umgoblue.com Open in urlscan Pro
68.66.216.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://umgoblue.com/
Submission: On March 09 via api (March 9th 2023, 10:28:11 am UTC) from US — Scanned from DE

Summary HTTP 283 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 30 domains to perform 283 HTTP transactions. The main IP is 68.66.216.18, located in United States and belongs to A2HOSTING, US. The main domain is umgoblue.com.

This is the only time umgoblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	68.66.216.18 68.66.216.18	55293 (A2HOSTING) (A2HOSTING)
1 2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
33	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.53 65.9.95.53	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
6	65.9.95.31 65.9.95.31	16509 (AMAZON-02) (AMAZON-02)
1	34.239.70.11 34.239.70.11	14618 (AMAZON-AES) (AMAZON-AES)
4	52.222.205.62 52.222.205.62	16509 (AMAZON-02) (AMAZON-02)
83	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
7	52.222.236.99 52.222.236.99	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
4 17	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
4 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.19.228.69 52.19.228.69	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400f:80d::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:66::a	15169 (GOOGLE) (GOOGLE)
2 2	35.156.234.106 35.156.234.106	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:9000:211... 2600:9000:211e:3600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	2600:9000:212... 2600:9000:2127:400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
6	2600:1f13:800... 2600:1f13:800:7781:b391:a9e4:f6b9:982	16509 (AMAZON-02) (AMAZON-02)
283	37

25 68.66.216.18 (United States)

ASN55293 (A2HOSTING, US)
PTR: mi3-ss16.a2hosting.com

umgoblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assetscdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-53.prg50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.95.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-31.prg50.r.cloudfront.net

widget.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.70.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-70-11.compute-1.amazonaws.com

umgoblue.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.205.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-205-62.fra56.r.cloudfront.net

api-widget.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.222.236.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-99.fra56.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.39.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.228.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-69.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400f:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:66::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6nze.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.234.106 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-234-106.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.16 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7781:b391:a9e4:f6b9:982 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
108	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	1 MB
44	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 bid.g.doubleclick.net — Cisco Umbrella Rank: 701 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	292 KB
25	umgoblue.com umgoblue.com	429 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com csi.gstatic.com	284 KB
14	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 277 gcdn.2mdn.net — Cisco Umbrella Rank: 1117 r5---sn-4g5e6nze.c.2mdn.net	2 MB
13	sndcdn.com widget.sndcdn.com — Cisco Umbrella Rank: 33878 i1.sndcdn.com — Cisco Umbrella Rank: 10169	516 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 723 static.adsafeprotected.com — Cisco Umbrella Rank: 538 dt.adsafeprotected.com — Cisco Umbrella Rank: 518	100 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 448	138 KB
9	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	130 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	340 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 423	5 KB
5	soundcloud.com w.soundcloud.com — Cisco Umbrella Rank: 14524 api-widget.soundcloud.com — Cisco Umbrella Rank: 31381	15 KB
4	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 18457 umgoblue.pushengage.com assetscdn.pushengage.com — Cisco Umbrella Rank: 35039	72 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 568	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	21 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 341	961 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 578	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 705	491 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 719	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8682	696 B
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 41	44 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 751	45 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5984	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31559	611 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 700	443 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1444	350 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1513	174 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	603 B
283	30

	Domain	Requested by
75	tpc.googlesyndication.com	googleads.g.doubleclick.net umgoblue.com tpc.googlesyndication.com cdn.ampproject.org imasdk.googleapis.com pagead2.googlesyndication.com
33	pagead2.googlesyndication.com	umgoblue.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
25	umgoblue.com	umgoblue.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net umgoblue.com
17	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net umgoblue.com
11	s0.2mdn.net	umgoblue.com s0.2mdn.net googleads.g.doubleclick.net
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
8	fonts.googleapis.com	umgoblue.com googleads.g.doubleclick.net s0.2mdn.net
7	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	i1.sndcdn.com	umgoblue.com widget.sndcdn.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	widget.sndcdn.com	w.soundcloud.com widget.sndcdn.com
6	fonts.gstatic.com	fonts.googleapis.com
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	api-widget.soundcloud.com	widget.sndcdn.com
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ap.lijit.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	googleads4.g.doubleclick.net	umgoblue.com
2	onetag-sys.com	1 redirects googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pm.w55c.net	2 redirects
2	r5---sn-4g5e6nze.c.2mdn.net	googleads.g.doubleclick.net umgoblue.com
2	fw.adsafeprotected.com	1 redirects umgoblue.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	clientcdn.pushengage.com	umgoblue.com
2	www.googletagmanager.com	1 redirects umgoblue.com
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	assetscdn.pushengage.com	umgoblue.com
1	umgoblue.pushengage.com	clientcdn.pushengage.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	w.soundcloud.com	umgoblue.com
283	48

This site contains links to these domains. Also see Links.

Domain
fanatics.ncw6.net
podcasts.apple.com
open.spotify.com
www.pandora.com
montag.org
mgoblue.com
bigten.org
podcasts.google.com
www.stitcher.com
www.subscribebyemail.com
feeds.soundcloud.com
soundcloud.com
fightingillini.com
iuhoosiers.com
scarletknights.com
uwbadgers.com
msuspartans.com
www.facebook.com
twitter.com
wordpress.org
www.pushengage.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.pushengage.com AlphaSSL CA - SHA256 - G4	`2023-02-07` - `2024-03-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
umgoblue.com cPanel, Inc. Certification Authority	`2023-01-07` - `2023-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2023-01-24` - `2024-02-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2023-01-24` - `2024-02-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-10` - `2023-05-27`	4 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-09` - `2023-12-03`	10 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-21` - `2023-05-02`	2 months	crt.sh

This page contains 33 frames:

Primary Page: http://umgoblue.com/
Frame ID: 8BDAC7C3A4D7FD073A3144180D644F62
Requests: 47 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Fusers%2F167713575&show_artwork=true&maxheight=788&maxwidth=525
Frame ID: D43CD748922260CE574917673F705793
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
Frame ID: FC56AD2935E0BAA9799120341BA09EF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&adk=1812271804&adf=3025194257&lmt=1678357685&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fumgoblue.com%2F&ea=0&pra=5&wgl=1&dt=1678357684838&bpp=11&bdt=846&idt=221&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7942794858893&frm=20&pv=2&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Frame ID: 9A90662C2A86AF223C5A6B36130B9473
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678357685&rafmt=1&to=qs&pwprc=7466624695&format=1200x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678357684849&bpp=2&bdt=858&idt=287&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XzvCmkziDS&p=http%3A//umgoblue.com&dtd=289
Frame ID: C9CF930570F12B1E46F6A36DC23984BF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39
Frame ID: 4FF2B881D53AC57252579A60AD7EA1CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72
Frame ID: D11305BD224DC5892E0FF08E15150503
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83
Frame ID: E43EDDF971C178433AAB82A7105BF295
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Frame ID: 6CB6E85DDFF462EFE2361951708B12DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 565FCCA3BEBA51B96054544029985DBE
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3B27296F6B3A77A4C84B4390A7C9B226
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: F081E8F76CB695753A218672864FB494
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: EB4C1BC96DFD03FE5ADCCC8B1AE26698
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html
Frame ID: 0926B6420EBC3EFE6B36189959E45282
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CF860trQJZOP1FdeCwuIPlpqlyAuvt7S8bfKX6Z3iENqy287BLBABIOCHvgNglbqAgpgHoAHxqMbOA8gBCakCKPar-Xe0sT6oAwHIA0iqBMsBT9B4FtUSlq97vMyh2TX76Whr91gu1jFQmD_76oe9NYAdrgYyIm_XvcKiA-Y213XKRVPabzWONadVpOgQL7sQi5YLF_1Z34fo3Hv7Z-egRp-ADHCriLC3orvMx3CXBy4A7o1cB3bWUhrTMePs63wZK5SWqOEo5Qt5h4vP6CsWFC0nT-72HsC6fkEl1Vgc61qO9nm9P8ysoaMP-uePh9lB-oVg82hq_K6xJ_UP_nFbDgl2leVzvd-mZ_V2rfuD-Jn2-WNH_eENhA7mZCLABLr_2fHxA5IFBAgEGAGSBQQIBRgEoAYugAf31rkxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgeEi0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=ssrYU8tbJfc&uach_m=[UACH]&cid=CAQSOwDUE5ymhq-hjAVbvzXhIoPZMhq5TPbND9cXw5zuzyQzGNYwxbbwawnEHBv6s0R7RNsKWxlzBsSTRj0tGAE&template_id=419
Frame ID: AD88656AEBB1371C96FC17963B2C311A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAximkrrXATAB&v=APEucNURAIbwUr-aT6pOnB8c9R96mCCxnEP_NkiWN41mCaTwoIZZfZrdGH8xb2l6NmHVRsYQFHOiaD_sIcsgrtGs1Nv3gFAleqCfvKvWEzKhtkEMVWT_FFUKJRKRcuSIaEGJvCwh6dybYF2WebLKHWs9Rth9jpIBumGE3DdWvrSVuYofVpd-KgY
Frame ID: B74EC40A4425F76A0FD2F74CFDF2ED72
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9CCD89DAD05C97E313F1362405DB03F8
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A4CF46DF372F23C34B8C8C7FBB4342AF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F8D64C25211E170743DBF29CE0FFF567
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: 20CE394A03F1A2DEF435B836F8ADC986
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 66C1E42BF482643891228BD1BE7A183E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 175748FA35F2007B93DB057CE6DA07E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 793E45B1A1F166FD3A7490A883E257F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 18AEC448FF138C4C6508A8E1A75C6003
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: CA3F4124973332CCB03293D22E38C39B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 992EDFD1A32DEEE3DB0A98EFE7A33707
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FAE02F72F5C64E878A4E69EBC0A9C09B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
Frame ID: 7A52A4B1A7026E19CB29E22048B73257
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8BC1A195D98E5C9E70C957F97F68A3B2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3793A4C917592FEB9EA6473E2731E3C1
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 39A06924C291103E795D45931E6B6470
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 105BB58DE5FF2EFCAA087A83E7799822
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6390C811796C9A43520CAC87CA0A2CA5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UMGOBLUE.COM Michigan Wolverine Football & Basketball - By Fans...For Fans Since 1999

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

283
Requests

87 %
HTTPS

48 %
IPv6

30
Domains

48
Subdomains

37
IPs

8
Countries

5677 kB
Transfer

11038 kB
Size

22
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://fanatics.ncw6.net/c/2223549/621102/9663
Title: Get Gear

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/umgoblue-com-university-michigan-wolverine-football/id290631774
Title: Listen on Apple

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/2ZuD3zkfq3PdYUSXbYwOPJ
Title: Listen on Spotify

Search URL Search Domain Scan URL

URL: https://www.pandora.com/podcast/umgobluecom-university-of-michigan-wolverine-football-commentary/PC:24422
Title: Listen on Pandora

Search URL Search Domain Scan URL

URL: http://montag.org/NBN/
Title: Nothing but Net Archive

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/3/2/mens-basketball-michigan-drops-double-overtime-heartbreaker-at-illinois.aspx
Title: On Thursday (03/02/2023), they lost at Illinois 91-87

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/3/5/mens-basketball-michigan-drops-overtime-battle-at-no-15-indiana.aspx
Title: on Sunday (03/05/2023), they lost at (#15) Indiana 75-73

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/stats/2022-23/illinois/boxscore/24763
Title: The game stats for the Illinois game

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/stats/2022-23/indiana/boxscore/24764
Title: The game stats for the Indiana game

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/kobe-bufkin/21863
Title: Kobe Bufkin

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/hunter-dickinson/21122
Title: Hunter Dickinson

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/jett-howard/23514
Title: Jett Howard

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/dug-mcdaniel/23517
Title: Dug McDaniel

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/will-tschetter/21867
Title: Will Tschetter

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/terrance-williams-ii/21124
Title: Terrance Williams II

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/tarris-reed-jr-/23518
Title: Tarris Reed, Jr.

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/joey-baker/23512
Title: Joey Baker

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/jace-howard/21125
Title: Jace Howard

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/isaiah-barnes/21862
Title: Isaiah Barnes

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/gregg-glenn-iii/23513
Title: Gregg Glenn III

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/youssef-khayat/23516
Title: Youssef Khayat

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/ian-burns/22253
Title: Ian Burns

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/jackson-selvala/23511
Title: Jackson Selvala

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/roster/cooper-smith/23510
Title: Cooper Smith

Search URL Search Domain Scan URL

URL: https://bigten.org/sports/2022/10/20/2023MBBT.aspx
Title: Big Ten Tournament

Search URL Search Domain Scan URL

URL: https://bigten.org/documents/2022/10/21/2023_MBB_Tournament_Bracket.pdf?id=7659
Title: Here’s the complete bracket

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/2/23/mens-basketball-michigan-defense-shines-in-gritty-road-win-over-rutgers.aspx
Title: Rutgers once this season, back on 02/23/2023, on the road, and UM won handily, 58-45

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/1/26/mens-basketball-u-m-battles-but-unable-to-defeat-no-1-ranked-purdue-at-crisler.aspx
Title: Purdue once this season, on 01/26/2023 in Ann Arbor, and they almost beat them, losing 75-70

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGNsb3VkLmNvbS91c2Vycy9zb3VuZGNsb3VkOnVzZXJzOjE2NzcxMzU3NS9zb3VuZHMucnNz
Title: Google Podcasts

Search URL Search Domain Scan URL

URL: https://www.stitcher.com/show/umgobluecom-by-fansfor-fans
Title: Stitcher

Search URL Search Domain Scan URL

URL: http://www.subscribebyemail.com/feeds.soundcloud.com/users/soundcloud:users:167713575/sounds.rss
Title: Email

Search URL Search Domain Scan URL

URL: https://feeds.soundcloud.com/users/soundcloud:users:167713575/sounds.rss
Title: RSS

Search URL Search Domain Scan URL

URL: https://soundcloud.com/umgoblue
Title: Podcast Archive

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/2/26/mens-basketball-dickinsons-buzzer-beater-forces-ot-in-u-m-win-over-wisconsin.aspx
Title: on Sunday (02/26/2023), they beat Wisconsin 87-79 in overtime

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/stats/2022-23/rutgers/boxscore/24761
Title: The game stats for the Rutgers game

Search URL Search Domain Scan URL

URL: https://mgoblue.com/boxscore.aspx?path=mbball&id=24762
Title: The game stats for the Wisconsin game

Search URL Search Domain Scan URL

URL: https://fightingillini.com/sports/mens-basketball?path=mbball
Title: Illinois

Search URL Search Domain Scan URL

URL: https://iuhoosiers.com/sports/mens-basketball?path=mbball
Title: Indiana

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/2/11/mens-basketball-late-scoring-pushes-hoosiers-past-wolverines.aspx
Title: Michigan played IU in Crisler a couple weeks ago (02/11/2023), and lost a heartbreaker, 62-61

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/2/15/mens-basketball-late-game-defense-not-enough-as-michigan-falls-at-wisconsin.aspx
Title: On Tuesday (02/14/2023), they lost at Wisconsin 64-59

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/2/18/mens-basketball-emotional-evening-sees-michigan-rally-for-maize-out-victory-over-michigan-state.aspx
Title: on Saturday (02/18/2023), they beat Michigan State 84-72

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/stats/2022-23/wisconsin/boxscore/24759
Title: The game stats for the Wisconsin game

Search URL Search Domain Scan URL

URL: https://mgoblue.com/boxscore.aspx?path=mbball&id=24760
Title: The game stats for the MSU game

Search URL Search Domain Scan URL

URL: https://scarletknights.com/sports/mens-basketball?path=mbball
Title: Rutgers

Search URL Search Domain Scan URL

URL: https://uwbadgers.com/sports/mens-basketball?path=mbball
Title: Wisconsin

Search URL Search Domain Scan URL

URL: https://mgoblue.com/news/2023/2/8/mens-basketball-high-octane-offense-fuels-michigan-win-over-nebraska.aspx
Title: On Wednesday (02/08/2023), they beat Nebraska 93-72

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/stats/2022-23/nebraska/boxscore/24757
Title: The game stats for the Nebraska game

Search URL Search Domain Scan URL

URL: https://mgoblue.com/sports/mens-basketball/stats/2022-23/indiana/boxscore/24758
Title: The game stats for the Indiana game

Search URL Search Domain Scan URL

URL: https://msuspartans.com/sports/mens-basketball?path=mbball
Title: Michigan State

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RyanCallihanREALTEAM/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HailMichigan
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/UMGoBlog
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.pushengage.com/
Title: Powered by PushEngage

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.googletagmanager.com/gtag/js?id=UA-270203-1 HTTP 302
https://www.googletagmanager.com/gtag/js?id=UA-270203-1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAm0t1J0kg-18hw4pmTF1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCOD4n1nqTGSxU1LPGL92g&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2ODE0OTI5NzY5MjEwNjIxNQ%3D%3D

Request Chain 197

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 218

https://gcdn.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/641B36D0042259FA5C8D4D135CFEBEC0FFFFAE27.9BEEC7C762848C702AD70F3ADFAD868D5239BBAD/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nze.c.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5BE620E461ACF15284FDE7980E0F30294B33BCBB.596D5C6194333B52762901EDDA5BDC09A933AB1E/key/cms1/cms_redirect/yes/mh/EQ/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5e6nze/ms/onc/mt/1678357254/mv/m/mvi/5/pl/29/file/file.mp4

Request Chain 222

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cver=1&google_push=Aa02lx_1T8P3ggDFnbv4V5Nde8rletafsnJ9mTXSV5MuRdZb5Er7ReAJ-hOw-cDHvfwxwKpHPgmjCHZitcwWxbkstdqv4cukf5PLw1o HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cver=1&google_push=Aa02lx_1T8P3ggDFnbv4V5Nde8rletafsnJ9mTXSV5MuRdZb5Er7ReAJ-hOw-cDHvfwxwKpHPgmjCHZitcwWxbkstdqv4cukf5PLw1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MU5EN3llY3ExUEFkdmg1&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cver=1&google_push=Aa02lx_1T8P3ggDFnbv4V5Nde8rletafsnJ9mTXSV5MuRdZb5Er7ReAJ-hOw-cDHvfwxwKpHPgmjCHZitcwWxbkstdqv4cukf5PLw1o

Request Chain 225

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJzuBavJUC9P7PFcQwisEbI&google_cver=1&google_push=Aa02lx9g74h3HZGIdd0tKSeluPHH2wjOAoQVVrazyoEPlMI1xVp5_XWNjMoeSRDEh9-tVpgDDNb6nn8QSl4RLPjcl_W7_k_szKNGdd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzuBavJUC9P7PFcQwisEbI&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx9g74h3HZGIdd0tKSeluPHH2wjOAoQVVrazyoEPlMI1xVp5_XWNjMoeSRDEh9-tVpgDDNb6nn8QSl4RLPjcl_W7_k_szKNGdd8

Request Chain 226

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI7TePSXAuJ1zs4pAZq36pc&google_cver=1&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hDoLkUN9kRsEWvCg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI7TePSXAuJ1zs4pAZq36pc&google_cver=1&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hDoLkUN9kRsEWvCg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hDoLkUN9kRsEWvCg&google_hm=GR_UrGZHYyI4NBJHQMCnI4ju

Request Chain 227

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOngztYdL9votPk-GcqWFdI&google_cver=1&google_push=Aa02lx9ZOQz72sNwMs6WTU596tgDYXk3NSKheietw4ajXZaHwYv2vy7dXnXJGwOa92f8i4eBeo5_zQOsFYYfXTbjq9YNiMdhWYSJkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ZOQz72sNwMs6WTU596tgDYXk3NSKheietw4ajXZaHwYv2vy7dXnXJGwOa92f8i4eBeo5_zQOsFYYfXTbjq9YNiMdhWYSJkg

Request Chain 228

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF8USJKko7NUleE6RzmgSuY&google_cver=1&google_push=Aa02lx-LQn9_jf22QmTxzI7OlnFJPvZEw-imM7rBlpI4ItH2m83DY1kzFLrRGAGJouVx43KUOwtTm6YsQPqPp9H7baUDVeqBptcDZACi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-LQn9_jf22QmTxzI7OlnFJPvZEw-imM7rBlpI4ItH2m83DY1kzFLrRGAGJouVx43KUOwtTm6YsQPqPp9H7baUDVeqBptcDZACi HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 247

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECbCduN-ZZx3L-HouMFALi0&google_cver=1&google_push=Aa02lx-oUsdU5ebp75MHTxMQ24rKH4pRCSeav2fCuGdhPcehAH-B68oyQHvxQwyZCqqBIqiUFz_mQPf6LlQhFy7UbNz-hnEvvOSUwo8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-oUsdU5ebp75MHTxMQ24rKH4pRCSeav2fCuGdhPcehAH-B68oyQHvxQwyZCqqBIqiUFz_mQPf6LlQhFy7UbNz-hnEvvOSUwo8&google_hm=VDSq32E5Rvu0Wh9TZj4H9xk

Request Chain 248

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMR7ylUXLpSQiTblUfE7nb4&google_cver=1&google_push=Aa02lx_gZkBqzP9UH1v43Xsqr12rCrGGEJU8m-Pi2UdzgI6idZPJi2cIbF_fw_KMyAJj2hVMPpD4teRt6BruJpoS6wKYuYSGf1d17Sw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f6HW1XaqRw-wyl826Lm6kw2&google_push=Aa02lx_gZkBqzP9UH1v43Xsqr12rCrGGEJU8m-Pi2UdzgI6idZPJi2cIbF_fw_KMyAJj2hVMPpD4teRt6BruJpoS6wKYuYSGf1d17Sw

Request Chain 249

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELQiks9nFPfCd0uB7UPJvUA&google_cver=1&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNtoxuLsWpi98TsG1WF0AZgO4nQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELQiks9nFPfCd0uB7UPJvUA&google_cver=1&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNtoxuLsWpi98TsG1WF0AZgO4nQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDI2ODU5Mzg3Njk4NzY3OA&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNtoxuLsWpi98TsG1WF0AZgO4nQ

