urlscan.io logo urlscan.io
SecurityTrails logo

ptl123.blog.se Open in urlscan Pro
209.42.194.111  Public Scan

Go To Rescan Add Verdict Report
URL: https://ptl123.blog.se/pine-tree-lane/
Submission: On September 20 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 10 domains to perform 84 HTTP transactions. The main IP is 209.42.194.111, located in United Kingdom and belongs to PRIVATESYSTEMS, US. The main domain is ptl123.blog.se.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 25th 2021. Valid for: a year.
This is the only time ptl123.blog.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    209.42.194.111 (United Kingdom)

ASN63410 (PRIVATESYSTEMS, US)
ptl123.blog.se
14    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
pagead2.googlesyndication.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
11    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
16    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
imasdk.googleapis.com
2    172.217.174.67 (United States)

ASN15169 (GOOGLE, US)
PTR: bom07s25-in-f3.1e100.net
csi.gstatic.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
1    74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net
bid.g.doubleclick.net
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
gcdn.2mdn.net
4    74.125.160.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s14-in-f6.1e100.net
r1---sn-4g5lznez.c.2mdn.net
3    142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
www.gstatic.com
3    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
Domain Requested by
18 ptl123.blog.se ptl123.blog.se
16 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 pagead2.googlesyndication.com ptl123.blog.se
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 r1---sn-4g5lznez.c.2mdn.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 secure.gravatar.com ptl123.blog.se
84 17

This site contains links to these domains. Also see Links.

Domain
pinetreelane.com
sv.wordpress.org
blog.se
Subject Issuer Validity Valid
*.blog.se
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-02-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-17 -
2021-10-26		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://ptl123.blog.se/pine-tree-lane/
Frame ID: A5274EF08D5E72893E24B2BBCE2AEFEA
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: D44000F6C08B7A2696E07410F9382852
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=100&slotname=4862305019&adk=3761144729&adf=3842957454&pi=t.ma~as.4862305019&w=300&lmt=1632112607&psa=0&format=300x100&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607873&bpp=3&bdt=157&idt=96&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=6320254085226&frm=20&pv=2&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OOEMcJ5XeI&p=https%3A//ptl123.blog.se&dtd=110
Frame ID: 0285FF456ECC1D1843A571F1BD271477
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Frame ID: 9FBA40837A3DD98AD1FB55FE734D5F0C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&adk=1812271804&adf=3025194257&lmt=1632112608&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607886&bpp=1&bdt=169&idt=114&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C610x280&nras=1&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=120
Frame ID: EEA5BBCD9EFB7B7B2DDD9B7C8AB9415A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D36AFBFEC7CABDFE83C2DD982C832151
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: CB28463D32A966F4EE4DD76FB44E8534
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9E09B48FB08FA1D2FB64EB527B734DA5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 460F0D93E853B3EA7D79C4F6920C8AA6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48BB3DAFD7C501C96AD1E6307F6E7DBD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 529A3863AB5FF0A30C0944E224E20166
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F4869DB7ECC65C1DD801026CB19F088A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 167AB4B9FEADE9F7564F0DD867C5A2B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Frame ID: E4DF54B9EE8E726A4E9DE947A1F51B05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Frame ID: 3B8CBA554F010D97A2600DFB8C7D6A88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pine Tree Lane – Pine Tree Lane

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

84
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

17
Subdomains

17
IPs

2
Countries

933 kB
Transfer

3146 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://gcdn.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8C6DAC7BF52E35A2D7F65208C0055AD3004163A4.6CBA9AC38FE4A0817B5DB63EFC565DCC972147A5/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/520B469848CF276DAFBAF4021C584F7171F3BC1A.0E2503EF4CD72283876D2D506376196AD80E9515/key/cms1/cms_redirect/yes/mh/oC/mip/216.131.114.157/mm/42/mn/sn-4g5lznez/ms/onc/mt/1632112350/mv/m/mvi/1/pl/24/file/file.mp4
Request Chain 75
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 77
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ptl123.blog.se/pine-tree-lane/ 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5058934dd8559719f83ba5fc9dc0f76582cba080679ab2c5a1618d1c4dfb1967

