nwQNQgBAzWMrvRAqCe_JkTqYFJo-bpNm2KmUD-fLg7a5KSpL2esFQWq_YoCyApTs9Nk2xI711ZaxxGJtWZM5I_8TdNAYjW6aPyWmx5JLYnegPqn2q5EZflO4_HVPWyP94XPoquh01IDJ06yQH6-whQHY975AQk7N1cR0fM4s0_HrBzZ2-cuQlinM6ELZOon1cbfHAWiRTzC_TjJQ2A-0CjMKzLT8P8Py2L_WGKWLXUW6SzWSV_hFL7XQgUzL120zkUTXs7Q1hta5vre8EqyDFAf2qAwOJU2nLF7_t9NZ121840x4luBiZt1alyrNeAZqZeNpSFBQ7tbN0FOXPfW4bwNMEfNojdNOJVkTnJPQLhvhAB5e3wBygpFS9TSGFCIxIYGWZ6pZesGLwRWJ7BDsoeircH6hBLCFffiUO88MRp37bMIOrf5uQb2yLbccV9EC-ug-OMiGD48V56CUE4ZSY-xv70IyYNb_CXHYD_ydT6rKrLhWOrLdJqjvoi-nd0dAcTW__eSxVk8KpQsZO0VCwTPGAbru6dmpIOcjcJvIJXb_1gKACNagCHHZf0ajOWa6DeHUayaUrpyaAJYMqhOYoypxmhJ1aZAf_eXtlFM-CvWm0Zhqy-NzvAm3w4nkSZZdRXgRcfWvDZH5G0vDqqTh8ePXyvGT_t5PlE6ec8WJgY7ux6oFYTriSlOsxOKPPI1&cid=CAQSOwB7FLtq1d1VVYbWExmwGK40DoOT6o4ZoQ3zZueN06TwkWH6NUghrDymeHDAg-MbDPfo-kbM5uzwXyxTGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fmcmpiqq.top%2F&ds=l&xdt=1&iif=1&cor=15745601939091212000&adk=497053792&idt=54&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 21:02:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/ Frame 87A3 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240229/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 9162932350781899495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 20:55:12 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 87A3 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 13:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 13:46:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4D04 1 KB
645 B 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 01:51:21 GMT
etag: 48472445140208031
expires: Wed, 06 Mar 2024 01:51:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 87A3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40d5ffc4c991206f4572d3d15ad44ef5386fb5683d40d0a7a11a72c0605d0d8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4D04
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA7Sfq8nMdtFx2zdtrnK6Pc&google_cver=1&google_push=AXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA7Sfq8nMdtFx2zdtrnK6Pc&google_cver=1&google_push=AXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkn...

43 B
418 B

185ms
166ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA7Sfq8nMdtFx2zdtrnK6Pc&google_cver=1&google_push=AXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85f9fffa3eb19265-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5408
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA7Sfq8nMdtFx2zdtrnK6Pc&google_cver=1&google_push=AXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUKLTa8H0PzVfrkcRMYlIaldigU1LPF66uZLmu9HhfbmVu9FJq3CZWknbrGW9qrJnIvO8FSlpvnY49-PVq0YKcB0piUkngJjhB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85f9fff8fd359265-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D04
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIns9wn1gSwEps_77S_1Q0w&google_cver=1&google_push=AXcoOmSiSTSZRPIHvkwmhxCkyATAHM7kg4jNl3wEI3m0qYFSeQraAGivtE0tDsxVS37t3dSyegtHmLpA9o9DPGlX4qiV73N9v_WXYSSP
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=419E5461C21042E89A27DBF1886A2A33&google_push=AXcoOmSiSTSZRPIHvkwmhxCkyATAHM7kg4jNl3wEI3m0qYFSeQraAGivtE0tDsxVS37t3dSyegtHmLpA9o9DPGl...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=419E5461C21042E89A27DBF1886A2A33&google_push=AXcoOmSiSTSZRPIHvkwmhxCkyATAHM7kg4jNl3wEI3m0qYFSeQraAGivtE0tDsxVS37t3dSyegtHmLpA9o9DPGlX4qiV73N9v_WXYSSP

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Mar 2024 12:09:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=419E5461C21042E89A27DBF1886A2A33&google_push=AXcoOmSiSTSZRPIHvkwmhxCkyATAHM7kg4jNl3wEI3m0qYFSeQraAGivtE0tDsxVS37t3dSyegtHmLpA9o9DPGlX4qiV73N9v_WXYSSP
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Mar 2024 12:09:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D04
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG2tKrnAWys2zs6T3kRyjH0&google_cver=1&google_push=AXcoOmS136R3yinCx8boZuPkVurR0CKVWsvv01dUo4GAwNpI6X7oM1ZnTLHUBrqonojSGfBtAV62P3LfpODI_P...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzM0Mjg1MDQ0MzQ0OTkyMzc0Mw%3D%3D&google_push=AXcoOmS136R3yinCx8boZuPkVurR0CKVWsvv01dUo4GAwNpI6X7oM1ZnTLHUBrqonojSGfBtAV62P3LfpODI_PtCco...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzM0Mjg1MDQ0MzQ0OTkyMzc0Mw%3D%3D&google_push=AXcoOmS136R3yinCx8boZuPkVurR0CKVWsvv01dUo4GAwNpI6X7oM1ZnTLHUBrqonojSGfBtAV62P3LfpODI_PtCco-s8IwWWDCaEMhy

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzM0Mjg1MDQ0MzQ0OTkyMzc0Mw%3D%3D&google_push=AXcoOmS136R3yinCx8boZuPkVurR0CKVWsvv01dUo4GAwNpI6X7oM1ZnTLHUBrqonojSGfBtAV62P3LfpODI_PtCco-s8IwWWDCaEMhy
Date: Tue, 05 Mar 2024 12:09:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D04
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPw25NPLMWyp7PBHQVkcOpw&google_cver=1&google_push=AXcoOmQBbYZMONLrT2CcBAsqwWkmuwxb_CnRbu_klxoXPbGaCUVh23s3TBiHxykvt8XSnOvNnD35W6bhfzoOKSLv...
https://cm.g.doubleclick.net/pixel?google_nid=ta&gdpr=1&process_consent=T&google_hm=fns4HA1UQY4E6t960_6z-A&google_push=AXcoOmQBbYZMONLrT2CcBAsqwWkmuwxb_CnRbu_klxoXPbGaCUVh23s3TBiHxykvt8XSnOvNnD35W6...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&gdpr=1&process_consent=T&google_hm=fns4HA1UQY4E6t960_6z-A&google_push=AXcoOmQBbYZMONLrT2CcBAsqwWkmuwxb_CnRbu_klxoXPbGaCUVh23s3TBiHxykvt8XSnOvNnD35W6bhfzoOKSLveAWl2URjmjJx0dST