Request Chain 250

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBiYE2UgrZvo6EXxbzPFkyc&google_cver=1&google_push=Aa02lx8gsOc_iu6Lcm2-1_6jewuaIjwS887OJRjWpOAkiarnmkCZ65Fj93a5UqwU_DuLhIJpR9MilDfvUbYF0hm_aJNtliTRq0kGMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiYE2UgrZvo6EXxbzPFkyc&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx8gsOc_iu6Lcm2-1_6jewuaIjwS887OJRjWpOAkiarnmkCZ65Fj93a5UqwU_DuLhIJpR9MilDfvUbYF0hm_aJNtliTRq0kGMg

Request Chain 251

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJBc_qD42GgjifY2b0Z-SuQ&google_cver=1&google_push=Aa02lx9mHDEy8qRF33VPAGCCaLP0yz2aE_mUtD5HRoBVyK2llnUtxW9bh9ht2CHfTYakd6qBgnThFrBH81kVNh7Hm2yjHDPIBYFcng HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mHDEy8qRF33VPAGCCaLP0yz2aE_mUtD5HRoBVyK2llnUtxW9bh9ht2CHfTYakd6qBgnThFrBH81kVNh7Hm2yjHDPIBYFcng&google_hm=GR_UrGZHYyI4NBJHQMCnI4ju

Request Chain 252

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENkOKFp4r-1zpFYjcdrQblc&google_cver=1&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0lvJvRo HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0lvJvRo&google_gid=CAESENkOKFp4r-1zpFYjcdrQblc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDcwMDg2MTE0NDMxOTA0NjM2Nzc0OA%3D%3D&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0lvJvRo

Request Chain 255

https://fw.adsafeprotected.com/rfw/st/1221363/66729850/skeleton.js?adsafe_url=http%3A%2F%2Fumgoblue.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fumgoblue.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8609180512058798%26output%3Dhtml%26h%3D280%26adk%3D405040636%26adf%3D2702458825%26pi%3Dt.aa~a.1862092094~i.17~rp.4%26w%3D524%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678357686%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D7466624695%26ad_type%3Dtext_image%26format%3D524x280%26url%3Dhttp%253A%252F%252Fumgoblue.com%252F%26fwr%3D0%26pra%3D3%26rh%3D131%26rw%3D524%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1678357686286%26bpp%3D2%26bdt%3D2294%26idt%3D2%26shv%3Dr20230306%26mjsv%3Dm202302210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D662a60b5adeb0cd2-2205a18147dd00e3%253AT%253D1678357685%253ART%253D1678357685%253AS%253DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ%26gpic%3DUID%253D00000bc2a337383b%253AT%253D1678357685%253ART%253D1678357685%253AS%253DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw%26prev_fmts%3D0x0%252C1200x280%252C524x280%252C524x280%252C524x280%26nras%3D6%26correlator%3D7942794858893%26frm%3D20%26pv%3D1%26ga_vid%3D557805611.1678357685%26ga_sid%3D1678357685%26ga_hid%3D1820241465%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D348%26ady%3D4405%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44777876%252C44759842%252C44782468%252C21065725%252C31071663%26oid%3D2%26pvsid%3D3520618161028826%26tmod%3D718982155%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26xpc%3DVAk0jDkCdQ%26p%3Dhttp%253A%2F%2Fumgoblue.com%26dtd%3D89&adsafe_type=bed&adsafe_jsinfo=,id:98a2de31-3d06-28e6-1b0a-21acd2fa5455,c:6mjlId,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-q2wnq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:172,mot:0,app:0,maw:0,fm:ty09OEx+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C171%7C172%7C181%7C191*.1221363-66729850%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d1,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:193,oid:153e4512-be65-11ed-b781-8ecf7ec059cc,v:19.8.397,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

283 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
umgoblue.com/ 158 KB
41 KB 998ms
373ms Document
text/html 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / PHP/7.4.33

Resource Hash

cd64d71cff2ad3450c12299c5e5b85e65a7929136759f40724f3863ed99bf1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=30
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 10:28:04 GMT
Expires: Thu, 09 Mar 2023 10:28:34 GMT
Keep-Alive: timeout=3, max=500
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Upgrade: h2,h2c
X-Cache-Handler: cache-enabler-engine
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.33

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-270203-1
https://www.googletagmanager.com/gtag/js?id=UA-270203-1

112 KB
44 KB

152ms
61ms

Script
application/javascript

2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-270203-1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

090ad4781e584e308f8d1d075c6ac3fabcaf0ab243f87462fcbc432d7fe44209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44766
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 10:28:04 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-270203-1
Date: Thu, 09 Mar 2023 10:28:04 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 252
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
umgoblue.com/wp-content/plugins/ngg-image-chooser-block/ 704 B
979 B 256ms
128ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/ngg-image-chooser-block/style.css?ver=1631068135&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

51c173c836a92f058dc07a41f276f9f00e2f7f95cbaa5e3cbfbc42a9b220ff7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Upgrade, Keep-Alive
Content-Length: 329
Pragma: public
Last-Modified: Wed, 08 Sep 2021 02:28:55 GMT
Server: Apache
ETag: "2c0-5cb72a4ccb661-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK style.min.css
umgoblue.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 264ms
136ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Upgrade, Keep-Alive
Content-Length: 12518
Pragma: public
Last-Modified: Wed, 16 Nov 2022 03:11:06 GMT
Server: Apache
ETag: "172a9-5ed8dd2cad895-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK classic-themes.min.css
umgoblue.com/wp-includes/css/ 217 B
838 B 263ms
135ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-includes/css/classic-themes.min.css?ver=1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Upgrade, Keep-Alive
Content-Length: 189
Pragma: public
Last-Modified: Thu, 03 Nov 2022 03:41:07 GMT
Server: Apache
ETag: "d9-5ec88ba32fbe7-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK jquery-a-tabs.css
umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/css/ 4 KB
2 KB 258ms
130ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/css/jquery-a-tabs.css?6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

0947a83848cc9cc08eb83d6f23b5753d3e192d74aafe6c62973a19fa1e460fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Upgrade, Keep-Alive
Content-Length: 1070
Pragma: public
Last-Modified: Mon, 22 Oct 2018 14:53:30 GMT
Server: Apache
ETag: "1147-578d26a926e80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK wpautbox.css
umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/css/ 12 KB
2 KB 368ms
129ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/css/wpautbox.css?6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

b4baf37baa236472776afcb7d7e7ed5ea9a112a8325cdc83b7d3afbd26e853e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 1631
Pragma: public
Last-Modified: Mon, 22 Oct 2018 14:53:30 GMT
Server: Apache
ETag: "2e5c-578d26a926e80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK elusive-icons.css
umgoblue.com/wp-content/plugins/wp-author-box-lite/includes/ReduxFramework/ReduxCore/assets/css/vendor/elusive-icons/ 21 KB
5 KB 393ms
129ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/wp-author-box-lite/includes/ReduxFramework/ReduxCore/assets/css/vendor/elusive-icons/elusive-icons.css?ver=6.1.1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

bf4d5878837bf3ee29a804c9395714067fd0268efbd1b8bbaafc8dd295784e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 4009
Pragma: public
Last-Modified: Mon, 22 Oct 2018 14:53:30 GMT
Server: Apache
ETag: "52b9-578d26a926e80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 91ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e37a272d467ad23b5b701f1e3df186cbabba73745947e5c3c587f5ef23cc6a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:35:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:04 GMT

GET
H/1.1 200
OK style.css
umgoblue.com/wp-content/themes/twentyseventeen/ 82 KB
16 KB 396ms
131ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/themes/twentyseventeen/style.css?ver=20201208&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

d88399ee06fe5b54f7731f1253503994a15605d3b05953009e7d06ad01ecafe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 15946
Pragma: public
Last-Modified: Fri, 26 Aug 2022 02:25:29 GMT
Server: Apache
ETag: "148bf-5e71ba0acdca2-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK blocks.css
umgoblue.com/wp-content/themes/twentyseventeen/assets/css/ 10 KB
3 KB 393ms
129ms Stylesheet
text/css 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220524&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

e16b1d80468a160382877f64cc3b42f6493af811549b6e3173feb5d5503a02e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 1947
Pragma: public
Last-Modified: Fri, 26 Aug 2022 02:25:29 GMT
Server: Apache
ETag: "29f5-5e71ba0ad26da-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK frontend-gtag.min.js Show response
umgoblue.com/wp-content/plugins/google-analytics-premium/assets/js/ 12 KB
4 KB 499ms
131ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.12.1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 3246
Pragma: public
Last-Modified: Fri, 13 Jan 2023 03:13:15 GMT
Server: Apache
ETag: "2e7a-5f21c9d4c4cad-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK jquery.min.js Show response
umgoblue.com/wp-includes/js/jquery/ 88 KB
31 KB 517ms
137ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 30995
Pragma: public
Last-Modified: Thu, 03 Nov 2022 03:40:59 GMT
Server: Apache
ETag: "15e54-5ec88b9c42d0d-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
umgoblue.com/wp-includes/js/jquery/ 11 KB
5 KB 522ms
129ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 4169
Pragma: public
Last-Modified: Sun, 20 Dec 2020 17:46:44 GMT
Server: Apache
ETag: "2bd8-5b6e8ecbc8900-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 e57a99e2-8a39-4a2f-ad54-6e22e5bfd694.js Show response
clientcdn.pushengage.com/core/ 116 KB
28 KB 243ms
68ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/e57a99e2-8a39-4a2f-ad54-6e22e5bfd694.js
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: b57fd05bf99436d3e4b58ee3fb0aa05b1519fb13e90681228c3265c0cffdf360

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:04 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-cachedat: 03/09/2023 10:28:04
cdn-pullzone: 1148540
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=180
cdn-requestid: b9112485fc8e6fdd9cea1d9521583088
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
48 KB 126ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8609180512058798

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a97434099b6b8fcd0b664d7ddcd9552b7caf23d8b79d0424b9d9836347ed734d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Origin: http://umgoblue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48895
x-xss-protection: 0
server: cafe
etag: 6298280117465525639
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:04 GMT

GET
H2 200 cropped-2022_UM_Edwards_vs_OSU_3-scaled-1.jpg
umgoblue.com/wp-content/uploads/2022/12/ 192 KB
191 KB 634ms
376ms Image
image/jpeg 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umgoblue.com/wp-content/uploads/2022/12/cropped-2022_UM_Edwards_vs_OSU_3-scaled-1.jpg

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

ae77883b5b8c478c9bbd00028cff76d56fd0660e72e958174628c28ebab97815

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: public
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:28:05 GMT
last-modified: Tue, 06 Dec 2022 03:56:43 GMT
server: Apache
etag: "2feee-5ef20caca2f08-gzip"
x-powered-by: W3 Total Cache/0.9.4.6.4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, public, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 cropped-2022-Logo_2.jpg
umgoblue.com/wp-content/uploads/2022/11/ 16 KB
16 KB 632ms
374ms Image
image/jpeg 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umgoblue.com/wp-content/uploads/2022/11/cropped-2022-Logo_2.jpg

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

2b59d4872d5b6c538d7886c0ec032a397971f5379e925008a46319e8476530f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:28:05 GMT
x-powered-by: W3 Total Cache/0.9.4.6.4
content-length: 16256
pragma: public
last-modified: Sat, 05 Nov 2022 15:39:14 GMT
server: Apache
etag: "3fff-5ecbafe12311f-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, public, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
umgoblue.com/wp-includes/js/ 18 KB
6 KB 128ms
127ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 5009
Pragma: public
Last-Modified: Sun, 05 Jun 2022 19:14:53 GMT
Server: Apache
ETag: "48b9-5e0b82b920345-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 e57a99e2-8a39-4a2f-ad54-6e22e5bfd694.js Show response
clientcdn.pushengage.com/core/ 116 KB
28 KB 140ms
104ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/e57a99e2-8a39-4a2f-ad54-6e22e5bfd694.js?ver=6.1.1
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: b57fd05bf99436d3e4b58ee3fb0aa05b1519fb13e90681228c3265c0cffdf360

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:04 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-cachedat: 03/09/2023 10:28:04
cdn-pullzone: 1148540
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=180
cdn-requestid: 03c66231d6df4b5fa58b16393c6c007f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jquery.a-tab.js Show response
umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/js/ 4 KB
2 KB 129ms
129ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/js/jquery.a-tab.js?ver=6.1.1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

3bb2e576d9f3832a1e08f0f8942b1c62948ec920b79fe30e5f39af55ea33270c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 1413
Pragma: public
Last-Modified: Mon, 22 Oct 2018 14:53:30 GMT
Server: Apache
ETag: "1196-578d26a926e80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK jquery.wpautbox.js Show response
umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/js/ 465 B
934 B 131ms
131ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/plugins/wp-author-box-lite/lib/js/jquery.wpautbox.js?ver=6.1.1&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

09db37b8fdb1555b3bbd2699777eaaa49ec4f3ad86f4c153c2a7c4573f506703

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 294
Pragma: public
Last-Modified: Mon, 22 Oct 2018 14:53:30 GMT
Server: Apache
ETag: "1d1-578d26a926e80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
umgoblue.com/wp-content/themes/twentyseventeen/assets/js/ 683 B
1 KB 134ms
131ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 416
Pragma: public
Last-Modified: Fri, 26 Aug 2022 02:25:29 GMT
Server: Apache
ETag: "2ab-5e71ba0ad079a-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK navigation.js Show response
umgoblue.com/wp-content/themes/twentyseventeen/assets/js/ 4 KB
2 KB 136ms
133ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

1c98a8d8813ac4e8d1d79e5b5981c41ecce80bfdb7e55b70430e429690a0dbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 1161
Pragma: public
Last-Modified: Fri, 26 Aug 2022 02:25:29 GMT
Server: Apache
ETag: "eb0-5e71ba0ad0b82-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK global.js Show response
umgoblue.com/wp-content/themes/twentyseventeen/assets/js/ 8 KB
3 KB 132ms
129ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Keep-Alive
Content-Length: 2638
Pragma: public
Last-Modified: Fri, 26 Aug 2022 02:25:29 GMT
Server: Apache
ETag: "1e91-5e71ba0ad03b2-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H/1.1 200
OK jquery.scrollTo.js Show response
umgoblue.com/wp-content/themes/twentyseventeen/assets/js/ 6 KB
3 KB 133ms
129ms Script
application/x-javascript 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://umgoblue.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2&6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

HTTP/1.1

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: W3 Total Cache/0.9.4.6.4
Connection: Upgrade, Keep-Alive
Content-Length: 2409
Pragma: public
Last-Modified: Fri, 26 Aug 2022 02:25:29 GMT
Server: Apache
ETag: "16cc-5e71ba0ad03b2-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 81ms
28ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-270203-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 794
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 12:14:50 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://umgoblue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:31:08 GMT
x-content-type-options: nosniff
age: 583016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:31:08 GMT

GET
H2 200 / Show response
w.soundcloud.com/player/ Frame D43C 1 KB
1 KB 396ms
310ms Document
text/html 65.9.95.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Fusers%2F167713575&show_artwork=true&maxheight=788&maxwidth=525

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-53.prg50.r.cloudfront.net

Software

am/2 /

Resource Hash

7168df16408d4b35d8c9134aa92b2f7ad0e74371ed5a5a7f174e2357889caa6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Thu, 09 Mar 2023 10:28:05 GMT
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
server: am/2
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: sssr, 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id: hFjOBpudxamGZ4J0oUigScs1isajXNOjqLPYGcPTsw1dqTCB6d1m2g==
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront

GET
H2 200 mhoops_logo_big2.jpg
umgoblue.com/wp-content/uploads/2021/12/ 21 KB
21 KB 460ms
253ms Image
image/jpeg 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umgoblue.com/wp-content/uploads/2021/12/mhoops_logo_big2.jpg

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

b4e80b60bfabeef1af3f337327c232342cbc9319d0e064c9e77f29a4ae777cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:28:05 GMT
x-powered-by: W3 Total Cache/0.9.4.6.4
content-length: 21114
pragma: public
last-modified: Tue, 21 Dec 2021 02:09:04 GMT
server: Apache
etag: "557b-5d39e7d555370-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, public, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 ryan_ad.jpg
umgoblue.com/wp-content/uploads/2018/10/ 45 KB
44 KB 583ms
376ms Image
image/jpeg 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umgoblue.com/wp-content/uploads/2018/10/ryan_ad.jpg?6bfec1&6bfec1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

4142c3fcfc7c048060f61dd8966916bdea5cf04af6ee716d5b9d896c054a81ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:28:05 GMT
x-powered-by: W3 Total Cache/0.9.4.6.4
content-length: 44642
pragma: public
last-modified: Thu, 18 Oct 2018 02:21:49 GMT
server: Apache
etag: "b207-5787772fa4940-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, public, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 2022_12_UM45_OSU23_RMC-110-150x150.jpg
umgoblue.com/wp-content/uploads/2023/02/ 8 KB
8 KB 336ms
129ms Image
image/jpeg 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umgoblue.com/wp-content/uploads/2023/02/2022_12_UM45_OSU23_RMC-110-150x150.jpg

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

be6614f1a6c46b412c3fc5d0a3ec06726dd6e4b3918e09378a10aa756e9dd20d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:28:05 GMT
x-powered-by: W3 Total Cache/0.9.4.6.4
content-length: 8150
pragma: public
last-modified: Wed, 01 Mar 2023 03:58:57 GMT
server: Apache
etag: "1fe2-5f5cebb46a110-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, public, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H2 200 IMG_7047-150x150.jpg
umgoblue.com/wp-content/uploads/2023/01/ 10 KB
10 KB 373ms
252ms Image
image/jpeg 68.66.216.18
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umgoblue.com/wp-content/uploads/2023/01/IMG_7047-150x150.jpg

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.18 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss16.a2hosting.com

Software

Apache / W3 Total Cache/0.9.4.6.4

Resource Hash

c008ede58144722bf7bf9641a6d479fa272892f9f7dc3b618b98243dc5308ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:28:05 GMT
x-powered-by: W3 Total Cache/0.9.4.6.4
content-length: 9760
pragma: public
last-modified: Mon, 02 Jan 2023 15:23:37 GMT
server: Apache
etag: "2689-5f14989083e68-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, public, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: Fri, 08 Mar 2024 10:28:05 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 131ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8609180512058798&plah=umgoblue.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8609180512058798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08d6e224d092a36f3a97dd2b7ac9d98c170705e45dd97bf123d71ca32640a591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121462
x-xss-protection: 0
server: cafe
etag: 4253106366001036317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame FC56 10 KB
5 KB 94ms
22ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8609180512058798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 01:57:48 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 01:57:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:03:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Mar 2023 11:03:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 30ms
29ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1820241465&t=pageview&_s=1&dl=http%3A%2F%2Fumgoblue.com%2F&ul=en-us&de=UTF-8&dt=UMGOBLUE.COM%20Michigan%20Wolverine%20Football%20%26%20Basketball%20-%20By%20Fans...For%20Fans%20Since%201999&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAACAAI~&jid=715003706&gjid=1825740628&cid=557805611.1678357685&tid=UA-270203-1&_gid=1367984796.1678357685&_r=1&gtm=457e3360&did=dZGIzZG&gdid=dZGIzZG&z=1213188506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://umgoblue.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://umgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 108ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=umgoblue.com&callback=_gfp_s_&client=ca-pub-8609180512058798

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8609180512058798&plah=umgoblue.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73b4841bd14277d232334a060b9b5885eaaa4a946ccec614ab9d457f8ae3c562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 151ms
55ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=umgoblue.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 104ms
31ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=umgoblue.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A90 526 KB
100 KB 1018ms
1004ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&adk=1812271804&adf=3025194257&lmt=1678357685&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fumgoblue.com%2F&ea=0&pra=5&wgl=1&dt=1678357684838&bpp=11&bdt=846&idt=221&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7942794858893&frm=20&pv=2&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ed079b2c859719116c20fd819082d1ea558d727092bf0af21b2aaa28e244d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101701
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:06 GMT
expires: Thu, 09 Mar 2023 10:28:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9CF 78 KB
23 KB 1174ms
1173ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678357685&rafmt=1&to=qs&pwprc=7466624695&format=1200x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678357684849&bpp=2&bdt=858&idt=287&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XzvCmkziDS&p=http%3A//umgoblue.com&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cea122cb305728036cbb5df5d534026caa9fdcc0da6ea251cdd30ff1fe5dcb24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23095
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:06 GMT
expires: Thu, 09 Mar 2023 10:28:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget-6-1fb8fbb63997.js Show response
widget.sndcdn.com/ Frame D43C 2 KB
1 KB 217ms
128ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-6-1fb8fbb63997.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Fusers%2F167713575&show_artwork=true&maxheight=788&maxwidth=525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ca3686a43fc5c47dcaf64cee64d11a297ec4b66ef190cc23198482c6d405ee0

Request headers

Referer: https://w.soundcloud.com/
Origin: https://w.soundcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 05:08:56 GMT
x-amz-version-id: yw0nIHl4298Q1iMUxflG2X9DdNTjFA2a
content-encoding: gzip
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4598350
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 12:41:42 GMT
server: AmazonS3
etag: W/"5f4c5660584e83d4307a10a5512fa79b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: ZJmcnRghit_9NlaRtfJM2Fr3d1JTCjYyUI41tkigcCUT9mjZcsKRrg==

GET
H2 200 widget-8-373a824a0fb4.js Show response
widget.sndcdn.com/ Frame D43C 2 KB
2 KB 214ms
125ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-8-373a824a0fb4.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Fusers%2F167713575&show_artwork=true&maxheight=788&maxwidth=525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23dd7f3a05c01ccd78e269555868158c4a0731578e86699c9d4fcc4f816e6aeb