Request headers

:method
GET
:authority
ptl123.blog.se
:scheme
https
:path
/pine-tree-lane/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

set-cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
link
<https://ptl123.blog.se/wp-json/>; rel="https://api.w.org/" <https://ptl123.blog.se/wp-json/wp/v2/posts/1>; rel="alternate"; type="application/json" <https://ptl123.blog.se/?p=1>; rel=shortlink
content-encoding
br
vary
Accept-Encoding
date
Mon, 20 Sep 2021 04:36:47 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
style.css
ptl123.blog.se/wp-includes/css/dist/block-library/ 		91 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/css/dist/block-library/style.css?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
175437ab2d5703d39c01d0f479b19f9b1569bfb2cf43dca8cbf30ff962f0f48b

Request headers

:path
/wp-includes/css/dist/block-library/style.css?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Tue, 07 Sep 2021 20:22:37 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11776
expires
Mon, 27 Sep 2021 04:36:47 GMT
dashicons.css
ptl123.blog.se/wp-includes/css/ 		61 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/css/dashicons.css?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a914dcbc1a475591ca1493cc05020c4d6e32b2d24d5e0094a13840ed00ca0038

Request headers

:path
/wp-includes/css/dashicons.css?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Sat, 09 Jan 2021 21:22:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35476
expires
Mon, 27 Sep 2021 04:36:47 GMT
love-me.css
ptl123.blog.se/wp-content/plugins/love-me// 		2 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/love-me//love-me.css?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c81958c9efd64cd66c55483a3b51870cba3f108d863300962133d1acd1784916

Request headers

:path
/wp-content/plugins/love-me//love-me.css?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2019 17:34:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
783
expires
Mon, 27 Sep 2021 04:36:47 GMT
cookie-notice.css
ptl123.blog.se/wp-content/plugins/ultimate-branding/inc/modules/front-end/assets/css/ 		2 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/ultimate-branding/inc/modules/front-end/assets/css/cookie-notice.css?ver=3.4.3
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aaca667dd776a7818c683b3a645aedd18452e0409c28ce90f0eb46c2545a6735

Request headers

:path
/wp-content/plugins/ultimate-branding/inc/modules/front-end/assets/css/cookie-notice.css?ver=3.4.3
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 00:52:34 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
475
expires
Mon, 27 Sep 2021 04:36:47 GMT
sidebar-login.css
ptl123.blog.se/wp-content/plugins/sidebar-login/build/ 		2 KB
386 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1613449563
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

:path
/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1613449563
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 04:26:03 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
328
expires
Mon, 27 Sep 2021 04:36:47 GMT
style.css
ptl123.blog.se/wp-content/themes/twentytwentyone/ 		154 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/themes/twentytwentyone/style.css?ver=1.1
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
63853358062851484805239d8047f783c3468bfad489ce3f80fe6ded4e581266

Request headers

:path
/wp-content/themes/twentytwentyone/style.css?ver=1.1
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Thu, 14 Jan 2021 15:48:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21960
expires
Mon, 27 Sep 2021 04:36:47 GMT
widget.css
ptl123.blog.se/wp-content/plugins/subscribe-by-email/assets/css/ 		922 B
317 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/subscribe-by-email/assets/css/widget.css?ver=20130522
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
16baa3d91cfb213bf83344b69d7e674fe2dd53559412cd4ec00f658810fefa0d

Request headers

:path
/wp-content/plugins/subscribe-by-email/assets/css/widget.css?ver=20130522
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Thu, 28 Feb 2019 16:51:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
260
expires
Mon, 27 Sep 2021 04:36:47 GMT
jquery.js
ptl123.blog.se/wp-includes/js/jquery/ 		282 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/js/jquery/jquery.js?ver=3.6.0
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=3.6.0
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Tue, 07 Sep 2021 20:22:37 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
82240
expires
Mon, 27 Sep 2021 04:36:47 GMT
jquery-migrate.js
ptl123.blog.se/wp-includes/js/jquery/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Sat, 09 Jan 2021 21:22:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7786
expires
Mon, 27 Sep 2021 04:36:47 GMT
love.js
ptl123.blog.se/wp-content/plugins/love-me/ 		1 KB
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/love-me/love.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1e795f0dd16d7f8d6456e9ef9e02f21781af0546ddfada8ed75ac7d9abadae6e

Request headers

:path
/wp-content/plugins/love-me/love.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Fri, 29 Mar 2019 17:34:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
313
expires
Mon, 27 Sep 2021 04:36:47 GMT
widget.js
ptl123.blog.se/wp-content/plugins/subscribe-by-email/assets/js/ 		931 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/subscribe-by-email/assets/js/widget.js?ver=20130522
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ae28f0678daab517350e23060181d3ad86fab9c3efd9f7419eac21706680716f