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Mar 2024 12:09:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&gdpr=1&process_consent=T&google_hm=fns4HA1UQY4E6t960_6z-A&google_push=AXcoOmQBbYZMONLrT2CcBAsqwWkmuwxb_CnRbu_klxoXPbGaCUVh23s3TBiHxykvt8XSnOvNnD35W6bhfzoOKSLveAWl2URjmjJx0dST
x-host: tde-deliveryengine-production-78bcf444cd-kh859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4D04 43 B
363 B 45ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTGPef2F92v34FnBQfi8QxfsLiFYQpPp2lN-MH5ANhIN4htRwCso8gS0-0tz6K8tZQLvtdZuoPO4-m8Psc9OHS2ZuV5j9fHl0lg&google_gid=CAESEBiujXuBXeJWYSIG2dm82ns&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 324607
expires: Tue, 05 Mar 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D04
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKGMIz9RiRlA6KgBi7gi0e0&google_cver=1&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP_l...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKGMIz9RiRlA6KgBi7gi0e0&google_cver=1&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMG...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzNjgxOTM1NTA1MjkwMTA5OQ&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzNjgxOTM1NTA1MjkwMTA5OQ&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP_lO9Mbl62C2nMmfKZMNYeHceMR

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzNjgxOTM1NTA1MjkwMTA5OQ&google_push=AXcoOmQFneIg2qxAdcmAEyqdmOzA3yWP56RPl4ByNAUrm5H6aikrnG8V0huCz2sldgZTYCdhMMGpiP_lO9Mbl62C2nMmfKZMNYeHceMR
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 4D04
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI43jFGQ1H3w...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT2s0_WVGz7NwWUKtXjrm4UdfpDjZ3l-RnB0WU4PbiL_OrFf5oEsiYA8uNOGvq4ue3pQzk_j144WHv_xWqECde0Eci7hmaBcFmr1A
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

200ms
200ms

Image
image/gif

23.219.216.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Server: 23.219.216.4 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-216-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Tue, 05 Mar 2024 12:09:56 GMT
pragma: no-cache
date: Tue, 05 Mar 2024 12:09:56 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4D04 0
12 B 15ms
14ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRAQrl5QaBG1nlgfLxZa2-Y37RyoAl0nySalPKeFX9fThk3mRW31Os9sviithRvHPMtUWF6Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2617 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 16:16:15 GMT
expires: Tue, 04 Mar 2025 16:16:15 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3245162412506913621/ Frame 0948 124 KB
22 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3245162412506913621/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18686dc1d786db09e5ccb074f867807358d62e232a2ed3cb08556b6fc0aa5e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11297
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22608
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 09:01:38 GMT
expires: Wed, 05 Mar 2025 09:01:38 GMT
last-modified: Mon, 29 Jan 2024 12:20:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 87A3 0
0 52ms
51ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvS8FOh-l3g4C5_Lei5j5XPOJJKmBG8RRVOkOJ-j9JCEk_PgfV5yFMzBXF9GTEQRjayuCjOvP_ccBvcyl78l8bCWqvX9ViRdVUY1yjpviFB8fW5Ff-pzSIOueSz65qVDbcrqnVXuq5ot9S4TXC21O7VcclyS5k1X5O09Io1AJCvYNHmazknvtmcj3DHUNHM3Y7XtWiGpVebmJ-PeOKyVSh1nF7kQT6wwieslT0Yf78S_n2IeublpVTZDdo02jhnOBbuPCMNjenGysENSAzAy0SvvA6zs1daZJ-791uOg6XEkQ6xOOXE3JbALIwF8j4WcoKGdRQwZwc1ynAN_KCA_X-2zv9INlsWb4Yi_jaX37Hjd-aVXum8dArUcEmH9O808rYtST9u7TCYmZ2KPBEqUfFmQVuhi6pTHJu334GEN2RA7VXEPK8MXsk-uo6Jvmo1VruPQDGB-pvlzs2gf38k3koiScqXHfKtZcv2lzfCIA6FHGyHE_WRyTP0O9AQ5vEMv2AcWvLeGUr_78GpC_nWhQy1i-y2_8U1PKn5iK9tdlIlI8K-EhNXFCohqrWz5T5hkT--TIffP_X3-VoITnVS1eU5M-WXBtNv58RQtkgVNoANIiDKIWkOK6NzDJVdGOBUfsYHeahZ-iZjB9ci52NZlxjmzrFf3aVEfu6mMv5_effIJ45TRDeGyJLWBQiB8QxG4CBTuELb79tQJugOpJRdrzc9z8Sj64ye3N_ZuvHHo0CJeCsrRGCf_WkiLlMHXfihiW1z4bgpwA4Bzx2ioKBOblCyqrmHoEigWDRnOTKUdwQtskh0OgZ1GT0yRgrUH51tgCAxSmkzR25-96FwoM7k1ZRrQOWvNQ9a2B0kuoEtltQIO1iaatw_y3hdzL4Rgr1Bo5iYAFgRg6kHJsrbbmXuSrz8RzMQpH3qToDV9MHzyEhxndGCe3JWEZ0O5P36BRzyvYfGKEXJjCDll6shyTa4Wp6FUfpnPO8HEYMrazv4N-jEFl9K1kAWWxeh9iB0HtxgEKYLeZktBb3_ON5vGh7FtISLtShjxLzvdLuaX_ImoIQqZmeBIKzr2ji7d2PrfiOtkIUMZMogn8hp3R2BruV5c5MjZoTPDYuTTEnoI34tK7VXMC16pJfB0aZs8KGZTna1VnPWo3hYYT_BmC4i_UM_SYi8zzoO4BHi8PE4WXsYX6BSLWDZ9rkK6gtlX1WnD9SQsRKs30vuc1ZGapwjtf2C1feIwFJYGrwn0yOVdXZaLHkskWGgmAbFPhGicFiiwrrDQWqXpDxlLipZneIA7CQMjf7eoflfk3g_gmWCRt0vP6rqGI1ecxKiH8djSPfv99Tfl4SyHwCVc6ank1m1a4hRLU0Tdty_H66_vxBYkf9MTfUAqBJ57BAGGaiKR_54SPSJtXvtrfZA-4ruxJyRSX8MvNA5FaxvETRG3e3ETJj63VY1FKfE17PEkf3piIoJIWjhBzU&sai=AMfl-YQj51pJIdWEU-mpVeh-nRuPJTPaoMshZrcxCU58cS4cwyvj1usld7_MnrSnE2qPicH8of1HnJJiNBQjggl2rx7g6F76r1UjWqg6UshtMYVKXHwf0M5LjXqxyD4NN200TViamRysUqob2NCVJ6Buec1an34QFlMKTX6xvBh_kCTflLKehOPJTNCIOWUWSyws28Kd7rZ3dNGQd2vNVOqDPLtif3GvwkBn5Pda7tdZDhdh7vM9lgcVlki3omZH5ejI5BKm6OXyGEjpQ38j-HB8vbkl4XJA&sig=Cg0ArKJSzB7D2GIH2O4DEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=36&cbvp=1&cstd=35&cisv=r20240229.27763&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 0948 32 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3245162412506913621/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3245162412506913621/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 02:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 02:27:04 GMT