Request headers

Referer: https://w.soundcloud.com/
Origin: https://w.soundcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:38:41 GMT
x-amz-version-id: NbPcG1qdTJH0odDu65_ZBUQHlPBj3_xX
content-encoding: gzip
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 506965
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 13:34:14 GMT
server: AmazonS3
etag: W/"7bdbdbe9689392f72da2e5f0d7e80f89"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: AIIWsduSzo6QGNBChGGaAruK5IjFgEXuOC_288sUSZhGQWWtG0E1tA==

GET
H2 200 widget-9-6e7d209b5b3c.js Show response
widget.sndcdn.com/ Frame D43C 1 MB
309 KB 121ms
33ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-9-6e7d209b5b3c.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Fusers%2F167713575&show_artwork=true&maxheight=788&maxwidth=525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f5ee2c44a05f52116611b664d9c11e75a529a51c1f787ac7eb2d8a3737f6fec

Request headers

Referer: https://w.soundcloud.com/
Origin: https://w.soundcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:38:41 GMT
x-amz-version-id: ulhK3rvtMuGYp6NwpABp.OUrG5zcDFON
content-encoding: gzip
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 506965
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 13:34:14 GMT
server: AmazonS3
etag: W/"8c9ba84178bc8cf7a68a0f7ea19e75ce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: 9fS_NBWMXR8FpdkgCb55X3mdoa7z6XHiFcjH8tfD7JU25ns1ot0aNw==

GET
H2 200 dialog.css
umgoblue.pushengage.com/ 15 KB
3 KB 727ms
120ms Stylesheet
text/css 34.239.70.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://umgoblue.pushengage.com/dialog.css
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/e57a99e2-8a39-4a2f-ad54-6e22e5bfd694.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-11.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bed87ccdb41fe7089a16ff17d62243f74ceff43688d671782f8b593510b181f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 10:28:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8

GET
H2 200 gmz12fkuhrecwp.jpg
assetscdn.pushengage.com/client_images/56626/ 13 KB
14 KB 846ms
766ms Image
image/jpeg 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn.pushengage.com/client_images/56626/gmz12fkuhrecwp.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: c8881fc9c0133e1c9bac6f12c4f09457bb0103678722fb44c7f6e52b6863bb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:05 GMT
cdn-edgestorageid: 731
x-amz-request-id: QPYK71PPBTRK80K8
cdn-cachedat: 03/09/2023 10:28:05
cdn-pullzone: 1148533
content-length: 13324
x-amz-id-2: 1OK/IIDxXFVzwSXJT/5KfS3HYxVd1bewQ8fMd0J4RI2hGyt0fu+MVDEEw1ivZCywHxbfgkDECoU=
last-modified: Fri, 08 Oct 2021 02:38:19 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "24521b22725658e1586e9a20dddad9ec"
content-type: image/jpeg
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=2592000
cdn-requestid: 00bbf166fc0a5e4501b089d6e65ca3f8
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame D43C 4 KB
4 KB 91ms
29ms Image
image/png 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Fusers%2F167713575&show_artwork=true&maxheight=788&maxwidth=525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 23:00:17 GMT
x-amz-version-id: cDfivQ1VlnEW8avc3GLX0E_rLfKXgJLB
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3410869
x-cache: Hit from cloudfront
content-length: 3745
last-modified: Mon, 23 Jan 2023 12:01:51 GMT
server: AmazonS3
etag: "a1591e5274b36cfbae3e167dffe49970"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: B9BFDYXMBaNcyvUfpK9apExzRcC5J3894yFRSpjqPwzBKoQnnbhmoQ==

GET
H/1.1 200
OK 107622-268294-930589-200267 Show response
api-widget.soundcloud.com/assignments/ Frame D43C 615 B
1 KB 450ms
201ms XHR
application/json 52.222.205.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/assignments/107622-268294-930589-200267?layers=widget_listening&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1677850433

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6e7d209b5b3c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.205.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-205-62.fra56.r.cloudfront.net

Software

am/2 /

Resource Hash

7057df7121a58ef12735e552238010f9e10fa0ac94e45583cf45ae6807c71688

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:05 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
Via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
x-datadome: protected
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 139
x-px-score: 79
referrer-policy: no-referrer
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
Vary: Origin
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: SxIxh-0m_CdV7nFj6Wjy1Y6H9DYQ8ZEnGDjpqiCqhHwVfZWZZbmrsQ==

GET
H2 200 widget-0-33a7e1e5c175.js Show response
widget.sndcdn.com/ Frame D43C 203 KB
56 KB 28ms
28ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-0-33a7e1e5c175.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-373a824a0fb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05375fc34b14c18d8354aae46848d9a010e868c4e34d640f5f63e005e987c4dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:38:42 GMT
x-amz-version-id: MTcIjS3aJ9KfNRiHYNqWPV1cpYg8Uj1q
content-encoding: gzip
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 506964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 13:34:14 GMT
server: AmazonS3
etag: W/"dbe6bbd486c0d632addc6e6b1b537007"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: qYHaihQwQPYk3ffn8hGkmouUx8nqsi9kJ6rbi3nBdNzb5w18yXpSdQ==

GET
H2 200 widget-2-ed5f595f228b.js Show response
widget.sndcdn.com/ Frame D43C 50 KB
14 KB 29ms
29ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-2-ed5f595f228b.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-373a824a0fb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ef22889c8ef9b1aebdbb25d11fc5d955ec1c6651a371407e04503977c760187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 03:09:56 GMT
x-amz-version-id: pibvsqy7rBRmuwUGkD9YGQusvfca904j
content-encoding: gzip
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4605490
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 12:41:41 GMT
server: AmazonS3
etag: W/"e5d3ced174a397326da8f5f186af0f35"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: Ye9QyrBHDwgg8JfE4xtXsUxvJBBGGG3K-EJ6GNhxtWFuuN1UAMjIdQ==

GET
H/1.1 200
OK tracks Show response
api-widget.soundcloud.com/users/167713575/ Frame D43C 67 KB
9 KB 332ms
332ms XHR
application/json 52.222.205.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/users/167713575/tracks?limit=20&offset=0&linked_partitioning=1&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1677850433

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6e7d209b5b3c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.205.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-205-62.fra56.r.cloudfront.net

Software

am/2 /

Resource Hash

cf469c5f8ff91047279ab294d151afe99fa19c83b6107576fb247cfff0c1f38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:06 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
Via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
x-datadome: protected
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 8116
x-px-score: 79
referrer-policy: no-referrer
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
Vary: Origin
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: YbFWMaAaUyrCDBEZLLi19iobRUJ8OxgLguA7eynr_MixZ6APBco07w==

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

429d916ce9a60784a9812e1e30d97fde8b4662627c8f9ab2704a1f51e5681ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52051
x-xss-protection: 0
server: cafe
etag: 1802245279063056185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 65ms
60ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=umgoblue.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 36ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=umgoblue.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FF2 133 KB
44 KB 517ms
516ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df9491fcebb845c58b62b25304d1d75a90ef3eaabe35f7cc5fa0d1217cbb5766

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOozs3Rzv0CFVeBUAYdFk0JuQ&gqi=trQJZP_nFI2-9u8PwOe4sA0&layout=/sadbundle/%24csp%253Der3%24/1513941350391556382/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44620
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOozs3Rzv0CFVeBUAYdFk0JuQ&gqi=trQJZP_nFI2-9u8PwOe4sA0&layout=/sadbundle/%24csp%253Der3%24/1513941350391556382/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:06 GMT
expires: Thu, 09 Mar 2023 10:28:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D113 72 KB
24 KB 637ms
632ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8918bdbafd96eb01beb0e52694bd106a6cf4e137ca684a2e11864067b5c44c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24044
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:06 GMT
expires: Thu, 09 Mar 2023 10:28:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E43E 89 KB
14 KB 594ms
594ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bd81ced144cd1f710855c709d331ab624a094f86da2a904a22cf3ac7839e411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13835
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:06 GMT
expires: Thu, 09 Mar 2023 10:28:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CB6 20 KB
8 KB 484ms
480ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bce032737fae5bb223ec8a95e1e1a56f858cf78ed79172c25e1b71b480fd4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8677
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:06 GMT
expires: Thu, 09 Mar 2023 10:28:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C9CF 3 KB
697 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678357685&rafmt=1&to=qs&pwprc=7466624695&format=1200x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678357684849&bpp=2&bdt=858&idt=287&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XzvCmkziDS&p=http%3A//umgoblue.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:12:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame C9CF 2 KB
818 B 383ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame C9CF 22 KB
9 KB 376ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame C9CF 3 KB
1 KB 290ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame C9CF 20 KB
8 KB 377ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9CF 158 KB
49 KB 432ms
76ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame C9CF 34 KB
14 KB 300ms
37ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H/1.1 200
OK soundcloud%3Ausers%3A167713575 Show response
api-widget.soundcloud.com/users/ Frame D43C 1 KB
2 KB 141ms
141ms XHR
application/json 52.222.205.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/users/soundcloud%3Ausers%3A167713575?format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1677850433

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6e7d209b5b3c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.205.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-205-62.fra56.r.cloudfront.net

Software

am/2 /

Resource Hash

eda92a187b877e81ae2cc546819ff9d58c12843b1b074409c86d2aeb5b06eece

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:06 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
Via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
x-datadome: protected
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 635
x-px-score: 79
referrer-policy: no-referrer
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
Vary: Origin
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: -yJA9UWlcdSlX7Hji9RW0kBHwz9_J4Qt0xCa-2CoYOV92yDSOmkM_A==

GET
H2 200 avatars-qbdC1UhYyUEWuACC-TasbWA-t500x500.jpg
i1.sndcdn.com/ Frame D43C 62 KB
62 KB 574ms
250ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/avatars-qbdC1UhYyUEWuACC-TasbWA-t500x500.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: 51b273543000803f559beb5620bc4ea8c2759d04fda7ce1af0e37389a0482ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 63204
x-amz-cf-id: 2RkejT9Tq17ae7QieXtJq9iigBdFZ71jhNOIGks-z7CjyffYJTLdLw==

GET
H2 200 artworks-vHdPuyUF0ZvcUGnc-gnHUvA-tiny.jpg
i1.sndcdn.com/ Frame D43C 655 B
1023 B 567ms
244ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-vHdPuyUF0ZvcUGnc-gnHUvA-tiny.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: 254ad16d9b6a3d3cc3471ff94f8b769f41677fdb1fe846d327d93c4c1cab6f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 655
x-amz-cf-id: mohBIv5CjpT0Dbe8ueH-INzPXd4_j03a3VM1wxGIVqyXtzl__ohPog==

GET
DATA 200
OK truncated
/ Frame D43C 741 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 312a710ecac6441216535838c18fc119bf3b334b9f67b12b74471ca0c1b284a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 artworks-zfzulGSaPZRD2qTW-oQgSkg-tiny.jpg
i1.sndcdn.com/ Frame D43C 703 B
1 KB 639ms
316ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-zfzulGSaPZRD2qTW-oQgSkg-tiny.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: 80924fd4fb11ff3158d0ac5bdd9af549b517a5547d802af1f59e7719451a58f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 703
x-amz-cf-id: 7bzBlHMWs5UgK21EKyUIrKcs_WY1X0YDYGZz1Yb0pwwREr382S2A5A==

GET
H2 200 artworks-g9511IDyzBrCVgwE-PZ5iSQ-tiny.jpg
i1.sndcdn.com/ Frame D43C 685 B
1 KB 937ms
614ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-g9511IDyzBrCVgwE-PZ5iSQ-tiny.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: 688813a3c1d6df8048495b45b643cbbf916989cdf205a340a47f683bb139ec20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 685
x-amz-cf-id: I7vk1AUfWzGcWnqlixa-TK-XDsCxgA9XBcaTKFsINLMBbGqgTGqADg==

GET
H2 200 artworks-fEr3cJBeyI06SdAz-TIIVPA-tiny.jpg
i1.sndcdn.com/ Frame D43C 710 B
1 KB 654ms
331ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-fEr3cJBeyI06SdAz-TIIVPA-tiny.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: f13cab82f3023694214e0ea3dcee8584b1f679b998853dddd4b841a4105744a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 710
x-amz-cf-id: oW12OJfSrAexHQIX7ASFEE8bnggpcYIOQq_rm5GHwChvIFmLQ8RtiQ==

GET
H2 200 artworks-hgqBv5zK6Uz4Iq96-4xDd5w-tiny.jpg
i1.sndcdn.com/ Frame D43C 718 B
1 KB 595ms
272ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-hgqBv5zK6Uz4Iq96-4xDd5w-tiny.jpg
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: 8732fa935864c3cfb2fb2ee330773956646fa3df4acf72a51eaa10b03a6cbe6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 718
x-amz-cf-id: oFCKldRaD9u0DcVVL38njFUW4Xo89Hez7cqrzdOmOy8pad-J6Taonw==

GET
DATA 200
OK truncated
/ Frame D43C 43 KB
43 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d

Request headers

Referer
Origin: https://w.soundcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: font/woff

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C9CF 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBQ_StbQJZJ7ZCs7ztwfhna6YDb2D_bRvrZux6sYQjr6w0pQ3EAEg4Ie-A2CVuoCCmAegAbOG6-EoyAEGqQLL4DnBOrSxPqgDAcgDAqoE0AFP0P-y6mZ22Ifgo6xfoekLorIIqg4lDfV-3URN8mpkPTipu18OxagSdW_QK4xkDeiA5S2iCbYK366ri_Q_Nm79GJLd6moF82SinSqy4vjR01U1zSCuB56c3oIhESRTdqQPFwVXIdn67nVcW3cOGDYqv2j3Tkl545f1ti_L0PDuyu-oo5UpX_sIpXUo9Ji5hEpN3gxPG3FbPvLwMiLLjU76Rxu0xkUxcajrC_Q4PCrofxWdIzFcij53rB5BSozpNwDuIdGl1OrpAlkvl-yEWiagwASQk-CnmASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHo52KvwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQnedI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=ym-bSJinfKg&uach_m=[UACH]&cid=CAQSGwDUE5ymdMpAl_bWfZTCE6ongmMfOZh1Em2o0hgB&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678357685&rafmt=1&to=qs&pwprc=7466624695&format=1200x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678357684849&bpp=2&bdt=858&idt=287&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XzvCmkziDS&p=http%3A//umgoblue.com&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C9CF 18 KB
18 KB 259ms
36ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT89EwSUoYrcaYTyjebeHkN_Bp5rlsbzizeVv02XNHHcGGAZuHIjvwwT9tC8w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ee72f405c43d64ccf3735bba188115c37e4580c4d9a404d092ee2ab303e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:36:57 GMT
x-content-type-options: nosniff
age: 49869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18072
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 14:20:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Mar 2024 20:36:57 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C9CF 56 KB
56 KB 270ms
47ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSpQsh-7mm9UH7_Buz8KiLm3oYeuZZeLzuJ7DTHK9Vayqf37s4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5641ca595085578df287aa14fdb0535b228005c1d1b093660d6fe6c709669a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:14:45 GMT
x-content-type-options: nosniff
age: 569601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57361
x-xss-protection: 0
last-modified: Thu, 14 May 2020 13:04:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Mar 2024 20:14:45 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 565F 10 KB
4 KB 27ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:07:18 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 07:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 3B27 10 KB
4 KB 28ms
22ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:07:18 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 07:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame F081 10 KB
4 KB 37ms
32ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:07:18 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 07:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame EB4C 10 KB
4 KB 39ms
34ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:07:18 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 07:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 avatars-qbdC1UhYyUEWuACC-TasbWA-t500x500.jpg
i1.sndcdn.com/ Frame D43C 62 KB
62 KB 84ms
34ms Image
image/jpeg 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/avatars-qbdC1UhYyUEWuACC-TasbWA-t500x500.jpg
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-33a7e1e5c175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: /
Resource Hash: 51b273543000803f559beb5620bc4ea8c2759d04fda7ce1af0e37389a0482ea9

Request headers

Referer: https://w.soundcloud.com/
Origin: https://w.soundcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public,max-age=3628800
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 63204
x-amz-cf-id: S9hfdVfj31k9MkCQTmnfQsZEk53NBN1-vSOELO6WY4CBsNFdze2gxQ==

GET
H3 200 css2
fonts.googleapis.com/ Frame 565F 4 KB
636 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:09:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 565F 205 B
519 B 36ms
35ms Image
image/png 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:33:58 GMT
x-content-type-options: nosniff
age: 3248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 09:33:58 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 565F 604 B
694 B 37ms
36ms Image
image/png 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:12:28 GMT
x-content-type-options: nosniff
age: 938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 10:12:28 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 565F 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:48:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 565F 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=0-%26adk%3D1812271808%26client%3Dca-pub-8609180512058798%26fa%3D8%26ifi%3D10%26uci%3Da!a%26xpc%3DlRtsCgo8rt%26p%3Dhttp%3A%2F%2Fumgoblue.com

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 3B27 2 KB
799 B 23ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 3B27 22 KB
9 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 3B27 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 3B27 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B27 158 KB
49 KB 96ms
95ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 3B27 34 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F081 6 KB
672 B 39ms
37ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:24:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame F081 2 KB
765 B 40ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame F081 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame F081 3 KB
1 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame F081 20 KB
8 KB 37ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F081 158 KB
49 KB 134ms
127ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame F081 34 KB
14 KB 51ms
44ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EB4C 8 KB
895 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:11:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EB4C 2 KB
765 B 43ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EB4C 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnmuttbQJZNLNC8vZtwfu5Y74Aei1tqZvuOecpL0RpYns1K44EAEg4Ie-A2CVuoCCmAegAfjfuM0ByAEJqQLL4DnBOrSxPqgDAcgDywSqBMoBT9BAI95_sXmgchU5cbelQLdp71BsCBcfXsu5XEFOvjKaWYEyePzH6mW_RBPTHL0U8eclz8s-wrQP3LIO2anv4CLXgBqLbgGX0svPH9Enwpl7Jts9561h9min1JAFEprx488zmfCC2x5MaYzE20pJCEuXy1hSjAfqHlbtCCKBApNcbh9ZYTJaKNigaZALSwp9_yH4Onbx0bShjXOOZ4yGM19IQzT9R5FmvgI0_YPTqplcP7FVtMX4qyIAxS3soQIr2_CZ7EIjKAYSI8AE7tHY358EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_Cfx7ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyrUE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=uoYWl-P5Ohw&uach_m=[UACH]&cid=CAQSGwDUE5ymGcl4XKSmmCeoE0N9y3SzJriyjBzq3xgB&template_id=5000

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame EB4C 22 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EB4C 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame EB4C 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB4C 158 KB
49 KB 98ms
98ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:06 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame EB4C 34 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
DATA 200
OK truncated
/ Frame C9CF 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcd42a2c27d393b2c4ab531ddba0ee3bcfd52af1cc803849643c373f795cd09b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12540109992849139010/ Frame EB4C 18 KB
18 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12540109992849139010/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7970d28e63aef5761e099e13b1b70bacc5a46d27148e596630757fdeb6e78919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 04:15:28 GMT
x-content-type-options: nosniff
age: 108758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18349
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 10:58:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 04:15:28 GMT

GET
DATA 200
OK truncated
/ Frame EB4C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EB4C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/ Frame 0926 8 KB
2 KB 25ms
24ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e5c40943fd6c43a51bdda7c85819e489a2d33113a1e0cdfe41829ac54ed279

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 499915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2444
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 15:36:11 GMT
expires: Sat, 02 Mar 2024 15:36:11 GMT
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AD88 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF860trQJZOP1FdeCwuIPlpqlyAuvt7S8bfKX6Z3iENqy287BLBABIOCHvgNglbqAgpgHoAHxqMbOA8gBCakCKPar-Xe0sT6oAwHIA0iqBMsBT9B4FtUSlq97vMyh2TX76Whr91gu1jFQmD_76oe9NYAdrgYyIm_XvcKiA-Y213XKRVPabzWONadVpOgQL7sQi5YLF_1Z34fo3Hv7Z-egRp-ADHCriLC3orvMx3CXBy4A7o1cB3bWUhrTMePs63wZK5SWqOEo5Qt5h4vP6CsWFC0nT-72HsC6fkEl1Vgc61qO9nm9P8ysoaMP-uePh9lB-oVg82hq_K6xJ_UP_nFbDgl2leVzvd-mZ_V2rfuD-Jn2-WNH_eENhA7mZCLABLr_2fHxA5IFBAgEGAGSBQQIBRgEoAYugAf31rkxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgeEi0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=ssrYU8tbJfc&uach_m=[UACH]&cid=CAQSOwDUE5ymhq-hjAVbvzXhIoPZMhq5TPbND9cXw5zuzyQzGNYwxbbwawnEHBv6s0R7RNsKWxlzBsSTRj0tGAE&template_id=419

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame AD88 22 KB
9 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame AD88 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame AD88 20 KB
8 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AD88 0
0 168ms
57ms Image
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCJiULSBfpFyh7VnyNWDFhXr7zcZScTuqd0WHxHm7UHSj_4suL3hZuciB1VKACJBmuRyh_LPmpFb_fWyzwQzQBetIMJA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD88 158 KB
49 KB 93ms
89ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B74E 624 B
242 B 63ms
61ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAximkrrXATAB&v=APEucNURAIbwUr-aT6pOnB8c9R96mCCxnEP_NkiWN41mCaTwoIZZfZrdGH8xb2l6NmHVRsYQFHOiaD_sIcsgrtGs1Nv3gFAleqCfvKvWEzKhtkEMVWT_FFUKJRKRcuSIaEGJvCwh6dybYF2WebLKHWs9Rth9jpIBumGE3DdWvrSVuYofVpd-KgY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9CCD 78 KB
27 KB 138ms
136ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9CCD 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9CCD 20 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9CCD 0
0 120ms
56ms Image
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFriLkPemVVQSa_-eb_zQ_DrG1GVemoGabuFQlvQGSXISlhGws_6jlDUDrdnEq_VvfUBu6kt9zjud14OU9Ej99NGlaEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CCD 158 KB
49 KB 144ms
143ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CCD 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcCWmrlXSVJ9mfhBCEo-uOcgrJ5RrFIyFZLoqL0ZCdkdioNA5rjeeyVMiihK3lQW2ztqFpWgaBr_BhaRlmbHFkwT3uNto1cbc7_hArcDwSq_OLTeU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CCD 0
20 B 60ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17046527606561674445&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A4CF 8 KB
895 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame A4CF 2 KB
765 B 23ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame A4CF 22 KB
9 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame A4CF 3 KB
1 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame A4CF 20 KB
8 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4CF 158 KB
49 KB 129ms
121ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 10:28:07 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame A4CF 34 KB
14 KB 51ms
44ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0926 6 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:25:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0926 34 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 10 Mar 2023 04:42:08 GMT

GET
H3 200 508126.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 147 B
177 B 73ms
71ms Image
image/svg+xml 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/508126.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264a3189845f6bf08cee138091e035ac0508fc9412917b935eab3b59c0f8ae85

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 10:45:15 GMT
age: 517372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 10:45:15 GMT

GET
H3 200 50812.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 65 KB
65 KB 39ms
34ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/50812.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d58debb87f6cb1031d4cc64738fb9e866af0bf67b3bf399904a9f708849aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 02 Mar 2023 11:35:27 GMT
x-content-type-options: nosniff
age: 600760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66931
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 11:35:27 GMT

GET
H3 200 508127.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 11 KB
5 KB 44ms
29ms Image
image/svg+xml 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/508127.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b5b5e037d19833a9ed58a5e87755f04b270d0fee6539beb3da629c62c29b9d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 12:29:44 GMT
age: 79103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5201
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 12:29:44 GMT

GET
H3 200 508140.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 28 KB
28 KB 40ms
27ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/508140.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e463680d09f6a4bbe3e0eeabf536cbad73e07e028d51a1b7584cdce47f5d7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 09 Mar 2023 08:50:57 GMT
x-content-type-options: nosniff
age: 5830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28962
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 08:50:57 GMT

GET
H3 200 508141.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 5 KB
2 KB 62ms
49ms Image
image/svg+xml 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/508141.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec2a3ef74af3f799d1d3827960edaf8d12943cf06ccd8e3c6e51721c737eb647

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 01:34:13 GMT
age: 32034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1892
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 01:34:13 GMT

GET
H3 200 508144.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 6 KB
2 KB 61ms
49ms Image
image/svg+xml 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/508144.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3449b2fdc99f9a0c2701a28cbbdadb515b05af4819f95bd6009f62ea3f070bbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 14:13:33 GMT
age: 72874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2233
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 14:13:33 GMT

GET
H3 200 508147.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/ Frame 0926 8 KB
3 KB 62ms
50ms Image
image/svg+xml 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/images/508147.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1513941350391556382/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96e36765064c199b32cd6f08900de889f4f5c7617f44b0101836e6c9f97ae617

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Mar 2023 12:16:02 GMT
age: 252725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2893
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 12:16:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame D113 22 KB
9 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D113 8 KB
716 B 41ms
36ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:09:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:07 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame D113 14 KB
3 KB 203ms
79ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 17:08:11 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame D113 376 KB
128 KB 204ms
80ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 17:08:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame D113 20 KB
8 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D113 0
0 216ms
215ms Image
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvZq5rmKAXoIehPB5I9nMI7xrGeryveJKBzQVsG4qXnYclAT-4sFeVjh_QrunlHvMUYeh3FTk25-P_tFXT_L8AgPf-qg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F8D6 143 B
166 B 22ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C9CF 20 KB
20 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 500262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 15:30:25 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C9CF 21 KB
21 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:23:51 GMT
x-content-type-options: nosniff
age: 3856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 09:23:51 GMT

GET
DATA 200
OK truncated
/ Frame EB4C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3a2bc9c8d0160970c71d44113eaa0a2653947d6aa692c3d7ae854280d60a91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B74E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1

43 B
766 B

53ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAximkrrXATAB&v=APEucNURAIbwUr-aT6pOnB8c9R96mCCxnEP_NkiWN41mCaTwoIZZfZrdGH8xb2l6NmHVRsYQFHOiaD_sIcsgrtGs1Nv3gFAleqCfvKvWEzKhtkEMVWT_FFUKJRKRcuSIaEGJvCwh6dybYF2WebLKHWs9Rth9jpIBumGE3DdWvrSVuYofVpd-KgY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:28:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B74E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAm0t1J0kg-18hw4pmTF1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1

43 B
766 B

26ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAximkrrXATAB&v=APEucNURAIbwUr-aT6pOnB8c9R96mCCxnEP_NkiWN41mCaTwoIZZfZrdGH8xb2l6NmHVRsYQFHOiaD_sIcsgrtGs1Nv3gFAleqCfvKvWEzKhtkEMVWT_FFUKJRKRcuSIaEGJvCwh6dybYF2WebLKHWs9Rth9jpIBumGE3DdWvrSVuYofVpd-KgY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:28:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOpyXqn0ceyyd5wCtvBxlBE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B74E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCOD4n1nqTGSxU1LPGL92g&google_cver=1

43 B
1 KB

87ms
35ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGCOD4n1nqTGSxU1LPGL92g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAximkrrXATAB&v=APEucNURAIbwUr-aT6pOnB8c9R96mCCxnEP_NkiWN41mCaTwoIZZfZrdGH8xb2l6NmHVRsYQFHOiaD_sIcsgrtGs1Nv3gFAleqCfvKvWEzKhtkEMVWT_FFUKJRKRcuSIaEGJvCwh6dybYF2WebLKHWs9Rth9jpIBumGE3DdWvrSVuYofVpd-KgY

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:28:07 GMT
AN-X-Request-Uuid: 8abf78c9-8153-4e32-98ab-5a90edd72dde
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGCOD4n1nqTGSxU1LPGL92g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B74E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2ODE0OTI5NzY5MjEwNjIxNQ%3D%3D

170 B
243 B

59ms
59ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2ODE0OTI5NzY5MjEwNjIxNQ%3D%3D

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 10:28:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9be92471-538a-496e-bacf-b34279b82ac8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE2ODE0OTI5NzY5MjEwNjIxNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame AD88 0
121 B 138ms
136ms Other
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOozs3Rzv0CFVeBUAYdFk0JuQ&gqi=trQJZP_nFI2-9u8PwOe4sA0&layout=/sadbundle/%24csp%253Der3%24/1513941350391556382/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame 20CE 222 KB
61 KB 118ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 231583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 20CE 15 KB
5 KB 165ms
75ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 231583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 20CE 94 KB
28 KB 160ms
70ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 231583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 20CE 33 KB
10 KB 166ms
76ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-carousel-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265dbcfd7a53f73fe031b54f5a9565d7462582b46a58536fbc2fc09e60f9964

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 19:27:01 GMT
age: 226866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10096
x-xss-protection: 0
server: sffe
etag: "645e51d47a4dfe5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 19:27:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 20CE 5 KB
2 KB 157ms
67ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 231583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 20CE 40 KB
13 KB 154ms
65ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 231583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 20CE 6 KB
2 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c290319fa2721ef32b511a6cdbf1cafbf0e119cc6942f92bd63bf175d5a91d90

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:28 GMT
age: 231579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2447
x-xss-protection: 0
server: sffe
etag: "896c45a7388a1cf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:28 GMT

GET
DATA 200
OK truncated
/ Frame 20CE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b4d2d2a729c65e27bc056e50c0d2eddaa1dc8a11a8cc47f5fad3f2b944cd8ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20CE 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 55893
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Mar 2023 18:56:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20CE 295 B
319 B 25ms
22ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 41612
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 09 Mar 2023 22:54:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 20CE 0
0 175ms
171ms Image
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyGKv1G1VOl5DG6f6o7M-nxU_6V1GhwKG7MmWQa9zwwTgcTDm8Fl4JbtIgbQMbor8IYBUUf8YPeDcY9LCNiedGoYR8kA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20CE 0
18 B 70ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIp9otrQJZL2pGNGPjuwPteG56AiKl_u1b_PbnfGaEfLs0uCyARABIOCHvgNglbqAgpgHoAHH8OONA8gBCakCy-A5wTq0sT6oAwHIAwiqBMgBT9DYi5UuZLwgNEHc60CkyHFl7Hes9HTjgaLGuAPsqBa7GvBjG65htBWyTqYyo6xuAtoggGjjEzcdmSD4VZ0INXIjMpmTYF25hoXrC4qrJSlw0P9XJk-z_ZFDY7QICtBvci7sS-AL65PuP2jVD5vxO78iMrhOJXqW9gNEsuze-AcIU0p_xX7BG4je0l5g-nw0zx_ZVyvMYETjVrcMLKBbKrz1ypz-gBuuWQu3UVUvRjHdcsoKv1o8JuUIkkwR5tmJyeSCQqRQX0bABJnxwZ6rBJIFBAgEGAGSBQQIBRgEoAYugAfNz6JyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQt8wG0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwKIFAHQFQGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=XRN-cB6Ry2U&uach_m=[UACH]&cid=CAQSOwDUE5ymNiDW_3wWa5UEEyeAxfmjSp3f79eMnzizXZqewLfXtOppetN07upK1vb-gelt9ZPLsMzcOMTxGAE&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 img01.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 21 KB
21 KB 30ms
27ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img01.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1dbecc2b28126a52eab4125c352d8a97da5d4d1b91e772def023cef1f8b9f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:20 GMT
x-content-type-options: nosniff
age: 236927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21811
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:20 GMT

GET
H3 200 img02.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 19 KB
19 KB 107ms
105ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img02.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed16cfe79ae78efa96bc54afd8feab84f1c416fe0e91b68fb6d3f77605ce55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:20 GMT
x-content-type-options: nosniff
age: 236927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19836
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:20 GMT

GET
H3 200 img03.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 20 KB
20 KB 44ms
42ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img03.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6c63494941000fe458c2f949ee546a1e12d957022ff87510a91b01dbad25cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20291
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 img04.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 16 KB
16 KB 35ms
32ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img04.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59188665906c242795923b3101c0429d5c3043b67e24a16245ce4281d5e58040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15965
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text01.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 6 KB
6 KB 44ms
41ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text01.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3a0c74a9a96bb7c543161d649dc97c9cec3059c547f6a93b0ebb5c0a5fdeab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5719
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text02.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 5 KB
5 KB 43ms
41ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text02.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd73ec5a3bd8f160b38592d2563b2cd945ac87d3961d1f7a34b2387debe774f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4904
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text03.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 5 KB
5 KB 100ms
97ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text03.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bf048337ab9d80611073c1c9c3f92a2cdac307f06a29a1a223bbd5e707ec2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4632
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text04.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 10 KB
10 KB 105ms
103ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text04.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dce591d4dd5e62eec56af665a5b1bb271a8e0470d552e08ca52768a3d3539e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10307
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 garantie.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 4 KB
5 KB 105ms
103ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/garantie.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853c6c71de404e9a728bb114bd8c32d863f351eb38fb3d6de2a46c2cca5fe673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:24 GMT
x-content-type-options: nosniff
age: 236923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4586
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:24 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 2 KB
2 KB 100ms
98ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2826901bf8b31b3217adb1fa30e0ebbcaf2dd91f42cc7ef2249a8181d1071d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:24 GMT
x-content-type-options: nosniff
age: 236923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1999
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:24 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 16 KB
16 KB 104ms
102ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=1218546090&pi=t.aa~a.1862092094~i.16~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280&nras=5&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=sjQcIWkXbB&p=http%3A//umgoblue.com&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7667c052da8841db61b604923b9ed08ac1e088d7d8d4d81403d76a9c32196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:24 GMT
x-content-type-options: nosniff
age: 236923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16356
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:24 GMT

GET
DATA 200
OK truncated
/ Frame AD88 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ea50bfa675f7c68d04dcfd3d40c928f77b92594354aa7a95829c1e29252d36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 18284686374262473046
tpc.googlesyndication.com/daca_images/simgad/ Frame 3B27 10 KB
10 KB 104ms
103ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/18284686374262473046?w=180&h=320

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da3cfb958585fee4a8a3586fa397e9f5ddbd9b658a03e8a9fbbc8ec4b9b3ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10479
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 13:35:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Mar 2023 10:28:07 GMT

GET
DATA 200
OK truncated
/ Frame 3B27 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db6bee490c09e2d013e593cfeb3a83a4a3d73b9e2b78f743e38ca54ada87c646

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 66C1 143 B
166 B 21ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CCD 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=151279599388&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CCD 0
20 B 78ms
73ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=151279599388&version=m202301230201&ct=76&x=1&cor=17046527606561675000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9CCD 97 KB
38 KB 73ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALy-Yiq-f4xhDXO85i1pl8_2i5gnnIe7AQgV8kFd8QGEd7CFoGDi9QHzihBU8UI4_xpeKXvHJPS_xMwb5TGwUIl4oT1g&cry=1&dbm_d=AKAmf-DaDvxZ7S_egfLTYWMpkdw7XUi65nDOmPuzQJRy4B7UtjmbNYbk27AsE6VHr8uc6aSp638wl6yzL5wg8cSC58aEVVF8CmF6xLXagl87Xhvsd3SaFDDjZN7fQtjppfPrfhUkk-3CzA525iYM8_EWcDwyhGBWPoffgighBxnUcI4d-UCqnduHzTRLPx2nzO3Y7tYUr54cjsSIUDJOlR_eejBIZe1uo-LBavTsNiaxoaXWFnayC2aRG4DtL1UD6en_0_fr9l9YJvpDUvtkbwraPg7PJtoJ2hr0JqSTgIDV3xnCfYo_tSXlv0gXXfZfb1Co-kQATe88ZIP8wCwJqvP20qzY08XRsMZptqwbGnhsskgDtGiM2tFfoLbJ0H7d4gh_GhFgkV_Bi-uP9ZiTB6C1PVNmcaTxGCqzxUMfWaLlyeq3TGtCm9iSN2JmWpBLD2VURW8q6RZKw_g9Jb5a0Ce7msYnN-p4oGXli5lMA88rPu7jQQOtS5Xx20mp4hnHE_R3zRPnBL3GhBpJlWw84m_gskhw_E-loWEkNKVBsD7VpW-AWhLDdsUJbUqJrDnvs7-ZvfYcdapaw3auwyMhRhHw8osnzJnMncg7GzgQj9nzQY8_9rmvW9I4TLZnX1K6j5bvGW-mXOmNuYx7arx6oIMu6tHLcli5-aK-tCGG1Sw8Kg05oVHjCVjzsWTmehB8vzVhJuLHY-XBSTww-SkDTLV8Z683L26dZZ2eG-CzNRHpYE-3qsh8FcCSrBsLEQi938Hrsk-_Kh3tVkJW2yKpVeOJRm34DCCOALtP8f9dPFNhyu87D4OYfXY0O5VaweDd_5NZXf9ndguXoGE2K5xdxZGDpuvWYxh1SGypPnSW-oRgpTA7jN3-3if2naTYRLMXlXPmzqI6bNvXSo4ZNoS10rvrlaaxKZzb1UYfmoVrQwxfozJy1hlGTGp5YqIwT0nKe-GfOZypG-p15PpCwHEb48pyid8U0k5zg9QLfmSriwZ_pfJ8CAcOjlyLDOOAVNhkRdiFrENOZzJcFwvXG9D64KwOge7dFDxYzVaEMvhIEOWkq-iBHnfeyRsqH3qY9_ji20p3JMzzbq0UHINn2Wz_JIwlGP3cnT9O3enQVzt4_7VGPDXSDH-npZRfb19anOtnygX1h52lkYv13ol-cMc2TnmdipaPf8KZkADmOB_WfLoGzg3KH4XraQ6povjc6E0QaQtPXEDzkQl-Aquojlbg59SrDxpBJsVBbSAmHqAZSP4bsV-TwMLMhwQX4RbzlDYF9sxypioj2EecDegvZ3yR7RxQ3tOBAV9Eo8wRbZWXTyvLfX8_BP1p_EeR263-hcC5j8EzP2wSXB05ua13sWzSevRnkG7qFdHkrRIrY7G_9EhNZgcfbfwR2JHhzka2bGsN1Pnr0e2VMNE9wEgGXkZ94ge8d7mX9Lb6_LGegVYDUsT-C4UPymVlz2RpvIIWCevSAtgkNKATW-aWoXchtxhkz6ZPxRESJrgBTJb-8L2nm9ZHYfQQYb53IAE4LvBM-L7-NrQtnm9MnBxD49dsjLvuohMi1BEo_-tTj8mv1Gh0V0aZHBe1n8I-aeaDNVWd3BCYgWuC_d8naZ8I8Z7iYOByWQwAB1agzyQbNAlMbzk7fpF-n3ZDN5spcOZQfwlCqBZ5o8EVrSe9Gaa5_tdw7ekPiNDKJrkFBGtMU4kw2c4XUJ4ZWeKqOA1BxgDCy3zCwmbONJcD5XbDi8HduGXXDxwPgsxscSmUvYW9Dc3nkGTpXQ3Z0WlQKY5lpPAwFK-GCirR_dQfl1WRjtqdqrKckcCF5xgD3i2irGIZBWA_42Lg4Gfu18vfeTboehIFHnTd7SkGtzrH4BKNOMXUA4f8FlMN2ekupuivHB-OuB49LRUEQb5_DRy2DiePJfolVGjMdnRr4_apv45pRKHxPzrT284J5XFHzrP2S1owpdqIhVURbOYZBrMby4xi1PjeYBod4tlncIYMBJuRrjCFtTniv_uYUL6pVixLc-w337RPyyePQQ757CmQ2IJDl2y6h4L2t7m-3KF8u_ug_Wa9T96tZuTWURyPpD3XsCRTy1WUOYMGmemHOoByFWQVTtD-r58ETKltDBXA4WjDfr5J_cCO9t9WAf2fkgvW8pPpBNeCBjkIslmF0pDCo0oFveBCzIL3S4LfwvOOim5fK4qjFn4HfHjOhfzhLH6ztKsqUYw3cVBprUbok89qpdyw62ORmqBvQWJVj6_ZdY5qeB7h0Rns_NWF9nHDUoT66-VzhPhGkJNKaXX-oHDYMNMC39SOsusjzbyO1koCAHaXX3tLhunyl_0N3jIX_e8BB2RVjjoa41eBU-r2tU_pF4ySVPgr-7rj-FH9LG2xBW5_w04ZeinQKL4Ib9i86tZJvwynaFm-Zji112ptWD19sGns3WI5bdZXBOm5Zh2QErdeM9elD2NGsT1WelBx7oNdXqgJuAGPJp2Fmpy0HE774j1DLzHP0693hhafqsZP48remWD-pd8sdSQo-KHSiRsYQOLov0ggywBUbA_k8UbJS6EspwPUq2NsSuJrEeCPe9MUKRxTHZe2Wdt-IzVs7RiJoh-wEaO_yljoChdXEaJUp-3LPLbryBncHCoshcwM4Q-pV5cN3WVJB4uouY2iwR6BugTYiT7tfHcQjDLq5fR3S4U13CfstChJWXNoDTMQBiJo5tmEbJ5WPQQ0lV-XAIi3e7A5cidz_du7_dIIs3nXGzQzC9-8X7MHci2Mwe3oiHoJLmtlnLxJsTya6t1DWJUqHzsFPgsoQDbp8aypXsjBw-Q0i94U_ZdE23F8guJzm59exE_bJSGU6bAv8ZDM-iLpAwrx055o4niN7pFrBdw8fzQlm-3J_AWSzzB1uJTiKSSv_-bfWLBYNcylTk4kUcFGPJyuh4fl60Gl5r7V0UCbXwowpn9fCjQsu8Vz9_uHeJ0t21Ok7moQSD3bV-QYhOY3x41RQ7ku7G3vKjFmsWgAT4v-BUyzVlGeBBwUHGQb6US6hwuu2G5-xOcxAKzD-Er6FBcJCgH0WBIGyTaHF_jqi2P5YtNjyWvalQsDkvFMATvANuSuenATJ_h3fVhW0jxVh-kVinZNLWj2RCQLLlqah_eo4h8IcQLX9iBNqJ_E3we_4fk1qu08AmBtN5In_Q7AxmHIH_Y9vBvGhxdzWje8HR2Q4VWMk59i20HypQRIxoKTwfsxcZryOorzOzuqiD_Wjkohl-6ogQ-388A8mVdm32tYUlB9IuVKXPHY6s8VGaBPkaUKiY22Ws5kvhtlHOCfVjDdYQ-DgGaMirTL2aLnnXmUVMHPYxypRUL3oDWA8DGr48TSgPXCPK4z97wRs-GICr-nnUxxDDhl68nicmjUylNWXB-LaSmr2Df3SjhI1S1znHjX&cid=CAQSOwDUE5ymD4cH99Kz9ajhAJofqvrez0EWJS1ffrq0VnWVwNAPHI8LxLOmQaFbFespFzUjEr6HkGKQP_mkGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fumgoblue.com%2F&ds=l&xdt=1&iif=1&cor=17046527606561675000&adk=929882891&idt=147&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b285609f9fde4f7a1a22cddd67e3f9b9401febe63304b7032767742beac1c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38721
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/8539341663730269462/ Frame F081 44 KB
45 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8539341663730269462/2076313506083323656

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94707b08d0f25389c0ccfe6df3567e79193b7e99835c10d4dba8bf111bb3aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:02:38 GMT
x-content-type-options: nosniff
age: 282329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45534
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 12:04:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 04:02:38 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9686349828428655866/ Frame F081 637 B
671 B 48ms
47ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9686349828428655866/14763004658117789537?w=100&h=100

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29325717048e7b04e9031a34505fa13ff00d0b86e2286cfd539fc87ed6cc238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 03:40:38 GMT
x-content-type-options: nosniff
age: 283649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 637
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 12:04:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 03:40:38 GMT