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2617 51 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:38:25 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 87A3 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvS8FOh-l3g4C5_Lei5j5XPOJJKmBG8RRVOkOJ-j9JCEk_PgfV5yFMzBXF9GTEQRjayuCjOvP_ccBvcyl78l8bCWqvX9ViRdVUY1yjpviFB8fW5Ff-pzSIOueSz65qVDbcrqnVXuq5ot9S4TXC21O7VcclyS5k1X5O09Io1AJCvYNHmazknvtmcj3DHUNHM3Y7XtWiGpVebmJ-PeOKyVSh1nF7kQT6wwieslT0Yf78S_n2IeublpVTZDdo02jhnOBbuPCMNjenGysENSAzAy0SvvA6zs1daZJ-791uOg6XEkQ6xOOXE3JbALIwF8j4WcoKGdRQwZwc1ynAN_KCA_X-2zv9INlsWb4Yi_jaX37Hjd-aVXum8dArUcEmH9O808rYtST9u7TCYmZ2KPBEqUfFmQVuhi6pTHJu334GEN2RA7VXEPK8MXsk-uo6Jvmo1VruPQDGB-pvlzs2gf38k3koiScqXHfKtZcv2lzfCIA6FHGyHE_WRyTP0O9AQ5vEMv2AcWvLeGUr_78GpC_nWhQy1i-y2_8U1PKn5iK9tdlIlI8K-EhNXFCohqrWz5T5hkT--TIffP_X3-VoITnVS1eU5M-WXBtNv58RQtkgVNoANIiDKIWkOK6NzDJVdGOBUfsYHeahZ-iZjB9ci52NZlxjmzrFf3aVEfu6mMv5_effIJ45TRDeGyJLWBQiB8QxG4CBTuELb79tQJugOpJRdrzc9z8Sj64ye3N_ZuvHHo0CJeCsrRGCf_WkiLlMHXfihiW1z4bgpwA4Bzx2ioKBOblCyqrmHoEigWDRnOTKUdwQtskh0OgZ1GT0yRgrUH51tgCAxSmkzR25-96FwoM7k1ZRrQOWvNQ9a2B0kuoEtltQIO1iaatw_y3hdzL4Rgr1Bo5iYAFgRg6kHJsrbbmXuSrz8RzMQpH3qToDV9MHzyEhxndGCe3JWEZ0O5P36BRzyvYfGKEXJjCDll6shyTa4Wp6FUfpnPO8HEYMrazv4N-jEFl9K1kAWWxeh9iB0HtxgEKYLeZktBb3_ON5vGh7FtISLtShjxLzvdLuaX_ImoIQqZmeBIKzr2ji7d2PrfiOtkIUMZMogn8hp3R2BruV5c5MjZoTPDYuTTEnoI34tK7VXMC16pJfB0aZs8KGZTna1VnPWo3hYYT_BmC4i_UM_SYi8zzoO4BHi8PE4WXsYX6BSLWDZ9rkK6gtlX1WnD9SQsRKs30vuc1ZGapwjtf2C1feIwFJYGrwn0yOVdXZaLHkskWGgmAbFPhGicFiiwrrDQWqXpDxlLipZneIA7CQMjf7eoflfk3g_gmWCRt0vP6rqGI1ecxKiH8djSPfv99Tfl4SyHwCVc6ank1m1a4hRLU0Tdty_H66_vxBYkf9MTfUAqBJ57BAGGaiKR_54SPSJtXvtrfZA-4ruxJyRSX8MvNA5FaxvETRG3e3ETJj63VY1FKfE17PEkf3piIoJIWjhBzU&sai=AMfl-YQj51pJIdWEU-mpVeh-nRuPJTPaoMshZrcxCU58cS4cwyvj1usld7_MnrSnE2qPicH8of1HnJJiNBQjggl2rx7g6F76r1UjWqg6UshtMYVKXHwf0M5LjXqxyD4NN200TViamRysUqob2NCVJ6Buec1an34QFlMKTX6xvBh_kCTflLKehOPJTNCIOWUWSyws28Kd7rZ3dNGQd2vNVOqDPLtif3GvwkBn5Pda7tdZDhdh7vM9lgcVlki3omZH5ejI5BKm6OXyGEjpQ38j-HB8vbkl4XJA&sig=Cg0ArKJSzB7D2GIH2O4DEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=103&vt=11&dtpt=67&dett=3&cstd=35&cisv=r20240229.27763&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mcmpiqq.top
URL: https://mcmpiqq.top/?thread-79.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Mar 2024 12:09:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2617 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3m7NkwvnZfO2DsqzjuwPwNeZ2AQAAAAAOAHgBAI&bg=!JiWlJWrNAAaCCwxOogs7ADQBe5WfOI0iadSJbw53iZmgvFVPfnBeeBcXbsqv-tesSix5_adPVol3bcC3t6FBe6Ywxn4eAgAAADJSAAAAAmgBB5kDEFyuAmfoMJlqlNCMNUaCW8AkdtOISlj-ZlwMkTXpb-fJ0Zu9o59HeiQud-eJvrwQL2EGrJEjyQfJbzgFgDiBVzMcd-kkll1jRrGc8zm3l1UJyWL7n8Rco1p5v_USWt1_vZlJAxqIz1AJpWKJSjisPkHsSt1RuQ71lyQ0-0V1G2i8dxFGxh_JnUMIQoktjwcbPvhLSY0ce-jKqbWoNZZfEZE32ybzZg5YnjclVrnz1TSucbuPaB8t5GflYgaeBvYOLPuNdLZIECaHtUpo4IgSueDmZJbhBqtY567KcD7prs6WrGe_pzQ5W4qWwrl96exn64wn7C3VplipHCERLRQNMy4ft-Fn0UJjmfE2EtSiKnkCcunzXU_u1bicbz9U5Em5Xp3SZ0aqnepRe650g6Spr382xlscGDE4mStjBg9Hz6taJprx1H5N1vF36GiCYcCfy5zPsZBDoaZZKLP0LfilC_j16uN5ukqr54RrTz_9cbmvmCdwVLV6BMV99K7h9aWc_9UpTb8oQVvjVC2B5E5_jNGHxhku6Y481TIRr-aH9knccvseKsuNJFlSoFyKM-HFzuFV8U-TME8bLSsH6q-e9rRjksXUUY2TokHecc4P4ir7CXkkRFbMK5d9rQLAWsm6sI7jm2BtcPmQf9OO49VUc45z893G8_3fNedfi8MnQLvRPHpiU6wLRVJPMDRON3kdwUybe56sK-gfg35G9j5akSshFBOzQoNPsq48fPv32kNSzVZvC0fCKxJ1Ttl2Z4pYnnS98xDnxbtAAwaiQzeXwTRWxwGSBvA5e2isRihXiLk5aX7kIcab1iHPFFwf-PJS296d5TFQJbYQ8nT00IwLHRyUwhjEr71ReOVz0kmIDGhhRYz09Gf2J9NHzbB6Sv_Q-bd-iNS2rgN9Ylxytjncp0W5D_X8lIP2FUSL4hHFQix778OMgEexUXJlomESh4xrKbzz034SSPo_thltUsa7OfFN_UYVfoUIUQXkTX26ZV61BqqzhsyG-gX5QyfZ1htNRLpIdxMRngZZAW65wHTGtEA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 87A3
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1953786/78330309/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015863773&ias_pubId=pub-4383418722826066&ias_chanId=1&ias_placementId=21048705571&bidurl=ht...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_kwvnZfO2DsqzjuwPwNeZ2AQ&cbFunctionName=goog_wrapCb_kwvnZfO2DsqzjuwPwNeZ2AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected...