GET
DATA 200
OK truncated
/ Frame F081 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F081 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2950cc1964901acac204f4bb132de577268490f39b282989801faa08e080afcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1757 36 KB
14 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 793E 36 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 18AE 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B27 0
18 B 65ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs9v6tbQJZNDNC8vZtwfu5Y74AZPFxJFv4q2TrLIRyI-ig8EQEAEg4Ie-A2CVuoCCmAegAeW9iugCyAEBqQLL4DnBOrSxPqgDAcgDywSqBNYBT9BbHl995BZ2bw2xbc5XekHI151HEYMRHTklamh7XgRN4aIcdPTpZPzXE5MbGkSsbkqt8oEKzOZ3UFd_OkOPbpFm3bF2rBSlB9pTAGRhrF662fUJ6VAw-xUjzHuYSj2ROZvNnRiNzO6LIYquYvbW1xld_46u9qxVZXMsXhMnCwt-f8-YG23sCHb-PTWRleqU43UAPSfkDt8FaELDa2JLpHPOUgxk-aBcOYzyH_3zukjwc7SY4hJAm6E57aWBI0oViVMzdFHVMDpfzIv_wa81t_gjkLvb1MAE4pqZlqADkgUECAQYAZIFBAgFGASgBgKAB4PC9ZcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxYoI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=gx8p6HodMms&uach_m=[UACH]&cid=CAQSGwDUE5ymGcl4XKSmmCeoE0N9y3SzJriyjBzq3xgB&vis=1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F081 0
18 B 63ms
62ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqmcttbQJZNHNC8vZtwfu5Y74AYSqgLVv7NDjjd0Q2t3omcsBEAEg4Ie-A2CVuoCCmAegAZL3kr0CyAEJqQLL4DnBOrSxPqgDAcgDywSqBMMBT9DgHpn3f7dU37imtTQ5bnwfOHDR9ZAnJAw9BjHGqT2K6P61gwVQOLQ2fboggekmhOhLTEBNOsSkcsIKZr_VF07EfxfeeFjdl4hJKldBmpXVcAsoxWDbVc-4Go2CdASsJ-RtrmDtcE62FZXQQ56t_5mmvCzPjPSdfXniOx-tTUQTEodogFv_p059ztFXA5OhwcVZcFP67EBp2dpCqoUNUE8NK_P5GrG4cW_F_jnWU1m3L_YAR__IZR1RwVfxRpCoqo7UwATz2pndngSSBQQIBBgBkgUECAUYBKAGLoAH1ojtwgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCh9wXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwKIFALQFQGAFwGyFxwKGggAEhRwdWItODYwOTE4MDUxMjA1ODc5OBgA&sigh=D65ia3tnflk&uach_m=[UACH]&cid=CAQSGwDUE5ymGcl4XKSmmCeoE0N9y3SzJriyjBzq3xgB&template_id=484&vis=1

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F8D6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:07 GMT
expires: Thu, 09 Mar 2023 10:28:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1221363/66729850/ Frame 9CCD 46 KB
12 KB 161ms
46ms Script
application/javascript 52.19.228.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1221363/66729850/skeleton.js
Requested by: Host: umgoblue.com
URL: http://umgoblue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-228-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf84e273a845e5b1062c0f8b0e5cee963ef5d6b1b39237aa168c70f46a7f4778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9CCD 106 KB
37 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Mar 2023 07:16:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 9CCD 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALy-Yiq-f4xhDXO85i1pl8_2i5gnnIe7AQgV8kFd8QGEd7CFoGDi9QHzihBU8UI4_xpeKXvHJPS_xMwb5TGwUIl4oT1g&cry=1&dbm_d=AKAmf-DaDvxZ7S_egfLTYWMpkdw7XUi65nDOmPuzQJRy4B7UtjmbNYbk27AsE6VHr8uc6aSp638wl6yzL5wg8cSC58aEVVF8CmF6xLXagl87Xhvsd3SaFDDjZN7fQtjppfPrfhUkk-3CzA525iYM8_EWcDwyhGBWPoffgighBxnUcI4d-UCqnduHzTRLPx2nzO3Y7tYUr54cjsSIUDJOlR_eejBIZe1uo-LBavTsNiaxoaXWFnayC2aRG4DtL1UD6en_0_fr9l9YJvpDUvtkbwraPg7PJtoJ2hr0JqSTgIDV3xnCfYo_tSXlv0gXXfZfb1Co-kQATe88ZIP8wCwJqvP20qzY08XRsMZptqwbGnhsskgDtGiM2tFfoLbJ0H7d4gh_GhFgkV_Bi-uP9ZiTB6C1PVNmcaTxGCqzxUMfWaLlyeq3TGtCm9iSN2JmWpBLD2VURW8q6RZKw_g9Jb5a0Ce7msYnN-p4oGXli5lMA88rPu7jQQOtS5Xx20mp4hnHE_R3zRPnBL3GhBpJlWw84m_gskhw_E-loWEkNKVBsD7VpW-AWhLDdsUJbUqJrDnvs7-ZvfYcdapaw3auwyMhRhHw8osnzJnMncg7GzgQj9nzQY8_9rmvW9I4TLZnX1K6j5bvGW-mXOmNuYx7arx6oIMu6tHLcli5-aK-tCGG1Sw8Kg05oVHjCVjzsWTmehB8vzVhJuLHY-XBSTww-SkDTLV8Z683L26dZZ2eG-CzNRHpYE-3qsh8FcCSrBsLEQi938Hrsk-_Kh3tVkJW2yKpVeOJRm34DCCOALtP8f9dPFNhyu87D4OYfXY0O5VaweDd_5NZXf9ndguXoGE2K5xdxZGDpuvWYxh1SGypPnSW-oRgpTA7jN3-3if2naTYRLMXlXPmzqI6bNvXSo4ZNoS10rvrlaaxKZzb1UYfmoVrQwxfozJy1hlGTGp5YqIwT0nKe-GfOZypG-p15PpCwHEb48pyid8U0k5zg9QLfmSriwZ_pfJ8CAcOjlyLDOOAVNhkRdiFrENOZzJcFwvXG9D64KwOge7dFDxYzVaEMvhIEOWkq-iBHnfeyRsqH3qY9_ji20p3JMzzbq0UHINn2Wz_JIwlGP3cnT9O3enQVzt4_7VGPDXSDH-npZRfb19anOtnygX1h52lkYv13ol-cMc2TnmdipaPf8KZkADmOB_WfLoGzg3KH4XraQ6povjc6E0QaQtPXEDzkQl-Aquojlbg59SrDxpBJsVBbSAmHqAZSP4bsV-TwMLMhwQX4RbzlDYF9sxypioj2EecDegvZ3yR7RxQ3tOBAV9Eo8wRbZWXTyvLfX8_BP1p_EeR263-hcC5j8EzP2wSXB05ua13sWzSevRnkG7qFdHkrRIrY7G_9EhNZgcfbfwR2JHhzka2bGsN1Pnr0e2VMNE9wEgGXkZ94ge8d7mX9Lb6_LGegVYDUsT-C4UPymVlz2RpvIIWCevSAtgkNKATW-aWoXchtxhkz6ZPxRESJrgBTJb-8L2nm9ZHYfQQYb53IAE4LvBM-L7-NrQtnm9MnBxD49dsjLvuohMi1BEo_-tTj8mv1Gh0V0aZHBe1n8I-aeaDNVWd3BCYgWuC_d8naZ8I8Z7iYOByWQwAB1agzyQbNAlMbzk7fpF-n3ZDN5spcOZQfwlCqBZ5o8EVrSe9Gaa5_tdw7ekPiNDKJrkFBGtMU4kw2c4XUJ4ZWeKqOA1BxgDCy3zCwmbONJcD5XbDi8HduGXXDxwPgsxscSmUvYW9Dc3nkGTpXQ3Z0WlQKY5lpPAwFK-GCirR_dQfl1WRjtqdqrKckcCF5xgD3i2irGIZBWA_42Lg4Gfu18vfeTboehIFHnTd7SkGtzrH4BKNOMXUA4f8FlMN2ekupuivHB-OuB49LRUEQb5_DRy2DiePJfolVGjMdnRr4_apv45pRKHxPzrT284J5XFHzrP2S1owpdqIhVURbOYZBrMby4xi1PjeYBod4tlncIYMBJuRrjCFtTniv_uYUL6pVixLc-w337RPyyePQQ757CmQ2IJDl2y6h4L2t7m-3KF8u_ug_Wa9T96tZuTWURyPpD3XsCRTy1WUOYMGmemHOoByFWQVTtD-r58ETKltDBXA4WjDfr5J_cCO9t9WAf2fkgvW8pPpBNeCBjkIslmF0pDCo0oFveBCzIL3S4LfwvOOim5fK4qjFn4HfHjOhfzhLH6ztKsqUYw3cVBprUbok89qpdyw62ORmqBvQWJVj6_ZdY5qeB7h0Rns_NWF9nHDUoT66-VzhPhGkJNKaXX-oHDYMNMC39SOsusjzbyO1koCAHaXX3tLhunyl_0N3jIX_e8BB2RVjjoa41eBU-r2tU_pF4ySVPgr-7rj-FH9LG2xBW5_w04ZeinQKL4Ib9i86tZJvwynaFm-Zji112ptWD19sGns3WI5bdZXBOm5Zh2QErdeM9elD2NGsT1WelBx7oNdXqgJuAGPJp2Fmpy0HE774j1DLzHP0693hhafqsZP48remWD-pd8sdSQo-KHSiRsYQOLov0ggywBUbA_k8UbJS6EspwPUq2NsSuJrEeCPe9MUKRxTHZe2Wdt-IzVs7RiJoh-wEaO_yljoChdXEaJUp-3LPLbryBncHCoshcwM4Q-pV5cN3WVJB4uouY2iwR6BugTYiT7tfHcQjDLq5fR3S4U13CfstChJWXNoDTMQBiJo5tmEbJ5WPQQ0lV-XAIi3e7A5cidz_du7_dIIs3nXGzQzC9-8X7MHci2Mwe3oiHoJLmtlnLxJsTya6t1DWJUqHzsFPgsoQDbp8aypXsjBw-Q0i94U_ZdE23F8guJzm59exE_bJSGU6bAv8ZDM-iLpAwrx055o4niN7pFrBdw8fzQlm-3J_AWSzzB1uJTiKSSv_-bfWLBYNcylTk4kUcFGPJyuh4fl60Gl5r7V0UCbXwowpn9fCjQsu8Vz9_uHeJ0t21Ok7moQSD3bV-QYhOY3x41RQ7ku7G3vKjFmsWgAT4v-BUyzVlGeBBwUHGQb6US6hwuu2G5-xOcxAKzD-Er6FBcJCgH0WBIGyTaHF_jqi2P5YtNjyWvalQsDkvFMATvANuSuenATJ_h3fVhW0jxVh-kVinZNLWj2RCQLLlqah_eo4h8IcQLX9iBNqJ_E3we_4fk1qu08AmBtN5In_Q7AxmHIH_Y9vBvGhxdzWje8HR2Q4VWMk59i20HypQRIxoKTwfsxcZryOorzOzuqiD_Wjkohl-6ogQ-388A8mVdm32tYUlB9IuVKXPHY6s8VGaBPkaUKiY22Ws5kvhtlHOCfVjDdYQ-DgGaMirTL2aLnnXmUVMHPYxypRUL3oDWA8DGr48TSgPXCPK4z97wRs-GICr-nnUxxDDhl68nicmjUylNWXB-LaSmr2Df3SjhI1S1znHjX&cid=CAQSOwDUE5ymD4cH99Kz9ajhAJofqvrez0EWJS1ffrq0VnWVwNAPHI8LxLOmQaFbFespFzUjEr6HkGKQP_mkGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fumgoblue.com%2F&ds=l&xdt=1&iif=1&cor=17046527606561675000&adk=929882891&idt=147&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:18 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 9CCD 28 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D113 0
45 B 208ms
58ms Ping
image/gif 2a00:1450:400f:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lf0ytzsy&c=7379297356252&slotId=3689648678126&qqid=CJzg0M3Rzv0CFdOr7QodnQMPHA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D113 15 KB
16 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 521416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D113 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 291541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D113 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CrRDDtrQJZJytGNPXtgedh7zgAYvu4qlv1O3tm-oQmMDkvPEvEAEg4Ie-A2CVuoCCmAegAaLohcEoyAEFqAMByAObBKoE9gFP0DPLOLfTBzYl-fl-Pt_JIsDrUPsNmZHGswEBF-5teUTDsmOZTwlGG-INTxSDbJKGb6nW_iVK8vJlrvzLU_iIzpl5wIp5RJ630zmNjapvMq-QwtTuI8PerPlz92mHnUGPtG_uDqf4T8QkuJCsQLZP6DH_VuM0z0oMnDcNJL9yFLuk-9uwQJKiOc6SgNyTwwDWI2rIDnkJ0Rz-_-vbL4flM2Rc1Ad43M_Fo72rFimRv9HvSg5gFezImlnsYznSPpzll83NqiM1FI792p2acpy_JfMbbl8Y3PI38rj6lVxGEawnyjk6XBE5jnkNtCLvrxDVXz9yhOzABPOT7PiBBOAEA5AGAaAGdoAHoqDWoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE-mcvxLQEwDYEw2IFAbYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1678357687461&ai=CrRDDtrQJZJytGNPXtgedh7zgAYvu4qlv1O3tm-oQmMDkvPEvEAEg4Ie-A2CVuoCCmAegAaLohcEoyAEFqAMByAObBKoE9gFP0DPLOLfTBzYl-fl-Pt_JIsDrUPsNmZHGswEBF-5teUTDsmOZTwlGG-INTxSDbJKGb6nW_iVK8vJlrvzLU_iIzpl5wIp5RJ630zmNjapvMq-QwtTuI8PerPlz92mHnUGPtG_uDqf4T8QkuJCsQLZP6DH_VuM0z0oMnDcNJL9yFLuk-9uwQJKiOc6SgNyTwwDWI2rIDnkJ0Rz-_-vbL4flM2Rc1Ad43M_Fo72rFimRv9HvSg5gFezImlnsYznSPpzll83NqiM1FI792p2acpy_JfMbbl8Y3PI38rj6lVxGEawnyjk6XBE5jnkNtCLvrxDVXz9yhOzABPOT7PiBBOAEA5AGAaAGdoAHoqDWoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE-mcvxLQEwDYEw2IFAbYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D113 0
225 B 193ms
57ms Ping
image/gif 2a00:1450:400f:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lf0ytztz&c=7379297356252&slotId=3689648678126&qqid=CJzg0M3Rzv0CFdOr7QodnQMPHA&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D113 29 KB
16 KB 135ms
59ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AfW3tRLvIGGn8xehGDSvBxIYz-MxJmMnsvn26q5glkdjaG1QH1xeIBhWsKY-_jN8X6Kl96REiTyBMvnLFp9n75zt-2dw&cry=1&dbm_d=AKAmf-CL7gslvGGORnpgvzGjLEmxU448HWP-MsYIKEC89h0wvUsl3BNuPuVqo47mFYIosryHE2yy75ghe8o4m561w0fZfKkLu6H5YgGHTbS15paj5xRGnwajm9xg539ARmMzX3usSXzVcgBnfyTDLYcfRmV24-QX65NJanRgqoj8WFpDTNHML51GHgZxgq7usC6fWhsg7LgCCO0WstJ4cmDzNJ9R3Oldv057abLDPegj1c4VrZ-aPH_3I2i4PKEoeZHdoaaGf_cIijM_oNVDogP210Wn4mOqGr21LREKgnHnuh9zAUtM7rZs7kXI5P7jVgOSGQMYZUGTqOzQ7BQWjAf_goDJXAtyY0Eu1uBe1CMJ7Hkp6NLmo4NWXg5gqQs3GfGXqrObcP0lj1rr2eLqJjXbZ3hrfYF9v1GDs5Bb1pme3fXAk7sJjypAvoUrT3SKwSidVKP1R9S4jIYk8yeDVYbdfLyrKPCEuPX4B-KJ5JbYVDNbtcf2rKiSD2ReEVD3rmVQjkqLqLti8JS8iE1olAzvyPc2QO9dVv4Xa13vE1t3nlnK1IzGeGxfzEh2OO8IL6ZiWpJZxd-jUKUEMPuCcWMttrj9vNCSozFKo5Il6FywWm7Kxjl7w9SvYlJOQ2wkEBPRH5syhmk1Rn9g1FRVeP1GtSAUHAtshcIS2JxpRHarYOuh_En68egK79QEdcBQbc4SRNbRuuymO5h753BKGPbAnpkpG45ItPF04gPV7w72ExNYug_hMhce_pFrbYyhsyY2aJ-0gc0HkmBRxX6HXxZlNMCvnkJj936GwamNhRQ9dIWl5kNPckGWpoPhBuqgRxq3K66doNJ277sIXzy9wTwUOZ38Q-EsReefQNOWFblKJXfIrWq-bNa84n9f27DHSKlz8y71mjyO8WhshjIvRMv113K8nYVSVN4KU2m8Jl9BsqvEZrj_FEZF-zqF4dPuzA3fYAZh8QEiQh9kx52iW3QBcTlIb8T_nMDdO2mqYdo5tpBbwVTX7NcBwvftHLSrnS2MljAtEWeaEBHGkZ18qxQIayUG6BC_JihfkKH6HsFhyuQsPgUEnIVLbhIXCjxvD46fJ1_NS9Ra5ocZN_spELD4XgscBbkxUluB22tPvzaCTAqX9EHVjaRNDqfqwSkVj9DeM9jQHnuBK5j6ykEc_uUgPXZV5DvDLCfvVhNPvUEVDO4n4mDBvoJCnpXMF1866FtUc5UEkDtsgPFKPGFiAyYAlCEzLtkZ588vADnp5TvA54IEe6R76-LFIB9XtX0i5tYMvOXDhjMQQIBeEZ03VR-L08elIu4jZI8eYb8OHHIWPnI7ONfeU_4SylqEgFjTMDSCAOapamrIJjiMI9yh7oUKUDbNM_2qazRxgbYWttCqkYdDxyKt7H4Z6xfqKGG39bg8x9hJDg80jjFqszSuA4k5cEY1rPcRftWhIJJ7vj9lIFODMRJ2csnaBoRsztuXaAEbqGAv6jTgR6lUDz6ASYzrEiPlcSxV41ueXMQmZJh-KeSEioDGBv1knUdbLW8H5Vb0P7PCrAFTv8f3ygcF-WBdsTHkkVL1QFhUaZRMOtWMniIJoecPDINAKKDxjU3dKXGx0wlADwbYOb1QgFKtMBSnollx0MqusXX3IgVjH4LXFFRqch_mfzBZJpQkB2VOIAs7TdHLqKdRKvvJ6blBMRHOky_oaWIDQCFDxM0nZ45NdA_4X0ZczlPJgO6h0jA-K61KxHWUeCJiNL4C1JDrPAVUbkB6OyUkG9v-QNSZ50akphBYd6jLXvKBJ5b8wQc8e5HTklmt14K58SRTIe1eAhuUlxWsBv_b285UvjTfl7ocP5L9rPhCJzODrUexhleQoogbJxE3n5SsOnyHAsB8BZQ1gW_QEToxtH8v5w6r5i2xlNelulSl6DRgJNn1DiJDxKO-7li9FS0weyE-IAV5kSls5nppw-gw4N_qsSlJKdynF5SQAmWK5jJEQwTNbCjlYYrwr6HsPsHbW-wem6Dwdmg_cu4vgbOxHqPXcVn6qUhW2Pzzkik8W41ZJ_sZhwNVdzGMZHLImu_7EjLYegQepdoGRPK6GqAcyym-PC3Q85v-KCqyMFw4VCnHoVK7R942LvWjDcqGOO-ILtit_5IENckTcgMwq3vVgjchKJHesgvX_jULu0TFRiuLywaoc5vTTOA1-CJFZRQ9oModlSTketOVrEUxxX3VgeUCgdF5YEuZTlXbjzPlEX0_6URtMFbFNL5WlhSfzTZcF9mg6BERmSjfKjY-KP-Xy5kCtC3TFdRivlEig9yXg2ZFE_yTxs1Bb4S3SGY2TAW9wFU7A0qElJw-Mab468iugi4Odgd1wMdp3zUrBAPBrXp7yE5WFRj_xnUWCZPGMyeo19DM2JzTPdZ_gNqK1DssoFQCnWf8R1FrrZTKHqOEqV7vbOkKgcuYSizGXIrEJHcaRS0BzM3ld_tycUgn0d6X1LWpjJOstjGIP_NCuWu0g9_23vpzlWC8mpckEOGOey6cu4p7GelaR_qaWCrrynQ5h6McDPeS73z12pkwwxBk4rB6gihilDzI-fM06pdOm4e-vRo5j4vUVo96v4UCSGQ5S3p6lRwu06DyVEUhQFDPe_ZsF7SqV7Yp5yqMuI6d8rWj7hOyHatNnBTF5JdP_jMsYMzjVxGuq8d_6CS_IW9wiuMCwqylru2aLtIeyX_vjGG2x9AEqDAE8NM1jvwrwTne4wBA3uRNVWgNL_QeM7-p67hOPAPDeMDPjXvxpTxYzW0-t6WPQZMx26PeZyMNoTDnp6scXroqcpekBkiRBQrPqt0kSwPAMK1Ih_CUn7EOUvj2fgJRmtuuKdfZSyHajHq7jZRJ_t_LFNUFTDr3725VvY8lJxDSdonkIE33C5zZdkLQRuklngZ9nOf2NuXCfAQmxLjo6RA1WzJc4fKJVSbadwubZ6PDsd9aN4IGk6U6ZBrHMetEvu_ECUMuvT3bZaiUs04LLhrMvOvbCYtBG_Y3oYcMtSKYKulU8HiQG0PkbBsmOpeBjG19BcASHIitIw5KtVW1d5klpq0hQp3enlSlb5ttvPMNw-yV9_Xl7Cv91PdpowqHtxdnDc3xTITtXlzfcGU-pBUrmsCQ19HFvHEWsKFZtFU4rl38dtjopDZrfIOsy9BmOSzREom17bRDFPVQMOMif27_uZ9BlFtg00HYdylROQj6aAmqIewvVAwfAOhik3m9jODX7tNwnY6wpDlNoxoirkMVSEJjlQxg34kUyn6Zg7cabbwI3qXiMV5CKh0wL0g_tDaahwemR56BeSc5T8jeSkLtSYftmuQ-rFbHkcdEwb3ZO6qVsBiIFGaLR1vBzM2vFnGBSLbuYtzJJYQKrxFnDxwXQcO-wVZVt8LrKIU&cid=CAQSOwDUE5ympnh8wXOPxxmRDsZcTnrgiBS63H-UaHjWZ27scHdkX1jldo46HTEcXyCvX1W59Yp0cyEihmRAGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