1 KB
1 KB

7ms
7ms

Script
application/javascript

2600:9000:26da:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_kwvnZfO2DsqzjuwPwNeZ2AQ&cbFunctionName=goog_wrapCb_kwvnZfO2DsqzjuwPwNeZ2AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Server: 2600:9000:26da:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: N8a6HZlDh9F3zdobaU4MToCpsTqdbQs8
content-encoding: gzip
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
date: Wed, 28 Feb 2024 06:37:58 GMT
x-amz-cf-pop: MUC50-P4
age: 538318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: k-GM8DWqqT7T8kVlyuhjr4U2U89oyDpGxdpxG6pNkVufe41HgX8EiA==

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_kwvnZfO2DsqzjuwPwNeZ2AQ&cbFunctionName=goog_wrapCb_kwvnZfO2DsqzjuwPwNeZ2AQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C23F 91 KB
92 KB 7ms
7ms Script
application/javascript 2600:9000:26da:9400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 19063585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: PuAcMIaQXvQrrjJrBNIQMeqh-qqa5OV43vRi-REdQyfnh8bz__Xytg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 87A3 43 B
215 B 511ms
168ms Image
image/gif 2600:1f13:800:7782:fa8a:453b:3668:d090
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1953786&asId=e1bd7d6c-2704-786c-951a-620a4c57413a&tv=%7Bc:65qvio,pingTime:-3,time:33,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:33,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u69fHY3+11%7C12%7C131%7C141*.1953786-78330309%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C171%7C172%7C1811%7C1812%7C1813,idMap:141*,rmeas:1,rend:0,renddet:na,siq:13%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:fa8a:453b:3668:d090 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 87A3 43 B
216 B 508ms
168ms Image
image/gif 2600:1f13:800:7782:fa8a:453b:3668:d090
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1953786&asId=e1bd7d6c-2704-786c-951a-620a4c57413a&tv=%7Bc:65qviq,pingTime:-6,time:35,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u69fHY3+11%7C12%7C131%7C141*.1953786-78330309%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C171%7C172%7C1811%7C1812%7C1813,idMap:141*,rmeas:1,rend:0,renddet:na,siq:13%7D&tpiLookup=ao:mcmpiqq.top*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:fa8a:453b:3668:d090 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 87A3 43 B
215 B 507ms
170ms Image
image/gif 2600:1f13:800:7782:fa8a:453b:3668:d090
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1953786&asId=e1bd7d6c-2704-786c-951a-620a4c57413a&tv=%7Bc:65qviu,pingTime:-2,time:39,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:346,beZ:347,mfA:349,cmA:350,inA:350,inZ:352,prA:352,prZ:355,si:359,poA:359,poZ:373,cmZ:373,mfZ:373,loA:380,loZ:382,ltA:384,ltZ:384%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u69fHY3+11%7C12%7C131%7C141*.1953786-78330309%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C171%7C172%7C1811%7C1812%7C1813,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:13,sinceFw:24,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:fa8a:453b:3668:d090 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 87A3 43 B
215 B 224ms
169ms Image
image/gif 2600:1f13:800:7782:fa8a:453b:3668:d090
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1953786&asId=e1bd7d6c-2704-786c-951a-620a4c57413a&tv=%7Bc:65qvn1,pingTime:-10,time:320,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjk0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1709640595791%7C%7C5bb410809d247481dcf2ea2b7e74bfc0%7C%7Cd23861f90f98ef1cbb909ba4da09afb4%7C%7C17fefc6cd280d9d921269654524f1b5e%7C%7C1d044834a4f87fef5024d32369495246%7C%7C82857c8e7638ea8280c8e4808cc5aa51%7C%7C1525d5c0f23e8278b0a861b485411a53%7C%7Cc911c47c12ff80e1324acd944a742392%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.3713792823~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&to=qs&pwprc=6085169274&format=1200x90&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594611&bpp=1&bdt=1074&idt=0&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=2&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:fa8a:453b:3668:d090 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:55 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 71D6 0
45 B 159ms
158ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~ltebv9xj&c=8139984471445&slotId=4069992235722.5&qqid=CI68uMKL3YQDFXRGkQUdygYF4w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1716&mt=video%2Fmp4&vs=576x1024&dm=12000&met.4=vfl.103
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240226_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
55ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240229&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d82c517b10e60f8a4bac5ad3b85a46e5cf3faa0386387828d9d01594c98cc544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12428
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 87A3 43 B
215 B 169ms
169ms Image
image/gif 2600:1f13:800:7782:fa8a:453b:3668:d090
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1953786&asId=e1bd7d6c-2704-786c-951a-620a4c57413a&tv=%7Bc:65qvr7,time:574,type:e,im:%7Bpci:%7Btdr:538%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:574,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B569~0%5D,as:%5B569~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:509,fm:u69fHY3+11%7C12%7C131%7C141*.1953786-78330309%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C161%7C162%7C171%7C172%7C1811%7C1812%7C1813,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:77%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:fa8a:453b:3668:d090 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:56 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 143ms
143ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 12:09:56 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2BBE 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcYh2jSi0prhp81jcwxPBxhF85D6f9Litr3j04tashlX0ySwusiEzkCspP0TW6nkFJXIovgef6FKPx82pkuAubA6-bbw7PuIlqIObJC5jemIrptMOqn6XODfThsENxM5vL3DRPWx2fwjd94cWGobnwa-sj0GGGvz3pMbM3s0p3&sai=AMfl-YRiySQJQ6dppEXs8Y0570PXSitNZC0muhc4i4wSkAJpyQ46-6EXzhGPbewVup8H-WNUkV89IV8XA3pnA62pT78SahHH93nsH0c81hIii2L6crkN1luYqVRnfwOMrfPcBj9rpgK0Hh4rve1kBlS3&sig=Cg0ArKJSzN3M-g7CdhEtEAE&cid=CAQSTgB7FLtqUMzjMkS664vq1vIxAquIFxFzgiOPKLpplh2w0D2bwMjuoVJiyPHUiq7EHBctKyBJZgsqFKzflPOn86KozuPM-5MKqZ5nMIvZLxgB&id=lidar2&mcvt=1000&p=0,0,108,728&mtos=0,749,1000,1000,1000&tos=0,749,251,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=557339400&rst=1709640594791&rpt=330&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 32EA 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 07:25:24 GMT
expires: Wed, 05 Mar 2025 07:25:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7BD 829 B
560 B 17ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dfbe71f79027924813e031d92c59cf310324568ff27586d97ebfc770bce48974

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bBXryXB1Q7E1niA9dQC8jA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mcmpiqq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bBXryXB1Q7E1niA9dQC8jA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 12:09:56 GMT
expires: Tue, 05 Mar 2024 12:09:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/2469615605381150846/ Frame A693 55 KB
12 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2469615605381150846/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8ff211b7f1d3ad102b1db4c61e38f9cbd777f9183292a50c540e9ac78a6174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 05 Mar 2025 08:03:49 GMT
date: Tue, 05 Mar 2024 08:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12053
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:35:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/2469615605381150846/ Frame A693 9 KB
3 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2469615605381150846/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e315ad25a042ce30e18f50310c82300cecc4d1284e230ce7302cd1b8d665de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 05 Mar 2025 08:03:49 GMT
date: Tue, 05 Mar 2024 08:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2561
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:35:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/2469615605381150846/images/ Frame A693 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2469615605381150846/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f9ee9067d75753122088aabc384f05313d48c855af8da92d2838c2e4d22606c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 05 Mar 2025 08:03:37 GMT
date: Tue, 05 Mar 2024 08:03:37 GMT
x-content-type-options: nosniff
age: 14779
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2888
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:35:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 32EA 40 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 07:25:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7BD 0
0 39ms
38ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240229&jk=3676971400239924&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/2469615605381150846/images/ Frame A693 41 KB
41 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2469615605381150846/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b4f159626bd04a9f35552bfe5e944153a52aad56d7280f4f5bddf43209760b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2469615605381150846/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 14:37:03 GMT
date: Thu, 29 Feb 2024 14:37:03 GMT
x-content-type-options: nosniff
age: 423173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42036
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:35:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 32EA 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Udc2lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:09:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BBE 0
22 B 41ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1990933590738&version=m202401290101&ct=76&x=1&cor=8657584897791328000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240229&jk=3676971400239924&bg=!fH-lfzDNAAauXHXJjlw7ADQBe5WfOA72rmGOJKjbpy3r4-4lUg5O6GjW3116t6JXxghXNfWnc_Fda7JuMXZFEJFscuQdAgAAAEVSAAAAAmgBBwoAi40rYZFysn_rY5LTlS5CWDLj9Ndf-kWblujW1ZzQxKnxSkybjB10tj9n-K94qflQmYslvTA0p0ypBnwAf-RkPhrsrNVu6P2nPEwn8imTOWocY2F-_jZWfNvV2vyUBfMrFZIXSpz9c9FIK9Gmep5ud6TOM5krMojyFWLAHGwcJDYdmqkTE8fMGk1FqPiZAs6IwIbi9qnvOnCaT2YcYrRSNKSb-sHVx5cHrMZGSWyVYPtSBqEh_kAeXKuerjT0lJozV5f3DnkyjmjB-jO_wFIjS9z6cPPCIlt_5wl4rTJpyhDkMPY1CBiyzWasc8WuTEwoElnfdANN17fmqybDI1WEYmkUk8hHF2VdhLxX54DYyed-Ei-V6zEXnPsTROkdoyO4Y2TNOVFcxI_ibZ7fPkuGKeGO7cVcPL9Ikb5cE1Ki7HCfmCeIUmeXNeexlH1oC0t8fLibDjk5l1XKHwR-OPKMMOFih9q8L1ubD8WX_MQ091bCl9IsV8VVkOFM_dCJkmKBTUr5_AknnN-k0h707DKKI8x81TrIvirNhpzfULmnn9gAYT_9CGBT-R6AsmBFNqBxoZCFOQ_jjdLAECqEAfgEibDBk8gJRdhoj351L7102fG5uzoZhcAInrUotJ-cSGFa5tgQgojaIWkIpDER2jhCzUbO-Yr05ZP_UMeOoA_a7Xveksd6waNUNP-vp-ik8WB2qz-FvVBPPUJzY9E3cGK5NjdhvV4vAjZY5ESWvlSPHdP4nD7Rn-ZF5dTP4vVwRUrAjbap31GSLKLl3VES7MSBzbYoGFt0HhOBmxlq-T_PcXds9K_vfw50vx4VQdqiTIEUhXjkK0rMyMXJZY-2NXeNf3d2LWPzQ5jGR4yOa4ocAV-xm3Hxf2EOZOdwfd9ob0nA8cBI5pan_MrOUsI-03NT2yX8VQj4wLQIcRGVRikcSyRWn8YPYOHLtOth4-YPbbgHKwLw7CRj3-Kkfeb6eWABfGuhV4A-UG57hIPxL8jMtw7mgrrltrh1y1yV2Yi_BYxWSoUD26qp78H8upm4hruw7c14uc5QEoQQYEYLNnfov7MqPmVzIVoEeES28y6F9TnMsj9-baUuQuMbL-FbPqg4Qmes7zw4mL6-0uewqzBY8FuM9xO33oqArw40mfDP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mcmpiqq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87A3 0