6ce12f56d7b52269f7570e682ebdac841f4170279b1e78e0eb89c6ea668a9117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16128
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 66C1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
40ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:07 GMT
expires: Thu, 09 Mar 2023 10:28:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame CA3F 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D113 0
0 66ms
64ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CreqYtrQJZJytGNPXtgedh7zgAYvu4qlv1O3tm-oQmMDkvPEvEAEg4Ie-A2CVuoCCmAegAaLohcEoyAEFqAMBqgTzAU_QM8s4t9MHNiX5-X4-38kiwOtQ-w2ZkcazAQEX7m15RMOyY5lPCUYb4g1PFINskoZvqdb-JUry8mWu_MtT-IjOmXnAinlEnrfTOY2Nqm8yr5DC1O4jw96s-XP3aYedQY-0b-4Op_hPxCS4kKxAtk_oMf9W4zTPSgycNw0kv3IUu6T727BAkqI5zpKA3JPDANYjasgOeQnRHP7_69svh-UzZFzUB3jcz8WjvasWKZG_0e9KDjgUXiUJ47Px5BOX5Qg-4VBGFpT4s3p4rx34JbcN-jJ21Zgox5Y8B9C7RMSwFhVNuYp2PSFRjLzNz7MWzUDFv8AE85Ps-IEE4AQDiAWrtpCbPpIFCwgiEAIYAUjesrYBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeioNagA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELWuFRjdwPbbAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPpnL8SyBPKmd7fA9ATANgTDYgUBtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04NjA5MTgwNTEyMDU4Nzk4GAA&sigh=RuT-RuNqvpg&uach_m=[UACH]&cid=CAQSOwDUE5ympnh8wXOPxxmRDsZcTnrgiBS63H-UaHjWZ27scHdkX1jldo46HTEcXyCvX1W59Yp0cyEihmRAGAE&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 992E 1 KB
643 B 23ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Thu, 09 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012302171719000/ 23 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666c5927d6bcb88b762bc42009cd3909361fab28d80d5e16b2abfc8f06d93935

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:27 GMT
age: 231580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7857
x-xss-protection: 0
server: sffe
etag: "56ffe549ac4f4013"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:27 GMT

GET
DATA 200
OK truncated
/ Frame D113 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a58b1e81a28071ae58b42b9c387071b5b49233cf8f1081ce79ffda2782edcc5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20CE 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 55893
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Mar 2023 18:56:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20CE 295 B
319 B 20ms
20ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 41612
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 09 Mar 2023 22:54:35 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D113 0
54 B 55ms
54ms Ping
image/gif 2a00:1450:400f:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lf0ytzud&c=7379297356252&slotId=3689648678126&qqid=CJzg0M3Rzv0CFdOr7QodnQMPHA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D113 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 07:15:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-4g5e6nze.c.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D113
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-4g5e6nze.c.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

338ms
22ms

Fetch
video/mp4

2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nze.c.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5BE620E461ACF15284FDE7980E0F30294B33BCBB.596D5C6194333B52762901EDDA5BDC09A933AB1E/key/cms1/cms_redirect/yes/mh/EQ/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5e6nze/ms/onc/mt/1678357254/mv/m/mvi/5/pl/29/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

HTTP/1.1

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:28:08 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2149665
Last-Modified: Fri, 09 Dec 2022 11:17:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 09 Mar 2023 10:28:08 GMT

Redirect headers

date: Thu, 09 Mar 2023 10:28:07 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-4g5e6nze.c.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5BE620E461ACF15284FDE7980E0F30294B33BCBB.596D5C6194333B52762901EDDA5BDC09A933AB1E/key/cms1/cms_redirect/yes/mh/EQ/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5e6nze/ms/onc/mt/1678357254/mv/m/mvi/5/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9CCD 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:54:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FAE0 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Thu, 09 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9CCD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd4212a9ba50e234d98a92c7c57ef013ecfdda3afd1cf1b96649654b656d2834

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 992E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MU5EN3llY3ExUEFkdmg1&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cver=1&google_push=Aa02lx_1T8P3ggDFnbv4V5Nde8rletafsnJ9mTXSV5MuRdZ...

170 B
188 B

59ms
59ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MU5EN3llY3ExUEFkdmg1&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cver=1&google_push=Aa02lx_1T8P3ggDFnbv4V5Nde8rletafsnJ9mTXSV5MuRdZb5Er7ReAJ-hOw-cDHvfwxwKpHPgmjCHZitcwWxbkstdqv4cukf5PLw1o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:28:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-04a4a3c9d6b291794@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MU5EN3llY3ExUEFkdmg1&google_gid=CAESEKzJK2dryiP4uQd5WYov9VU&google_cver=1&google_push=Aa02lx_1T8P3ggDFnbv4V5Nde8rletafsnJ9mTXSV5MuRdZb5Er7ReAJ-hOw-cDHvfwxwKpHPgmjCHZitcwWxbkstdqv4cukf5PLw1o
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 992E 0
174 B 113ms
32ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEL-dCVjoQ5wV0Dbit0izeyk&google_cver=1&google_push=Aa02lx99lLvTzUMdAl5gLHVzG1gupJK2elucqpWNsn84Q0IQCTRcBT1bFRE8mHbUpDb7vC6vkDVq_kxilwa9Fp2gUeuBbi2ebaZ5-g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame 992E 43 B
350 B 114ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAx37HJ6cjZpvZ3tX36exKg&google_cver=1&google_push=Aa02lx8D7FeOPQZ6LxlgJEt3sHB1ZHguf718TtLTZeJnneMmyxxP3Zo7i8O09vsgkAopWRnb9a9DtBfWu7AE0eUHPNm9MsqLhco2RFU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:07 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: s1chkj492n1tiu50no38k49dq1cd7t37

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 992E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJzuBavJUC9P7PFcQwisEbI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzuBavJUC9P7PFcQwisEbI&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx9g74h3HZGIdd0tKSeluPHH2wjOAoQVV...

170 B
188 B

66ms
63ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzuBavJUC9P7PFcQwisEbI&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx9g74h3HZGIdd0tKSeluPHH2wjOAoQVVrazyoEPlMI1xVp5_XWNjMoeSRDEh9-tVpgDDNb6nn8QSl4RLPjcl_W7_k_szKNGdd8

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:28:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzuBavJUC9P7PFcQwisEbI&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx9g74h3HZGIdd0tKSeluPHH2wjOAoQVVrazyoEPlMI1xVp5_XWNjMoeSRDEh9-tVpgDDNb6nn8QSl4RLPjcl_W7_k_szKNGdd8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 992E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI7TePSXAuJ1zs4pAZq36pc&google_cver=1&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hD...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI7TePSXAuJ1zs4pAZq36pc&google_cver=1&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hD...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hDoLkUN9kRsEWvCg&google_hm=GR_UrGZHYyI4NBJHQMC...

170 B
188 B

60ms
59ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hDoLkUN9kRsEWvCg&google_hm=GR_UrGZHYyI4NBJHQMCnI4ju

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 10:28:08 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9QXKNyE7x5UHmy1NoVHrfUcvX_ru3WrfNjxnmKBZ-x9XnITyyIC-3Yxie_JPnBGnF5E5fKnSD_tzvp-A7hDoLkUN9kRsEWvCg&google_hm=GR_UrGZHYyI4NBJHQMCnI4ju
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 992E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOngztYdL9votPk-GcqWFdI&google_cver=1&google_push=Aa02lx9ZOQz72sNwMs6WTU596tgDYXk3NSKheietw4ajXZaHwYv2vy7dXnXJGwOa92f8i4eBeo5_zQOsFYYfXTbj...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ZOQz72sNwMs6WTU596tgDYXk3NSKheietw4ajXZaHwYv2vy7dXnXJGwOa92f8i4eBeo5_zQOsFYYfXTbjq9YNiMdhWYSJkg

170 B
188 B

59ms
58ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ZOQz72sNwMs6WTU596tgDYXk3NSKheietw4ajXZaHwYv2vy7dXnXJGwOa92f8i4eBeo5_zQOsFYYfXTbjq9YNiMdhWYSJkg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Mar 2023 10:28:07 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ZOQz72sNwMs6WTU596tgDYXk3NSKheietw4ajXZaHwYv2vy7dXnXJGwOa92f8i4eBeo5_zQOsFYYfXTbjq9YNiMdhWYSJkg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: SF-JVY83tBR8i6QTNKFciSdsJeyHdgvl05fLKqXeKbBqsHUHErYAmA==

GET
H2

200

/
onetag-sys.com/match/ Frame 992E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF8USJKko7NUleE6RzmgSuY&google_cver=1&google_push=Aa02lx-LQn9_jf22QmTxzI7OlnFJPvZEw-imM7rBlpI4ItH2m83DY1kzFLrRGAGJouVx43KUOwtTm6YsQPq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-LQn9_jf22QmTxzI7OlnFJPvZEw-imM7rBlpI4ItH2m83DY1kzFLrRGAGJouVx43KUOwtTm6YsQPqPp9H7baUDVeqBptcDZACi
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

22ms
21ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 992E 0
12 B 60ms
59ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtBa0thGNmpJId6VHu2jrwX2ZNt1Ubu6hU7vHpTvQtrLQWnUILN9dVuNQQQzfLujPLJv4gug

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3708862090&pi=t.aa~a.1862092094~i.7~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=1&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280&nras=4&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QGhbEULwbl&p=http%3A//umgoblue.com&dtd=72

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 main.19.8.397.js Show response
static.adsafeprotected.com/ Frame 9CCD 200 KB
63 KB 108ms
29ms Script
application/javascript 2600:9000:2127:400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.397.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1221363/66729850/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eda66660e3697c79394073d8612dbce395eccdd20f40387c05f132882b00f04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 21:58:11 GMT
x-amz-version-id: L_QpnZKJu0E.etpUeNZoyQH4AE_JqZeG
content-encoding: gzip
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1254597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Feb 2023 19:35:52 GMT
server: AmazonS3
etag: W/"edf6076def7e7c118e84486c2d40b8aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5T-K0omdnLnf12DpHIRmxo-UB2GOGbZ8eW8YeJw9IF2cM5IP82w_Fg==

GET
H3 200 img01.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 21 KB
21 KB 26ms
24ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img01.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1dbecc2b28126a52eab4125c352d8a97da5d4d1b91e772def023cef1f8b9f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:20 GMT
x-content-type-options: nosniff
age: 236927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21811
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:20 GMT

GET
H3 200 img02.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 19 KB
19 KB 27ms
25ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img02.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed16cfe79ae78efa96bc54afd8feab84f1c416fe0e91b68fb6d3f77605ce55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:20 GMT
x-content-type-options: nosniff
age: 236927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19836
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:20 GMT

GET
H3 200 img03.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 20 KB
20 KB 30ms
28ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img03.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6c63494941000fe458c2f949ee546a1e12d957022ff87510a91b01dbad25cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20291
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 img04.jpg
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 16 KB
16 KB 36ms
34ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/img04.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59188665906c242795923b3101c0429d5c3043b67e24a16245ce4281d5e58040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15965
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text01.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 6 KB
6 KB 37ms
35ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text01.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3a0c74a9a96bb7c543161d649dc97c9cec3059c547f6a93b0ebb5c0a5fdeab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5719
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text02.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 5 KB
5 KB 41ms
39ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text02.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd73ec5a3bd8f160b38592d2563b2cd945ac87d3961d1f7a34b2387debe774f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4904
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text03.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 5 KB
5 KB 41ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text03.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bf048337ab9d80611073c1c9c3f92a2cdac307f06a29a1a223bbd5e707ec2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4632
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 text04.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 10 KB
10 KB 42ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/text04.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dce591d4dd5e62eec56af665a5b1bb271a8e0470d552e08ca52768a3d3539e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 236926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10307
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:21 GMT

GET
H3 200 garantie.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 4 KB
5 KB 42ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/garantie.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853c6c71de404e9a728bb114bd8c32d863f351eb38fb3d6de2a46c2cca5fe673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:24 GMT
x-content-type-options: nosniff
age: 236923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4586
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:24 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 2 KB
2 KB 42ms
41ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2826901bf8b31b3217adb1fa30e0ebbcaf2dd91f42cc7ef2249a8181d1071d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:24 GMT
x-content-type-options: nosniff
age: 236923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1999
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:24 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/15355657124420615017/ Frame 20CE 16 KB
16 KB 42ms
41ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15355657124420615017/logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7667c052da8841db61b604923b9ed08ac1e088d7d8d4d81403d76a9c32196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:39:24 GMT
x-content-type-options: nosniff
age: 236923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16356
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Mar 2024 16:39:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 20 KB
7 KB 339ms
22ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1272765e2ca2df5eb09948e6174ffb8de410f13a2e5d12be827528b3bd8454c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 559588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 7268
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 23:01:40 GMT
expires: Fri, 01 Mar 2024 23:01:40 GMT
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9CCD 0
0 387ms
64ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8nWBf66_TUmzBNSoHfqmKp0cqG6ZNZjq2x41AlxA_YG0ah-j3Tf0JeDc1tNaaZx7rlQe8S8qH6UopdmtE2tptD10su_mprzGrR7X-22CoW-SbiWXPRPCCZSmL2JadmTMhx4OXl7-5HvKdTCpFLnvq7mTmO4dDmBbYAvDCERFyXthA-THChGQNrHH9cOgBbN3nXYD4hUQ2bCL4YmbJRIVVKYjk5S5S6yRXenR8OHygw65eltV7THqlZHuTF3VNaX-2ji4LjvJzUKaBTNyN0oDv9swdp0JakKrd2y3gQuK60TUD-WVz-UO00hwgClFG1AdX-yLcBBgW4GCB8XX5VUGyjNaKKX2g4tTqh6mqK9fbII9QvVbjUAJtfsQqdSS1fQNbyrEC4VBzvzdyrYky11AxZy581d8gktD_BHJcAhvXBSSiY8Skzu618nQChDXfg3XD3GsqVQPe1tgaDhaJmKu_A74acGSzpxuTcvhft0jRNXsHalhzl9zOtTDqfvyjV94bAbxKsLpvS46euWBinpZooj9grR5mZhM4zClai2vmnXm1A2FeWyRRKAjsIszgeHuYhAKv9rJnHGbcZGl0DS9yTUYuIdZ6ZvC-RcUCYkOfdYbWMcqMqUHcO1vYs61__mQm-28sQDKONlXHRbPNtfdtta9wuHs40rIDklSJjURfByMpcaNoV9tHNqcTyQjqsWpYaIUfUwU4QRr_quDQxS1lVcIaVVqF34ZU84o0WGBtb_BaAExoqU_6WP07s7TSgjHbrJZLrmMCCh131H4y-kyDtK4ziYdyadamrM0b58qJyAQ-pCYHXTOk_iFhZdAHGI9YdLU_UKnwPbBfaEmANjGxtWsbNNtZzKRsS6DWyzJXLiezjQef7PrOyBlDHYwtWj--860Ki-MjzaQL4bmChJcVYVtt4iabA-y_Lv1hJmAZOfD_wTmOUb__3gzaM8CnSipQz94rlXw1Ef-7GN-PTmom4b2Yoe48GwwOsXBrQf7YrIA8h2_62ohGA-acdIVoDYzv9-Sbjx6t4OxF4eRzZ57z2G_LsTegpLQt9QkK5ZOki3XGTCJtxyup8lm2NzCSuHLlcJFJ-49GN92n5rGBd249-nWvspHYkn465ENMPluiZfuMOLe8v3sVa3w1IzXS-A9r_6y8fqai2DdyuIsuiShmuxBmgbNtzyMiMydI6PPLTEMmFtT3TPUBoj7HJuvh4v2f497rrmESCHiyfEuH0Lpg1wwDuVM&sai=AMfl-YTGFSs1tU60TAcUjgU3aXwf6x8abBZqKY1SigodhUFNivs8CxBINF1IWUEF7P6IzmXPrqP-A631QMqtkkEeV_1MaV98yyzrRjHbkiOcO3WEx5haUiLDtHfr-vWim47wH2C1ZcnrJ_hsOSu49dE2-ydeVbcSe_fZDrBCWGA7dvk6Wy0P4spTK3vOD4tYY0D7obwRfymAUAkM2JvN3BX8FWPnDGY87j46LF_pTxb081M5ZJhxoG6Kv6RY-iFyTCm5p1N0&sig=Cg0ArKJSzNhq_ve5Lq1BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=478&cbvp=1&cstd=475&cisv=r20230306.92007&arae=0&ftch=1&adurl=

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 10:28:08 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0926 36 KB
14 KB 32ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8BC1 23 KB
9 KB 25ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 184341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 07:15:46 GMT
expires: Wed, 06 Mar 2024 07:15:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3793 22 KB
8 KB 28ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 184310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 07:16:17 GMT
expires: Wed, 06 Mar 2024 07:16:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAE0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECbCduN-ZZx3L-HouMFALi0&google_cver=1&google_push=Aa02lx-oUsdU5ebp75MHTxMQ24rKH4pRCSeav2fCuGdhPcehAH-B68oyQHvxQwyZCqqBIqiUFz_mQPf6LlQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-oUsdU5ebp75MHTxMQ24rKH4pRCSeav2fCuGdhPcehAH-B68oyQHvxQwyZCqqBIqiUFz_mQPf6LlQhFy7UbNz-hnEvvOSUwo8&google_hm=VDSq32E5Rvu0Wh9TZ...

170 B
188 B

60ms
59ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-oUsdU5ebp75MHTxMQ24rKH4pRCSeav2fCuGdhPcehAH-B68oyQHvxQwyZCqqBIqiUFz_mQPf6LlQhFy7UbNz-hnEvvOSUwo8&google_hm=VDSq32E5Rvu0Wh9TZj4H9xk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-oUsdU5ebp75MHTxMQ24rKH4pRCSeav2fCuGdhPcehAH-B68oyQHvxQwyZCqqBIqiUFz_mQPf6LlQhFy7UbNz-hnEvvOSUwo8&google_hm=VDSq32E5Rvu0Wh9TZj4H9xk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAE0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMR7ylUXLpSQiTblUfE7nb4&google_cver=1&google_push=Aa02lx_gZkBqzP9UH1v43Xsqr12rCrGGEJU8m-Pi2UdzgI6idZPJi2cIbF_fw_KMyAJj2hVMPpD4teRt6BruJpoS...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f6HW1XaqRw-wyl826Lm6kw2&google_push=Aa02lx_gZkBqzP9UH1v43Xsqr12rCrGGEJU8m-Pi2UdzgI6idZPJi2cIbF_fw_KMyAJj2hVMPpD4teRt6BruJpoS6wKYuYSGf1d17Sw

170 B
188 B

64ms
60ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f6HW1XaqRw-wyl826Lm6kw2&google_push=Aa02lx_gZkBqzP9UH1v43Xsqr12rCrGGEJU8m-Pi2UdzgI6idZPJi2cIbF_fw_KMyAJj2hVMPpD4teRt6BruJpoS6wKYuYSGf1d17Sw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Mar 2023 10:28:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=f6HW1XaqRw-wyl826Lm6kw2&google_push=Aa02lx_gZkBqzP9UH1v43Xsqr12rCrGGEJU8m-Pi2UdzgI6idZPJi2cIbF_fw_KMyAJj2hVMPpD4teRt6BruJpoS6wKYuYSGf1d17Sw
x-host: tde-deliveryengine-production-86c874c4d8-c9lg6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAE0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELQiks9nFPfCd0uB7UPJvUA&google_cver=1&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNtox...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELQiks9nFPfCd0uB7UPJvUA&google_cver=1&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3Ir...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDI2ODU5Mzg3Njk4NzY3OA&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNt...

170 B
188 B

65ms
61ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDI2ODU5Mzg3Njk4NzY3OA&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNtoxuLsWpi98TsG1WF0AZgO4nQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDI2ODU5Mzg3Njk4NzY3OA&google_push=Aa02lx99rVVvrKHNi41bl2LKYFMIhmI0pF1s7A1XMEJieS08UyUBUSOD4t6dAe7zc0GL1ekG3IrCNtoxuLsWpi98TsG1WF0AZgO4nQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAE0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBiYE2UgrZvo6EXxbzPFkyc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiYE2UgrZvo6EXxbzPFkyc&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx8gsOc_iu6Lcm2-1_6jewuaIjwS887OJ...

170 B
188 B

63ms
60ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiYE2UgrZvo6EXxbzPFkyc&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx8gsOc_iu6Lcm2-1_6jewuaIjwS887OJRjWpOAkiarnmkCZ65Fj93a5UqwU_DuLhIJpR9MilDfvUbYF0hm_aJNtliTRq0kGMg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:28:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBiYE2UgrZvo6EXxbzPFkyc&google_hm=ZAm0t1J0kg_18hw4pmTF1wAABJQAAAAB&google_nid=index&google_push=Aa02lx8gsOc_iu6Lcm2-1_6jewuaIjwS887OJRjWpOAkiarnmkCZ65Fj93a5UqwU_DuLhIJpR9MilDfvUbYF0hm_aJNtliTRq0kGMg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAE0
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJBc_qD42GgjifY2b0Z-SuQ&google_cver=1&google_push=Aa02lx9mHDEy8qRF33VPAGCCaLP0yz2aE_mUtD5HRoBVyK2llnUtxW9bh9ht2CHfTYakd6qBgnThFrBH81kVNh7Hm...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mHDEy8qRF33VPAGCCaLP0yz2aE_mUtD5HRoBVyK2llnUtxW9bh9ht2CHfTYakd6qBgnThFrBH81kVNh7Hm2yjHDPIBYFcng&google_hm=GR_UrGZHYyI4NBJHQMCn...