22 B 39ms
39ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3341686345799&version=m202401290101&ct=76&x=1&cor=15745601939091212000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 71D6 42 B
66 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_I7lgpXwtlBd4Op82LFyon8FxM4d_zC81j61IaA1AxnWf8jD8l-_Dsw7PGJ3tZ6EVJew8WpdIQ08TmVwNbZSVB_JidG3k5VACLxX4G6UMfp-BVTrOZMCSn0UCMSQEXiPZ18QwyxAViBS0-brxxAOe4-Kv411vhA5skEFxWTDs&sai=AMfl-YTRAyT62wBGFdIcXJPSJ5OBJt__zzKhRQA-6ayT1W7uBAnGMZUkTYrxJSWnTtYnfRlCyFqvCkl050sKho-hiR5tgAXUzQwW8uCIdiev9hdDa_zH77MTkAcRQWGzZ1USvO6IhkCLS5fiF0pXCPNo&sig=Cg0ArKJSzL1Et1NYPMAgEAE&cid=CAQSTgB7FLtqnQqdu6iNjvh5AtOzCaBoAWT125wntM1M3jMBGrRZPrz_VyddbkZO18AJLnePeXRa5cN07BWTaneknz3n9L7pUomAoazeE2nCZRgB&id=lidarv&acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,338,273,488%26tos%3D2013,0,0,0,0%26mtos%3D2013,2013,2013,2013,2013%26amtos%3D0,0,0,0,0%26mcvt%3D2013%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2195%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D202%26dur%3D12693%26vmtime%3D2211%26dtos%3D2013%26dtoss%3D1%26dvs%3D2013%26dfvs%3D2013%26dvpt%3D2195%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2013%26co%3D557339504&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1709640595199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIks_nwovdhAMV6o4nAh0_5QSaEAAYACCmrJNiQhMIjry4wovdhAMVdEaRBR3KBgXj;dc_eps=AHas8cDOz1jskWm-i8xmCUlEtfHruFFepn8fqMj9Y2Kc-V6_aCUo9vcWDOmxStLWzYej2iB0EQg3vHfroLf-furaCjq_jS1E3g;met=1;acvw=sv%3D...
ade.googlesyndication.com/ddm/activity/ Frame 71D6 42 B
107 B 44ms
43ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIks_nwovdhAMV6o4nAh0_5QSaEAAYACCmrJNiQhMIjry4wovdhAMVdEaRBR3KBgXj;dc_eps=AHas8cDOz1jskWm-i8xmCUlEtfHruFFepn8fqMj9Y2Kc-V6_aCUo9vcWDOmxStLWzYej2iB0EQg3vHfroLf-furaCjq_jS1E3g;met=1;acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,338,273,488%26tos%3D2935,0,0,0,0%26mtos%3D2935,2935,2935,2935,2935%26amtos%3D0,0,0,0,0%26mcvt%3D2935%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3117%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D24%26pst%3D202%26dur%3D12693%26vmtime%3D3134%26dtos%3D922%26dtoss%3D2%26dvs%3D922%26dfvs%3D922%26dvpt%3D922%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2935,2935,2935,2935,2935%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2935%26co%3D557339505;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1709640595199;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 71D6 42 B
64 B 44ms
44ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CNKJBkgvnZY6rBvSMxdwPyo2UmA7piNbTdfuSv-SdEuCCoeanQhABIKLPxWpglfqagqwHoAHcxoqJKcgBBakC-SegnlMzsj6oAwHIA5sEqgSSAk_QlNEkcGP9wMmjYkAmsV6L0KkHzoMLArDCWMvsgnQqDScKbb1ltoCKkWlddgkGX3AxE5ZRMWoOPWkcEWj6tPLnxgQNIJJaMb4nQcM1Yq_cUcPqrX2cYTcFxv3klO7fAZpB9YJwA1R4PB8WJxqp0BiiHj1EP_xkH_cECZ0e5saMN50WQq4T9oVVL1vi9-AE3FWWuwB1mxBIYN9LavN_-iuf14fw5VZ3brjFmPyJCwM_yqNQA91pKu6WCpimOWPY4KisOhkPVlA4aVzDQhuzao4n1uozb1m7x294Q_qDruTRfrNgzhpxx1FDW_jwqVdrHFroWcvaJ6Pqzgl_vPMY--FT7iPR0CowpqMoZDkkKdsbebvABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIKwiA4YAQEAEYHzIHqoKA4J-ADToJgECAgISAgJQoSL39wTpYmpG3wovdhAOACgHICwHgCwGADAGqDQJERbAThMLxFtATANgTCogUAtgUAdAVAfgWAYAXAegXAQ&sigh=bd9VFJiTAag&label=videoplaytime25&ad_mt=3135&acvw=sv%3D961%26v%3D20240226%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,338,273,488%26tos%3D2935,0,0,0,0%26mtos%3D2935,2935,2935,2935,2935%26amtos%3D0,0,0,0,0%26mcvt%3D2935%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3117%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D24%26pst%3D202%26dur%3D12693%26vmtime%3D3134%26dtos%3D922%26dtoss%3D2%26dvs%3D922%26dfvs%3D922%26dvpt%3D922%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2935,2935,2935,2935,2935%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D808489750%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2935%26co%3D557339505&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1709640595199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4383418722826066&output=html&h=280&slotname=4904042479&adk=2396473200&adf=2902144500&pi=t.ma~as.4904042479&w=825&fwrn=4&fwrnh=100&lmt=1709640594&rafmt=1&format=825x280&url=https%3A%2F%2Fmcmpiqq.top%2F%3Fthread-79.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709640594062&bpp=1&bdt=525&idt=1&shv=r20240229&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=881236743585&frm=20&pv=1&ga_vid=1721056475.1709640594&ga_sid=1709640594&ga_hid=1313205084&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95325753%2C95320376%2C95321866%2C95324161%2C95325784%2C95326936&oid=2&pvsid=3676971400239924&tmod=1558946393&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mcmpiqq.top/	1970-01-20 21:18:00	Name: bbs_sid Value: ps4pphfuj6jab62bokm4rjncln
mcmpiqq.top/	1970-01-20 18:55:26	Name: cookie_test Value: djiihUSKAC9ZhNLTQGABqfJy8Db_2B1U_2FQdrUulGJ_2F40VLNU9z
.hm.baidu.com/	1970-01-21 04:30:00	Name: HMACCOUNT_BFESS Value: 4D2C7E1F78863AB3
mcmpiqq.top/	1969-12-31 23:59:59	Name: __tins__21505529 Value: %7B%22sid%22%3A%201709640594560%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201709642394560%7D
mcmpiqq.top/	1969-12-31 23:59:59	Name: __51cke__ Value:
mcmpiqq.top/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.mcmpiqq.top/	1970-01-21 03:39:36	Name: Hm_lvt_aa8d78d2a991292e1875b102dfe48d73 Value: 1709640595
.mcmpiqq.top/	1969-12-31 23:59:59	Name: Hm_lpvt_aa8d78d2a991292e1875b102dfe48d73 Value: 1709640595
.mcmpiqq.top/	1970-01-21 04:15:36	Name: __gads Value: ID=76aee260ab62f535:T=1709640594:RT=1709640594:S=ALNI_MaHnOF5fwCDxmK37fBO6JEJOR8s0A
.mcmpiqq.top/	1970-01-21 04:15:36	Name: __gpi Value: UID=00000d698d1b18d3:T=1709640594:RT=1709640594:S=ALNI_MYYeQR0yGSKZP6CajGKFFppaRf8AQ
.mcmpiqq.top/	1970-01-20 23:13:12	Name: __eoi Value: ID=3ee49bc9057c13ac:T=1709640594:RT=1709640594:S=AA-AfjbqkoJLPwYzbaCQvWa4SqEX
.doubleclick.net/	1970-01-20 23:13:12	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 18:54:04	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-21 04:30:00	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:39:36	Name: CMID Value: ZecLklVbLV8AAAlWABkHvgAA
.casalemedia.com/	1970-01-20 21:03:36	Name: CMPS Value: 5181
.casalemedia.com/	1970-01-20 21:03:36	Name: CMPRO Value: 5181
.doubleclick.net/	1970-01-20 23:13:12	Name: APC Value: AfxxVi7LJ3-AgMwQYlZ3GOADrfMhIUeOuPtbGVlz8jT45GMEk4zq4g
.adnxs.com/	1970-01-20 21:03:36	Name: XANDR_PANID Value: QWwktT8QhDvwOtuY4NJSAnp4PTzA8YOrJTb2iFvxB7gOCKUav5O01rIzM_9IBoGhTKn4grdlzGfcIAhfEeywqKxJ4zHdrLVLZZgc7KQ_UrI.
.adnxs.com/	1970-01-20 21:03:36	Name: uuid2 Value: 3079878005252565244
.doubleclick.net/	1970-01-21 04:15:36	Name: IDE Value: AHWqTUnDmSzpP22ISF-XSQhTpP0zVOhMK0ieUYFD6UaVAs50SKqnq_9onZxZXiu3Awo
m.exactag.com/	1970-01-20 21:03:36	Name: exactag_new_gk Value: cfd0e4b24ce846bd8c4b4882fde2e4d8%7C04.05.2024%2012%3A09%3A55
m.exactag.com/	1970-01-20 23:13:12	Name: exactag_new_uk Value: 65b44a48a3264ad0bf3fbbeb20968703%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 238a9ad90b5c44ceb2aa8174
.demdex.net/	1970-01-20 23:13:12	Name: demdex Value: 04812200535561517360606186980317240122
.skydeutschland.demdex.net/	1970-01-20 23:13:12	Name: skydeutschland Value: 04812200535561517360606186980317240122
.adnxs.com/	1970-01-20 21:03:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTvm5_mI!]tcg8i_iqf!oN/@E'zz<Z0QpR#w[S3M0at+/WT[)mJuf#XA@[)KuYj-!kJTD._PlZ[C[-kX-6V(?m
.travelaudience.com/	1970-01-21 04:24:14	Name: _tracker Value: %7B%22UUID%22%3A%227E7B381C-0D54-418E-04EA-DF7AD3FEB3F8%22%7D
.adfarm1.adition.com/	1970-01-20 21:03:36	Name: UserID1 Value: 7342850443449923743
.adform.net/	1970-01-20 19:38:38	Name: C Value: 1
.adform.net/	1970-01-20 20:20:24	Name: uid Value: 1036819355052901099
.simpli.fi/	1970-01-21 03:41:02	Name: suid Value: 419E5461C21042E89A27DBF1886A2A33
.tribalfusion.com/	1970-01-20 21:03:36	Name: ANON_ID Value: afntuJmge06ousnA6vvPCheIFNZdHQ31e6Zb8hPMY4aAOaUQKsG4QsamnZauA6eSDLl1FtMZaf7d45NTHllq1bLfTo44