170 B
188 B

58ms
58ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mHDEy8qRF33VPAGCCaLP0yz2aE_mUtD5HRoBVyK2llnUtxW9bh9ht2CHfTYakd6qBgnThFrBH81kVNh7Hm2yjHDPIBYFcng&google_hm=GR_UrGZHYyI4NBJHQMCnI4ju

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 10:28:08 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9mHDEy8qRF33VPAGCCaLP0yz2aE_mUtD5HRoBVyK2llnUtxW9bh9ht2CHfTYakd6qBgnThFrBH81kVNh7Hm2yjHDPIBYFcng&google_hm=GR_UrGZHYyI4NBJHQMCnI4ju
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAE0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENkOKFp4r-1zpFYjcdrQblc&google_cver=1&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0l...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0lv...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDcwMDg2MTE0NDMxOTA0NjM2Nzc0OA%3D%3D&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZW...

170 B
188 B

57ms
57ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDcwMDg2MTE0NDMxOTA0NjM2Nzc0OA%3D%3D&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0lvJvRo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDcwMDg2MTE0NDMxOTA0NjM2Nzc0OA%3D%3D&google_push=Aa02lx9G0cVAz7HdifZCn2CdbCVMxJsYFDq7DZyzOJQ2JoUjz5W7LRZWPjH4byklB3TeMVi6mwyfDAGRYrEGsKdzlSmBUAPZ0lvJvRo
date: Thu, 09 Mar 2023 10:28:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame FAE0 0
45 B 291ms
36ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGrEEOpvf6lIC37L8-77ygo&google_cver=1&google_push=Aa02lx-JL-P6JqCKmbLyLGwWxpIoTo2fnLGU7eB8ML5GPa-zXMiWIhSMdizuRIFxZPZOyU6WfMjaAbJ_wYLNW4Owj19ZEFyt0-hkrNo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:07 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FAE0 0
12 B 57ms
56ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3t7MBSjcT2GyfA64mjXAnGaxfOUNCuusazLeGiGAaqIWOZbap1OSfd_cvWSj4iorz2s8a

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 9CCD
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1221363/66729850/skeleton.js?adsafe_url=http%3A%2F%2Fumgoblue.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fumgoblue.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

28ms
26ms

Script
application/javascript

2600:9000:2127:400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Server: 2600:9000:2127:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4516578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: snxcSP8vhLHMZGVAxhT0xkuCXQ-Jtfrp4_7EpJ7_1MNhf-akEq3diw==

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 39A0 91 KB
23 KB 29ms
29ms Script
application/javascript 2600:9000:2127:400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 08:50:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4930689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Hgzo3llwbbJ-9fOsAOOIUyzebFYhOUVzNPYUqiRiI9MN-jBX6vYfrQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CCD 43 B
215 B 547ms
177ms Image
image/gif 2600:1f13:800:7781:b391:a9e4:f6b9:982
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=98a2de31-3d06-28e6-1b0a-21acd2fa5455&tv=%7Bc:6mjlID,pingTime:-3,time:218,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:192,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ty09OEx+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C171%7C172%7C181%7C191*.1221363-66729850%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d1,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:194%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b391:a9e4:f6b9:982 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CCD 43 B
216 B 543ms
175ms Image
image/gif 2600:1f13:800:7781:b391:a9e4:f6b9:982
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=98a2de31-3d06-28e6-1b0a-21acd2fa5455&tv=%7Bc:6mjlIE,pingTime:-6,time:219,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:219,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:192,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ty09OEx+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C171%7C172%7C181%7C191*.1221363-66729850%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d1,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:194%7D&tpiLookup=ao:umgoblue.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b391:a9e4:f6b9:982 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CCD 43 B
215 B 539ms
176ms Image
image/gif 2600:1f13:800:7781:b391:a9e4:f6b9:982
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=98a2de31-3d06-28e6-1b0a-21acd2fa5455&tv=%7Bc:6mjlIK,pingTime:-2,time:225,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:463,bdZ:627,beA:914,beZ:915,mfA:1087,cmA:1088,inA:1088,inZ:1092,prA:1092,prZ:1102,si:1108,poA:1109,poZ:1124,cmZ:1124,mfZ:1124,loA:1134,loZ:1136,ltA:1140,ltZ:1140,mdA:916,mdZ:1057%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:225,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:192,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ty09OEx+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C171%7C172%7C181%7C191*.1221363-66729850%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d1,idMap:191*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:194,sinceFw:31,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b391:a9e4:f6b9:982 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C9CF 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstretc0WOujKgdxP2aXnp_UcKk_LdAtoUJzaiWct4fPiZ8vn_9XG4WySjBM-GWaWGW0Mkm0-aM0TI2q6HLYj4kuqD_mJkffdPCy3EsE2WIwyabq9MOnupMj8GgKDwawanW1yCeb9g&sai=AMfl-YTHK03e3aq5RvLWv9f8opmkqe2IhwYs4gkTNJ7cvEYbhPZil4vFy2C_85D0eT7QV3kvn-KQShkTPNXY&sig=Cg0ArKJSzP9CsJzsY2V5EAE&cid=CAQSGwDUE5ymdMpAl_bWfZTCE6ongmMfOZh1Em2o0hgB&id=lidar2&mcvt=1013&p=0,0,280,1200&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&vs=4&r=v&rst=1678357685139&rpt=2074&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adltl.js Show response
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 30 KB
11 KB 24ms
22ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/adltl.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11961a36e2d6b42254abd7d1486669ee9272eecdbf729e8991cbc869dc66f977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5346
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10853
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Mar 2024 08:59:02 GMT

GET
H3 200 adl.css
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 3 KB
985 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/adl.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 10:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 956
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 10:54:51 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7A52 30 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c33b9883bf465c9cdf79bf928927dca03c45ff7098d2abcccb20395fec3c64a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 10:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:55:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 10:28:08 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BC1 36 KB
14 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 23:23:37 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3793 36 KB
14 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 206 file.mp4
r5---sn-4g5e6nze.c.2mdn.net/videoplayback/id/650f21e4a3f75106/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709893687/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D113 2 MB
2 MB 58ms
32ms Media
video/mp4 2a00:1450:4001:66::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f7e97134b5b0ccc3f383c44c3a2881dd99541d936477e85d105c69648dc107c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 09 Mar 2023 10:28:08 GMT
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2149664/2149665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2149665
last-modified: Fri, 09 Dec 2022 11:17:03 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v12/ Frame 7A52 38 KB
38 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 22:49:59 GMT
x-content-type-options: nosniff
age: 560289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38720
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:41:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:49:59 GMT

GET
H3 200 1278_1674051397278.woff
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 5 KB
5 KB 34ms
33ms Font
font/woff 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/1278_1674051397278.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

773abfa142fd39df43b48b8803717df29274f240f7a17a34f4d1b55dfab2be45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:04:40 GMT
x-content-type-options: nosniff
age: 19408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4636
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Mar 2024 05:04:40 GMT

GET
H3 200 110606_q28_s596-318_1672152296.3077.jpg
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 43 KB
43 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/110606_q28_s596-318_1672152296.3077.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be910e7ca761ae9c4cdb60a1bcccb9d28e567c510010399138534d08c399901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:51:53 GMT
x-content-type-options: nosniff
age: 20175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43663
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Mar 2024 04:51:53 GMT

GET
H3 200 109907_1671617130.0692.svg
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 245 B
224 B 42ms
40ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/109907_1671617130.0692.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc826ef081368522788e3f355d91738fdd2938bacf654f72801495b3cabe2bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 18:02:47 GMT

GET
H3 200 109296_1671092616.3317.svg
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 3 KB
1 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/109296_1671092616.3317.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d52e09b0be79dddeb781b53e758dbbd9d9c7ba797b56c6270e73bf86ba918d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1184
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Mar 2024 05:09:56 GMT

GET
H3 200 110283_1671715188.0378.svg
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 471 B
307 B 43ms
42ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/110283_1671715188.0378.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493e54bd318fb106b246de72deaa2f4e6e0279bb10466a7e4adfd37d144619e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 569535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 20:15:53 GMT

GET
H3 200 109774_1671540023.8509.svg
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 247 B
233 B 42ms
41ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/109774_1671540023.8509.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc8361d2ec97cbcab7f2366164361dd4359e973c969ce20238984a72b00e020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 23:02:35 GMT

GET
H3 200 109111_1670943143.7743.svg
s0.2mdn.net/sadbundle/11419712990575231742/ Frame 7A52 3 KB
2 KB 39ms
38ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11419712990575231742/109111_1670943143.7743.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

758a7336a1b81a836167fbca4164c2307d37fc2e9cb818c4f937a51533a52b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11419712990575231742/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1611
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 15:23:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 12:07:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9CCD 0
0 60ms
59ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8nWBf66_TUmzBNSoHfqmKp0cqG6ZNZjq2x41AlxA_YG0ah-j3Tf0JeDc1tNaaZx7rlQe8S8qH6UopdmtE2tptD10su_mprzGrR7X-22CoW-SbiWXPRPCCZSmL2JadmTMhx4OXl7-5HvKdTCpFLnvq7mTmO4dDmBbYAvDCERFyXthA-THChGQNrHH9cOgBbN3nXYD4hUQ2bCL4YmbJRIVVKYjk5S5S6yRXenR8OHygw65eltV7THqlZHuTF3VNaX-2ji4LjvJzUKaBTNyN0oDv9swdp0JakKrd2y3gQuK60TUD-WVz-UO00hwgClFG1AdX-yLcBBgW4GCB8XX5VUGyjNaKKX2g4tTqh6mqK9fbII9QvVbjUAJtfsQqdSS1fQNbyrEC4VBzvzdyrYky11AxZy581d8gktD_BHJcAhvXBSSiY8Skzu618nQChDXfg3XD3GsqVQPe1tgaDhaJmKu_A74acGSzpxuTcvhft0jRNXsHalhzl9zOtTDqfvyjV94bAbxKsLpvS46euWBinpZooj9grR5mZhM4zClai2vmnXm1A2FeWyRRKAjsIszgeHuYhAKv9rJnHGbcZGl0DS9yTUYuIdZ6ZvC-RcUCYkOfdYbWMcqMqUHcO1vYs61__mQm-28sQDKONlXHRbPNtfdtta9wuHs40rIDklSJjURfByMpcaNoV9tHNqcTyQjqsWpYaIUfUwU4QRr_quDQxS1lVcIaVVqF34ZU84o0WGBtb_BaAExoqU_6WP07s7TSgjHbrJZLrmMCCh131H4y-kyDtK4ziYdyadamrM0b58qJyAQ-pCYHXTOk_iFhZdAHGI9YdLU_UKnwPbBfaEmANjGxtWsbNNtZzKRsS6DWyzJXLiezjQef7PrOyBlDHYwtWj--860Ki-MjzaQL4bmChJcVYVtt4iabA-y_Lv1hJmAZOfD_wTmOUb__3gzaM8CnSipQz94rlXw1Ef-7GN-PTmom4b2Yoe48GwwOsXBrQf7YrIA8h2_62ohGA-acdIVoDYzv9-Sbjx6t4OxF4eRzZ57z2G_LsTegpLQt9QkK5ZOki3XGTCJtxyup8lm2NzCSuHLlcJFJ-49GN92n5rGBd249-nWvspHYkn465ENMPluiZfuMOLe8v3sVa3w1IzXS-A9r_6y8fqai2DdyuIsuiShmuxBmgbNtzyMiMydI6PPLTEMmFtT3TPUBoj7HJuvh4v2f497rrmESCHiyfEuH0Lpg1wwDuVM&sai=AMfl-YTGFSs1tU60TAcUjgU3aXwf6x8abBZqKY1SigodhUFNivs8CxBINF1IWUEF7P6IzmXPrqP-A631QMqtkkEeV_1MaV98yyzrRjHbkiOcO3WEx5haUiLDtHfr-vWim47wH2C1ZcnrJ_hsOSu49dE2-ydeVbcSe_fZDrBCWGA7dvk6Wy0P4spTK3vOD4tYY0D7obwRfymAUAkM2JvN3BX8FWPnDGY87j46LF_pTxb081M5ZJhxoG6Kv6RY-iFyTCm5p1N0&sig=Cg0ArKJSzNhq_ve5Lq1BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=928&vt=11&dtpt=450&dett=3&cstd=475&cisv=r20230306.92007&arae=0&ftch=1&adurl=

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 10:28:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB4C 42 B
64 B 68ms
57ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucIDyOiB1MsbIuU_cGzoyJdQu1SrrHv0cxLFanOTnqU4EG5z3WEi9STt2CgZnpn1Fo_agTfTWDkq07gYInaItzhN6B-hp7s_c0sj1ysQNcy-xqVDD0v44CDNfCH2k4sMxUTfJe8g&sai=AMfl-YQ6KaIUPHJKVIgDZcYowXvBIZNWlZb73L43YCslJbBtQmOw5DcDje3hhmXJM84jDudfHt4UnZnw3Tgq&sig=Cg0ArKJSzEZSlsZUpeQuEAE&cid=CAQSGwDUE5ymGcl4XKSmmCeoE0N9y3SzJriyjBzq3xgB&id=lidar2&mcvt=1039&p=0,0,124,1005&mtos=459,1039,1039,1039,1039&tos=459,580,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1678357686577&rpt=777&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CCD 43 B
215 B 244ms
178ms Image
image/gif 2600:1f13:800:7781:b391:a9e4:f6b9:982
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=98a2de31-3d06-28e6-1b0a-21acd2fa5455&tv=%7Bc:6mjlNx,time:522,type:e,im:%7Bimprf:%7Bttecl:862,ecd:216,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:522,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:192,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B347~0%5D,as:%5B347~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ty09OEx+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C171%7C172%7C181%7C191*.1221363-66729850%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d1,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:194,sis:411%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b391:a9e4:f6b9:982 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3B27 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXCw2RQr9P57LBzBH5xHA1DU8i-uqbv4-k-LsJ8kbp6IiIedfzlbfGpu7JjlXbO-dkg-V3k5FmLVL3i7QsWi-QHdGvsLZ4tsx4vHlTb9NFaaO-8RGefrQx9eJhm1KcVjjSxvWF0w&sai=AMfl-YQlO_T6uevKXk1e8hkzlJM8vz_rdh3H2QtyUGrhhxyzQ-Ln6XMpxVsuGoT0kWOGEuMwoWrDMt7qeZ0n&sig=Cg0ArKJSzLhQ0_AYV1nwEAE&cid=CAQSGwDUE5ymGcl4XKSmmCeoE0N9y3SzJriyjBzq3xgB&id=lidar2&mcvt=1009&p=-90,0,410,180&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1678357686573&rpt=703&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F081 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwpCYMi_nwsCmtgYpfvJl5DXlcXhEmzHPtb3tFljbT8vA4w-69sUH_Fsjqz-oP2lYc36A3cozkLos-2LxyAmbk-zhqNrBMLvl9ISJIsxOsypAVgbDYVtf5AvcgNVEd6jPzYS-2Ww&sai=AMfl-YS_9kVS1pEfqVIBqmg6q-Bk3EgaZpjZvfZ3grkpYcrqXj-vjFmk9RiM2IU2gqggK5ZBDenxPt8gOnwh&sig=Cg0ArKJSzBk-dyc95NwDEAE&cid=CAQSGwDUE5ymGcl4XKSmmCeoE0N9y3SzJriyjBzq3xgB&id=lidar2&mcvt=1010&p=0,0,500,180&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1678357686576&rpt=755&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BC1 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BZ5m-t7QJZLSkI_HFmLAPmZOLmAUAAAAAOAHgBAI&bg=!9_Sl9KDNAAbv3-2Ez987ADkAdvg8WiTagcV2YyKN4HK3-UDXeu8cPWwNiPI4aJcoe7tgIngo5740xMOEhrrsriIekoKAgGJfJHMCAAAAvlIAAAACaAEHmQLDs-OX13LptgEujQAsqm5cOiyelGl81vpKtol6agzffn60X_Ld2zcVWQyzpZsD1S8iWUl6Tp9TXkw-3u10nq-UtmjaS2iEHJMjiELHaUf0heLaWqGmMYBvcKt0PrfzYu0sncec2D3hmvVjUa_aRu83tWk-V_nViRKk9Yf0XBALdZbg8UOa7r4rwO1NHi4RiNremGEh74pASF9HhpBYdHo_EWB_ihhzkEi9BuHxlvHZVTKUJHSliZzJE5jUA_iWvCWEhiQQmsFUtkrIQi1N8XGWiga3X_jvcQgFOp43xsaguk9mXQ5_qVfb3r13FukmRRkfpQ_uOmehmuXuoXkvMX4iGjydKN0SZjrUkqWtJ0Ngl_ciJ8V47JOyJ6m9cwPwpxWfZYo2TmH2D9Lcnj6cdKzb2OGYo1QdQLbK-GmaMVfQC-EOmwJf5nbMLYTtfbiia1KtAbotUkzGqeHtuOamhtE8TnZ__OmIxM7B6yxnnEDBdQ2YDqsEFUfGd25s2bRH_Yd1nIygV8yvcwpRaGIPreBXl7hQBL3LeYPRPtuuBpEVtrcCkLBNgWNot36KcShSu34NY8hFL3kgvZSuFTIAS8mioM79hUMY44VBz9y0XY7RL8qc91pvN95JvF4tpwvrOCd48lciNMWQkPBdAYx-aYvnLL_ItViunm6NPaLsngQzsGHreZj3jlOURJ9IMPofwn9AuADFpyr8w03y4YLOeAduiBjXiz9g4BbqbdKDS6fjQxDleqiDr8rz7aBlG7R_VS757yJ-WXzZpdKAnRzKDpiUkQxmh7Wx9o-YHlnNiejypK05VZ1gbwH0lnoTlALeyxRC9C_rgtb8RI4XogyckuCIp53D156uOaZiK9tYa95ZfhF9bnBu-bsVMxDd9eu0uuAGnamWVAR8OSyl1PDB4knGq9R49T9KoCY_9PtBKhw_zSplZq0