144 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://mcmpiqq.top/?thread-79.htm(Line 444) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mcmpiqq.top/?thread-79.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ade.googlesyndication.com
ads.travelaudience.com
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hm.baidu.com
ia.51.la
ib.adnxs.com
imasdk.googleapis.com
js.users.51.la
m.exactag.com
mcmpiqq.top
pagead2.googlesyndication.com
pixel.adsafeprotected.com
r3---sn-4g5lznl7.c.2mdn.net
s.tribalfusion.com
s0.2mdn.net
skydeutschland.demdex.net
static.adsafeprotected.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.gstatic.com
103.235.46.191
142.250.184.226
142.250.185.130
142.250.186.130
154.211.15.189
163.181.92.235
172.64.151.101
178.250.1.9
185.89.211.116
203.107.86.226
23.219.216.4
2600:1f13:800:7782:fa8a:453b:3668:d090
2600:9000:26da:9400:8:48e:53c0:93a1
2606:4700::6812:18ad
2607:f8b0:400a:80a::2003
2a00:1450:4001:1c::8
2a00:1450:4001:806::2006
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2001
35.190.0.66
35.236.220.17
37.157.3.26
44.232.45.117
52.211.226.3
63.34.236.122
64.233.167.156
85.114.159.93
85.14.248.72
018050169771cf9946f9bdfa5284535a9d9c7c90616189d2a8a28f4046c2e792
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0527638da5cb4455dd25616e9113dc6d8b2a2d63989ee12ca78d780412d0d9bd
05770eb4147292926c124257fd14ab53c7f969a03c921bf2fc112257d4e80798
070550c7821764e949d81d059df4254f2d15ac68089c798c9ce4e0934f5dc464
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec26fc6755b272d976a91be1dfe7d0cbc1ed4c32b6c44bb9981f4d676e236fd
0eec2e3e361b1e81b0230cdf337ea87f94a75bcf0d9aed63b98e09d51fcba515
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18130d41cfa13c342fd6593fc292694bf4a4eee0aaf6f067657be312ed627afb
18686dc1d786db09e5ccb074f867807358d62e232a2ed3cb08556b6fc0aa5e2c
1966eb7cf96d5d97b64bebd9d220232fecd529f5570c042a9ebb3e1f980dd98a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
235be0ebe8f5ab6040ae571ad05509fbb51d8b96d67e088272f59354e1878684
280d5be3f0172c54794c9eb84130b1d3903cdfde02d95f15325358881b4ddc73
2866e8917942a3ef4fa7cf6eacd61e51a0534b17134b0d1219a5f1c7f3886bc8
2e315ad25a042ce30e18f50310c82300cecc4d1284e230ce7302cd1b8d665de6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
384002b5c7ca93ea41ecd7893e8bf015d9394608ea04c8b18c7914e87a850092
40d5ffc4c991206f4572d3d15ad44ef5386fb5683d40d0a7a11a72c0605d0d8f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4417db3e0a94f67044d631ce204c42930c942f9f4a256382ed3d1f40e5a07de7
4643cc09b7781e622ae5625a43f7f9bbdec8fe5cb6f36ab022fdf0d107934eb3
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b957b5f68da88dd939ba7f9543e60e22bd20f6a2ea09896a15a23a87c1a45a1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
5400a3dfc045561b7448c9910fa432b75c57506cb91c5405e8d1f2727c01397f
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
545467f135c9b2827524a447ad61ed4070c525822a8b23ece94955659a296157
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58bcd12224e4b53d88e2522bc6a2fbd881b6b0c9779981f76715f70eb67d0e52
5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f9ee9067d75753122088aabc384f05313d48c855af8da92d2838c2e4d22606c
72dc56075db25b8cb35e6192e07971f0044a7c8e3405976e9182f2708ea81e26
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
902aea836b9d18783322e1034ae317152d996c2a69b7afae68416ee8fa664ddb
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
93873af7a813c879f0cf347e3766be979509b08ce5147646101e1a5fb1f6c84d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4f159626bd04a9f35552bfe5e944153a52aad56d7280f4f5bddf43209760b4
9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05ff950824d8b08be92e73ba8d1f2bb375cd7e9f9272ce1d424e213a1ee2ca7
a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
ad5294d4c86a8dbc7ae7d78f9c12ba12e7a823cae7ff1b1a2523ca701ca671e2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b3a1ed0ea726d14b5a64504b365e9c009efa4e30e242a9550276f60df0ad6519
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bea6234767b68cbdd27f84b8be30cdcc0e88796a9019d5dffd3a663080a95290
c4f9c8e8bc991879beac20d773034e76bf154576b50d177b0575836ae9be52c6
c91ccbc3f5ee89592ed9642bf988e2b0f80a552a1f593e7d5adf19b83f6dbcce
cc8ff211b7f1d3ad102b1db4c61e38f9cbd777f9183292a50c540e9ac78a6174
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d82c517b10e60f8a4bac5ad3b85a46e5cf3faa0386387828d9d01594c98cc544
d944ffae1b0883b0232ea1004225f2ee7af53c5e0f8c40484e5f392eb41a1ba5
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
dfbe71f79027924813e031d92c59cf310324568ff27586d97ebfc770bce48974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed5216a99d280d089cb2a2b09e5fcbcbf8fbe54a428885c46f63fc1097127abe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
f34cf5ba670b3eae17378288357603fe520e0dff85b58097e492945dd35c4ed8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b4e779eea355f97221c949d95a8de10ad7bf1a95279b9fd9e770370b4ccc22
fc7510d1c4897a91cf86c80f0084aae535eba4d388cad1d1494ddce1f97d28d8
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

mcmpiqq.top Open in urlscan Pro 154.211.15.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

90 %HTTPS

43 %IPv6

21 Domains

36 Subdomains

30 IPs

7 Countries

5190 kBTransfer

9393 kBSize

33 Cookies

2 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mcmpiqq.top Open in urlscan Pro
154.211.15.189 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

90 %
HTTPS

43 %
IPv6

21
Domains

36
Subdomains

30
IPs

7
Countries

5190 kB
Transfer

9393 kB
Size

33
Cookies

183 HTTP transactions
3 data transactions