Requested by

Host: umgoblue.com
URL: http://umgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CCD 43 B
215 B 176ms
175ms Image
image/gif 2600:1f13:800:7781:b391:a9e4:f6b9:982
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=98a2de31-3d06-28e6-1b0a-21acd2fa5455&tv=%7Bc:6mjlQP,pingTime:-10,time:726,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My42NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222002020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1678357688615%7C%7Ca6883fdc9ffd15c6146eaa9aef05cc11%7C%7C048cfc492222ea08fb0159cb46ab52cc%7C%7C737d1a14acb27153654afb110078a44e%7C%7Cf9704376ccc6c014235d5c40d81fabd2%7C%7Cb3a039dec42647abc5b667652f8f718b%7C%7C781d909b6c437505365c70d8a13e285c%7C%7Ca9d24f48a36f388ede1954fecf2e9375%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b391:a9e4:f6b9:982 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3793 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BncSvt7QJZNaHFPfex_AP3rCdsAEAAAAAOAHgBAI&bg=!ODulO2_NAAbv3-2Ez987ADkAdvg8WsaPxq_m4M7CwfjA5lB-kBrRgKXH5gS--iUO-1i-AaQQ7GwkrOyB1eYoG6xvYlukccKn7bsCAAAA3VIAAAADaAEHCgB1be6jqKZdDCoHsDZf4tzJAlO2NvStROaHQV6RVuqJyNBuGZWBhE8v1FZrun4cwyKzOkgQiJHbRaERub4AmSQb8Vmh_iHiE1Ft_uycu5XhhZjMhpBeivQWe8jqXDninWMD0y4nh-x36O8FJtEHJjGZsBEmgjDQmQL8PSLA4CXFG5XMy1ln20umF_5iZGD3W-mMDwF2IVK8kefFSo6wPcSbMqVXQLylgKWCiOD37Vubu7dLtB_tigsJTPXs2SXv6ZKpWabrI6eLDORr2UcE30YNekL-LBdavh8BAMHFb0quya2vRxNjKXAtTVHjk2EmetSx9cXgjxcr6LcyFR4JH40G8yrlxHlyCILFdXsjTJ3rpJCcgyNs2KNw9YLakmjV6hdB_MfGAEmd-SZtx5Lvy06JKd5rNf4uyQYVXsGDr9YSzN9eqv7TE6-Cos-LZOfvUOazw2JN42t7KqIPVkjx0slXcMwPtWinVaElu5rw9VynDerNFqRjqVv_9tIzV1YmVFL0V-k9su-dr9I-12_06ejV7SEokKscAblgS3v0RjzMfxMm03yeR-ibIhU6lYT9BwQh2oN8kIwmHrGeBpAk06yjo3YljeF1hAVcTkiCQN9LAHIro9d_TL9p1CKwks23TPKReBvrNOaNFudlBrgudzktz6s1M2UYlhUR0UIK4QO6qvMbInB38Q8GMGszV6dLU29Kc67tEr79jP1uSS3XkvUcDH7VPtBLwEaK-D6f83ubJvFOBgTmJ-qTGllggaWO4zC79k9oF1KhwmMp5z-v1gC6PeWuMomGpjxEHvZuUwws3E25w9oAPoH_GShFuRAJ7ePUY-B3BQeIUBaL0NO--2gTmlgtNmqQaSIvJeay6AjViF3HLDepnxuIqZPzJrfmPAqtiOfZiZA4Dr252uMbgJ3xLtzM6q7zp5QuXw3SbIRv9P5lc6CztsVRQrPTMkgvatoYnlxo99lOxd3kYlti90qKHFOHsA3hN3C45WukVwHGlqiL2GzTgizoX5vnC9VPJsuoO1kT8jULCDVx_lPkQi-29wqPN1Btkm8i7rMEmo0Of4JFDGz0OGJiWCd6t_sriVU9Nk_FkztLKgysLeXzGaYvUP0T_DgwZSCo19hPv_LzZiO5glKzgoKKdWWPb14V6Paryv4ADK6yxAIkdIpps5zlI9Kmrjw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=2702458825&pi=t.aa~a.1862092094~i.17~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=2&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280%2C524x280%2C524x280%2C524x280&nras=6&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=4405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=VAk0jDkCdQ&p=http%3A//umgoblue.com&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 68ms
68ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9692cf508a1417d70829225d051fa0061dfad3dcffe817657bc4bc37340f6c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11276
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 10:28:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 105B 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:58:24 GMT
expires: Fri, 08 Mar 2024 08:58:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6390 783 B
535 B 61ms
60ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf283789988187ba08e106b100da7e7265aa35f13050c91f9eaa90381cd6c8fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MmJ4HucJvS6mkLVfy2HUgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://umgoblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MmJ4HucJvS6mkLVfy2HUgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:28:08 GMT
expires: Thu, 09 Mar 2023 10:28:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 105B 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:09:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6390 0
0 55ms
54ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=3520618161028826&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 105B 0
12 B 20ms
20ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bDIJbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:28:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9CCD 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7781:b391:a9e4:f6b9:982
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=98a2de31-3d06-28e6-1b0a-21acd2fa5455&tv=%7Bc:6mjlZe,time:1247,type:e,im:%7Bpci:%7Btdr:1012%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1247,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:192,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1072~0%5D,as:%5B1072~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:180,fm:ty09OEx+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C171%7C172%7C181%7C191*.1221363-66729850%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d1,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:194,sis:411%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b391:a9e4:f6b9:982 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:09 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 csi
csi.gstatic.com/ Frame D113 0
17 B 55ms
55ms Ping
image/gif 2a00:1450:400f:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lf0yu02j&c=7379297356252&slotId=3689648678126&qqid=CJzg0M3Rzv0CFdOr7QodnQMPHA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=3520618161028826&bg=!e3ileCzNAAbv3-2Ez987ADkAdvg8Wjhjq0PqKZo9ciL31UsOKLPv51NQCtu9uqoOgI2W-qVrMLLZtQt1tbmPIy_CNkGpABfALJYCAAAAY1IAAAADaAEHCgCWwaC7fL_A366nAaa4u2TCmKWRniSGToN4FM0kS9iqysFC36X9eGJL1S7BPNRdy_7HMbKtaVw5-dyghVWi-rvb8L0MvVK2yfdl6zMwu-xon9RKq5AX80Yd9w54jpqCbjALdkXVRErYcOEwtSc39L-gmivgZVipp4TySURGxHEGajmijckBzwMjfAhXX9w9M2YjLMRagl5CmQKR1Y9s8ToJsAlRCOlkgZowJM6Xsfgq4et1ZI04iO512GtdmkzKL7v0JvEmovJwHwt4jCezNC60xj79PLoaThwpNYigTClK9gJmW0Nt_USEc2MVwCAWZC92LBXjfqYF564V9s_0AnK4ZKhqOEYg5Pdv345zDWdhVfx9iVQD-ZAE4COWnRDKdXuccvk1L0LxfIjabd3reFkvZ8HlDYJDe7EF3ShLjL8EBbNOQ_ZOb35HP4ZH56KTAZRGsHAo64nWaH7S8ev3KeGnvoHnzSfBYddFO8_CeYJo0pVW2k84ji1htrz_fh1pCX4gjH4b3Me30seH4vzDBqhF8ObUAhijLhA0P0Ytisy7TYw_KC9NqxDIesUzZ3UE6G2I1rR8LTqmsVq-TxtpZvYBMi9nqQ0ez6HKhEDexOFex-V1Qtj9JUxM3FLMckgLlStIXdRuhKtaw_44y-_fOGTXpFBGEIglNM0mlZZD6jv1UibgHQjeULjUMmdaOJ1bBna9p0V2RgvNo5JJPDDOVsuopTiamt_f6-57NqQlRUZOWdRxSia7N_MMOwpZUf65pfUjAdGUzOHT7g2r4Hb0ZUjMRaf8OI88LhsSZqv7JbjJe7tHJxZd4ehaoQypXLMWJRqA99igqY6vFnFekcKyMZeKVsPfAOPWykOdvRElLvuso6YujPZqjTMYCyFBxd8LfTVlYemmIy7XGHIU_986U30Q-VtczxFRGfqHV04ZMrSjrBUdxRsPReLL8L048Mmpix76DXyD3bGKx0M2wkGFVCA6r5GetU-TgrzhoOtzUTBFtokKJbzHnKyo8SPv5vBubHuC_s-EQ-kDfqqh8TAMgdxRUGAxRWnAmyXfw929lufqCDll5zIn7hn0WwF0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://umgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CCD 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=151279599388&version=m202301230201&ct=76&x=1&cor=17046527606561675000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK me Show response
api-widget.soundcloud.com/ Frame D43C 0
1 KB 206ms
205ms XHR
application/json 52.222.205.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/me?client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-6e7d209b5b3c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.205.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-205-62.fra56.r.cloudfront.net

Software

am/2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://w.soundcloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Mar 2023 10:28:11 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
Via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
x-datadome: protected
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 0
x-px-score: 100
referrer-policy: no-referrer
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
server: am/2
vary: Origin
x-frame-options: DENY
Content-Type: application/json; charset=utf-8
access-control-max-age: 1728000
access-control-allow-origin: https://w.soundcloud.com
access-control-expose-headers: Date
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: IB2wh_-FATfAL6nSC7G_7vgqer5PF0zB05_guGzOAUP-BvdV3XLyzQ==

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.umgoblue.com/	1970-01-20 19:48:37	Name: _ga Value: GA1.2.557805611.1678357685
.umgoblue.com/	1970-01-20 10:14:04	Name: _gid Value: GA1.2.1367984796.1678357685
.umgoblue.com/	1970-01-20 10:12:37	Name: _gat_gtag_UA_270203_1 Value: 1
.umgoblue.com/	1970-01-20 19:34:13	Name: __gads Value: ID=662a60b5adeb0cd2-2205a18147dd00e3:T=1678357685:RT=1678357685:S=ALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ
.umgoblue.com/	1970-01-20 19:34:13	Name: __gpi Value: UID=00000bc2a337383b:T=1678357685:RT=1678357685:S=ALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw
.doubleclick.net/	1970-01-20 19:34:13	Name: IDE Value: AHWqTUljVmIzJvmEn0bHEt2HQ0OQOimVjuqeo_9tc6PkujZl_5X5uTMMxBEuvDF_N3M
.adnxs.com/	1970-01-20 12:22:13	Name: uuid2 Value: 7168149297692106215
.casalemedia.com/	1970-01-20 18:58:13	Name: CMID Value: ZAm0t1J0kg-18hw4pmTF1wAA
.casalemedia.com/	1970-01-20 12:22:13	Name: CMPS Value: 1172
.casalemedia.com/	1970-01-20 12:22:13	Name: CMPRO Value: 1172
.doubleclick.net/	1970-01-20 10:12:41	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 12:22:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@ig.cg!]tbPl1M>e)ZlrFUfJ+tGXxpS_gQHnWrgw9PoS+3[4i#?b<wihb#s%.g<1@V3If)y3KL9D3I?+Z6^pr!
.w55c.net/	1970-01-20 19:44:18	Name: wfivefivec Value: 1ND7yecq1PAdvh5
.lijit.com/	1970-01-20 18:58:13	Name: ljt_reader Value: GR_UrGZHYyI4NBJHQMCnI4ju
.blismedia.com/	1970-01-20 18:58:17	Name: b Value: 6409B4B795A7895EB7DCB53FBLIS
.w55c.net/	1970-01-20 10:55:49	Name: matchgoogle Value: 5
.3lift.com/	1970-01-20 12:22:13	Name: tluid Value: 4700861144319046367748
.travelaudience.com/	1970-01-20 19:44:18	Name: _tracker Value: %7B%22UUID%22%3A%227FA1D6D5-76AA-470F-B0CA-5F36E8B9BA93%22%7D
.adform.net/	1970-01-20 10:57:16	Name: C Value: 1
.ctnsnet.com/	1970-01-20 18:58:13	Name: gid_CAESECbCduN-ZZx3L-HouMFALi0 Value: 1
.ctnsnet.com/	1970-01-20 18:58:13	Name: cid_5434aadf613946fbb45a1f53663e07f7 Value: 1
.adform.net/	1970-01-20 11:39:01	Name: uid Value: 5820268593876987678

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1513941350391556382/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8609180512058798&output=html&h=280&adk=405040636&adf=3735004906&pi=t.aa~a.1862092094~i.5~rp.4&w=524&fwrn=4&fwrnh=100&lmt=1678357686&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7466624695&ad_type=text_image&format=524x280&url=http%3A%2F%2Fumgoblue.com%2F&fwr=0&pra=3&rh=131&rw=524&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1678357686286&bpp=2&bdt=2294&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D662a60b5adeb0cd2-2205a18147dd00e3%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MZmtJAl9nfsPd7w6ZX_NkjSsoZ1MQ&gpic=UID%3D00000bc2a337383b%3AT%3D1678357685%3ART%3D1678357685%3AS%3DALNI_MalEfPGnHf5I6I5sqAB9mK8XSO3cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7942794858893&frm=20&pv=1&ga_vid=557805611.1678357685&ga_sid=1678357685&ga_hid=1820241465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=348&ady=2125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842%2C44782468%2C21065725%2C31071663&oid=2&pvsid=3520618161028826&tmod=718982155&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9nUDRxtikj&p=http%3A//umgoblue.com&dtd=39 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1513941350391556382/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
api-widget.soundcloud.com
assetscdn.pushengage.com
bid.g.doubleclick.net
c1.adform.net
cdn.ampproject.org
clientcdn.pushengage.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i1.sndcdn.com
ib.adnxs.com
imasdk.googleapis.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r5---sn-4g5e6nze.c.2mdn.net
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
tpc.googlesyndication.com
tr.blismedia.com
umgoblue.com
umgoblue.pushengage.com
w.soundcloud.com
widget.sndcdn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.74.194
142.251.39.34
173.194.76.155
185.180.12.68
185.80.39.216
185.86.139.104
185.89.211.84
216.52.2.16
2600:1f13:800:7781:b391:a9e4:f6b9:982
2600:9000:211e:3600:1b:5138:8a40:93a1
2600:9000:2127:400:8:48e:53c0:93a1
2a00:1450:4001:66::a
2a00:1450:4001:801::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:400d:804::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::200a
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2004
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2008
2a00:1450:400f:80d::2003
34.239.70.11
34.96.105.8
35.156.234.106
35.186.193.173
35.190.0.66
35.227.252.103
37.157.3.28
51.89.9.252
52.19.228.69
52.222.205.62
52.222.236.99
65.9.95.31
65.9.95.53
68.66.216.18
76.223.111.18
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
05375fc34b14c18d8354aae46848d9a010e868c4e34d640f5f63e005e987c4dc
08d6e224d092a36f3a97dd2b7ac9d98c170705e45dd97bf123d71ca32640a591
090ad4781e584e308f8d1d075c6ac3fabcaf0ab243f87462fcbc432d7fe44209
0947a83848cc9cc08eb83d6f23b5753d3e192d74aafe6c62973a19fa1e460fb0
09db37b8fdb1555b3bbd2699777eaaa49ec4f3ad86f4c153c2a7c4573f506703
0b2826901bf8b31b3217adb1fa30e0ebbcaf2dd91f42cc7ef2249a8181d1071d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0f5ee2c44a05f52116611b664d9c11e75a529a51c1f787ac7eb2d8a3737f6fec
11961a36e2d6b42254abd7d1486669ee9272eecdbf729e8991cbc869dc66f977
1272765e2ca2df5eb09948e6174ffb8de410f13a2e5d12be827528b3bd8454c3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b5b5e037d19833a9ed58a5e87755f04b270d0fee6539beb3da629c62c29b9d2
1c98a8d8813ac4e8d1d79e5b5981c41ecce80bfdb7e55b70430e429690a0dbfe
1da3cfb958585fee4a8a3586fa397e9f5ddbd9b658a03e8a9fbbc8ec4b9b3ead
1dce591d4dd5e62eec56af665a5b1bb271a8e0470d552e08ca52768a3d3539e7
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
23dd7f3a05c01ccd78e269555868158c4a0731578e86699c9d4fcc4f816e6aeb
254ad16d9b6a3d3cc3471ff94f8b769f41677fdb1fe846d327d93c4c1cab6f96
264a3189845f6bf08cee138091e035ac0508fc9412917b935eab3b59c0f8ae85
2950cc1964901acac204f4bb132de577268490f39b282989801faa08e080afcd
2b59d4872d5b6c538d7886c0ec032a397971f5379e925008a46319e8476530f6
312a710ecac6441216535838c18fc119bf3b334b9f67b12b74471ca0c1b284a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3449b2fdc99f9a0c2701a28cbbdadb515b05af4819f95bd6009f62ea3f070bbd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369ee72f405c43d64ccf3735bba188115c37e4580c4d9a404d092ee2ab303e2d
39e463680d09f6a4bbe3e0eeabf536cbad73e07e028d51a1b7584cdce47f5d7f
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
3bb2e576d9f3832a1e08f0f8942b1c62948ec920b79fe30e5f39af55ea33270c
3be910e7ca761ae9c4cdb60a1bcccb9d28e567c510010399138534d08c399901
3ca3686a43fc5c47dcaf64cee64d11a297ec4b66ef190cc23198482c6d405ee0
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
4142c3fcfc7c048060f61dd8966916bdea5cf04af6ee716d5b9d896c054a81ff
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
429d916ce9a60784a9812e1e30d97fde8b4662627c8f9ab2704a1f51e5681ded
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46e5c40943fd6c43a51bdda7c85819e489a2d33113a1e0cdfe41829ac54ed279
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
493e54bd318fb106b246de72deaa2f4e6e0279bb10466a7e4adfd37d144619e4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b273543000803f559beb5620bc4ea8c2759d04fda7ce1af0e37389a0482ea9
51c173c836a92f058dc07a41f276f9f00e2f7f95cbaa5e3cbfbc42a9b220ff7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5641ca595085578df287aa14fdb0535b228005c1d1b093660d6fe6c709669a68
59188665906c242795923b3101c0429d5c3043b67e24a16245ce4281d5e58040
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b4d2d2a729c65e27bc056e50c0d2eddaa1dc8a11a8cc47f5fad3f2b944cd8ed
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f3a2bc9c8d0160970c71d44113eaa0a2653947d6aa692c3d7ae854280d60a91
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
666c5927d6bcb88b762bc42009cd3909361fab28d80d5e16b2abfc8f06d93935
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
688813a3c1d6df8048495b45b643cbbf916989cdf205a340a47f683bb139ec20
69d52e09b0be79dddeb781b53e758dbbd9d9c7ba797b56c6270e73bf86ba918d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bce032737fae5bb223ec8a95e1e1a56f858cf78ed79172c25e1b71b480fd4d1
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6cd73ec5a3bd8f160b38592d2563b2cd945ac87d3961d1f7a34b2387debe774f
6ce12f56d7b52269f7570e682ebdac841f4170279b1e78e0eb89c6ea668a9117
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a
7057df7121a58ef12735e552238010f9e10fa0ac94e45583cf45ae6807c71688
7168df16408d4b35d8c9134aa92b2f7ad0e74371ed5a5a7f174e2357889caa6d
73b4841bd14277d232334a060b9b5885eaaa4a946ccec614ab9d457f8ae3c562
758a7336a1b81a836167fbca4164c2307d37fc2e9cb818c4f937a51533a52b80
75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488
773abfa142fd39df43b48b8803717df29274f240f7a17a34f4d1b55dfab2be45
7970d28e63aef5761e099e13b1b70bacc5a46d27148e596630757fdeb6e78919
7b285609f9fde4f7a1a22cddd67e3f9b9401febe63304b7032767742beac1c86
7ef22889c8ef9b1aebdbb25d11fc5d955ec1c6651a371407e04503977c760187
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80924fd4fb11ff3158d0ac5bdd9af549b517a5547d802af1f59e7719451a58f4
8265dbcfd7a53f73fe031b54f5a9565d7462582b46a58536fbc2fc09e60f9964
853c6c71de404e9a728bb114bd8c32d863f351eb38fb3d6de2a46c2cca5fe673
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8732fa935864c3cfb2fb2ee330773956646fa3df4acf72a51eaa10b03a6cbe6c
8918bdbafd96eb01beb0e52694bd106a6cf4e137ca684a2e11864067b5c44c79
8bd81ced144cd1f710855c709d331ab624a094f86da2a904a22cf3ac7839e411
8ed16cfe79ae78efa96bc54afd8feab84f1c416fe0e91b68fb6d3f77605ce55f
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9692cf508a1417d70829225d051fa0061dfad3dcffe817657bc4bc37340f6c8e
96e36765064c199b32cd6f08900de889f4f5c7617f44b0101836e6c9f97ae617
99ea50bfa675f7c68d04dcfd3d40c928f77b92594354aa7a95829c1e29252d36
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1bf048337ab9d80611073c1c9c3f92a2cdac307f06a29a1a223bbd5e707ec2f
a1ed079b2c859719116c20fd819082d1ea558d727092bf0af21b2aaa28e244d1
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58b1e81a28071ae58b42b9c387071b5b49233cf8f1081ce79ffda2782edcc5e
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97434099b6b8fcd0b664d7ddcd9552b7caf23d8b79d0424b9d9836347ed734d
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae77883b5b8c478c9bbd00028cff76d56fd0660e72e958174628c28ebab97815
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4baf37baa236472776afcb7d7e7ed5ea9a112a8325cdc83b7d3afbd26e853e9
b4e80b60bfabeef1af3f337327c232342cbc9319d0e064c9e77f29a4ae777cdf
b57fd05bf99436d3e4b58ee3fb0aa05b1519fb13e90681228c3265c0cffdf360
b94707b08d0f25389c0ccfe6df3567e79193b7e99835c10d4dba8bf111bb3aa1
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d
be6614f1a6c46b412c3fc5d0a3ec06726dd6e4b3918e09378a10aa756e9dd20d
bed87ccdb41fe7089a16ff17d62243f74ceff43688d671782f8b593510b181f3
bf283789988187ba08e106b100da7e7265aa35f13050c91f9eaa90381cd6c8fe
bf4d5878837bf3ee29a804c9395714067fd0268efbd1b8bbaafc8dd295784e0b
bf84e273a845e5b1062c0f8b0e5cee963ef5d6b1b39237aa168c70f46a7f4778
c008ede58144722bf7bf9641a6d479fa272892f9f7dc3b618b98243dc5308ea8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c290319fa2721ef32b511a6cdbf1cafbf0e119cc6942f92bd63bf175d5a91d90
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c33b9883bf465c9cdf79bf928927dca03c45ff7098d2abcccb20395fec3c64a7
c8881fc9c0133e1c9bac6f12c4f09457bb0103678722fb44c7f6e52b6863bb8b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cbc826ef081368522788e3f355d91738fdd2938bacf654f72801495b3cabe2bb
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd64d71cff2ad3450c12299c5e5b85e65a7929136759f40724f3863ed99bf1cc
cea122cb305728036cbb5df5d534026caa9fdcc0da6ea251cdd30ff1fe5dcb24
cf469c5f8ff91047279ab294d151afe99fa19c83b6107576fb247cfff0c1f38d
d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
d1dbecc2b28126a52eab4125c352d8a97da5d4d1b91e772def023cef1f8b9f75
d29325717048e7b04e9031a34505fa13ff00d0b86e2286cfd539fc87ed6cc238
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
d6c63494941000fe458c2f949ee546a1e12d957022ff87510a91b01dbad25cd8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d88399ee06fe5b54f7731f1253503994a15605d3b05953009e7d06ad01ecafe1
db6bee490c09e2d013e593cfeb3a83a4a3d73b9e2b78f743e38ca54ada87c646
dcd42a2c27d393b2c4ab531ddba0ee3bcfd52af1cc803849643c373f795cd09b
df9491fcebb845c58b62b25304d1d75a90ef3eaabe35f7cc5fa0d1217cbb5766
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e16b1d80468a160382877f64cc3b42f6493af811549b6e3173feb5d5503a02e3
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e37a272d467ad23b5b701f1e3df186cbabba73745947e5c3c587f5ef23cc6a61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
e87d58debb87f6cb1031d4cc64738fb9e866af0bf67b3bf399904a9f708849aa
ec2a3ef74af3f799d1d3827960edaf8d12943cf06ccd8e3c6e51721c737eb647
eda66660e3697c79394073d8612dbce395eccdd20f40387c05f132882b00f04e
eda92a187b877e81ae2cc546819ff9d58c12843b1b074409c86d2aeb5b06eece
edc8361d2ec97cbcab7f2366164361dd4359e973c969ce20238984a72b00e020
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13cab82f3023694214e0ea3dcee8584b1f679b998853dddd4b841a4105744a1
f3a0c74a9a96bb7c543161d649dc97c9cec3059c547f6a93b0ebb5c0a5fdeab1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e97134b5b0ccc3f383c44c3a2881dd99541d936477e85d105c69648dc107c4
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fd4212a9ba50e234d98a92c7c57ef013ecfdda3afd1cf1b96649654b656d2834
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff7667c052da8841db61b604923b9ed08ac1e088d7d8d4d81403d76a9c32196b

umgoblue.com Open in urlscan Pro 68.66.216.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

283 Requests

87 %HTTPS

48 %IPv6

30 Domains

48 Subdomains

37 IPs

8 Countries

5677 kBTransfer

11038 kBSize

22 Cookies

54 Outgoing links

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

umgoblue.com Open in urlscan Pro
68.66.216.18 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

87 %
HTTPS

48 %
IPv6

30
Domains

48
Subdomains

37
IPs

8
Countries

5677 kB
Transfer

11038 kB
Size

22
Cookies

283 HTTP transactions
13 data transactions