Request headers

:path
/wp-content/plugins/subscribe-by-email/assets/js/widget.js?ver=20130522
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Thu, 28 Feb 2019 16:51:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
299
expires
Mon, 27 Sep 2021 04:36:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
94dcbfd217ebcabb12fcd3012f9e2f098bd9f2a2bbd89fb6a1c3596258372f26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48994
x-xss-protection
0
server
cafe
etag
12729595234619869058
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 04:36:47 GMT
cookie-notice-front.js
ptl123.blog.se/wp-content/plugins/ultimate-branding/inc/modules/front-end/assets/js/ 		4 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/plugins/ultimate-branding/inc/modules/front-end/assets/js/cookie-notice-front.js?ver=3.4.3
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
284e92ac7c086f48990efe91782ffbd5dbe5642c83aa51217959e1864b2a8fba

Request headers

:path
/wp-content/plugins/ultimate-branding/inc/modules/front-end/assets/js/cookie-notice-front.js?ver=3.4.3
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 00:52:36 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
937
expires
Mon, 27 Sep 2021 04:36:47 GMT
responsive-embeds.js
ptl123.blog.se/wp-content/themes/twentytwentyone/assets/js/ 		1 KB
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.1
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Request headers

:path
/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.1
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Thu, 14 Jan 2021 15:48:15 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
483
expires
Mon, 27 Sep 2021 04:36:47 GMT
wp-embed.js
ptl123.blog.se/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/js/wp-embed.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

:path
/wp-includes/js/wp-embed.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2019 20:03:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1105
expires
Mon, 27 Sep 2021 04:36:47 GMT
twemoji.js
ptl123.blog.se/wp-includes/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/js/twemoji.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f9fae20d30474c95bf8745df26cfa5c62803462a9ee57dd710c8266d7ece3f3e

Request headers

:path
/wp-includes/js/twemoji.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Tue, 07 Sep 2021 20:22:37 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7619
expires
Mon, 27 Sep 2021 04:36:47 GMT
wp-emoji.js
ptl123.blog.se/wp-includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-includes/js/wp-emoji.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

:path
/wp-includes/js/wp-emoji.js?ver=3ed957355bfebfeb44ec05c40f6b16a8
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Sun, 20 Sep 2020 14:46:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3185
expires
Mon, 27 Sep 2021 04:36:47 GMT
print.css
ptl123.blog.se/wp-content/themes/twentytwentyone/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptl123.blog.se/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.1
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
209.42.194.111 , United Kingdom, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9d2f744cffd63a62122c33b074064aa1f5d61269922a19ac636fd1720da59f27

Request headers

:path
/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.1
pragma
no-cache
cookie
PHPSESSID=51dc2e8c4a6682ca83997774d4d6a5a1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ptl123.blog.se
referer
https://ptl123.blog.se/pine-tree-lane/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/pine-tree-lane/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
br
last-modified
Thu, 14 Jan 2021 15:48:15 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
975
expires
Mon, 27 Sep 2021 04:36:47 GMT
d220b4813eb397a91b0a6eb519ffbfea
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/d220b4813eb397a91b0a6eb519ffbfea?s=85&r=g
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbb8783903eac41e13202f9cdb441e23fb7fc93ae3cf66acb23cfc244cf3c6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 20 Sep 2021 04:36:47 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="d220b4813eb397a91b0a6eb519ffbfea.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/d220b4813eb397a91b0a6eb519ffbfea?s=85&r=g>; rel="canonical"
content-length
2966
expires
Mon, 20 Sep 2021 04:41:47 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95702
x-xss-protection
0
server
cafe
etag
17553272322223311488
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 04:36:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame D440 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 19 Sep 2021 12:36:30 GMT
expires
Sun, 03 Oct 2021 12:36:30 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
57617
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		197 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ptl123.blog.se&callback=_gfp_s_&client=ca-pub-9972993672936206
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
cd9748e774b3b473989eb1683678462580f7a2b79ea28b3c5db2527027e241c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ptl123.blog.se
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0285 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=100&slotname=4862305019&adk=3761144729&adf=3842957454&pi=t.ma~as.4862305019&w=300&lmt=1632112607&psa=0&format=300x100&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607873&bpp=3&bdt=157&idt=96&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=6320254085226&frm=20&pv=2&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OOEMcJ5XeI&p=https%3A//ptl123.blog.se&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
037ea6d62946a9717e6ba5c0d9abd0be1bb77359ec5c21379e85afb8e1d30c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9972993672936206&output=html&h=100&slotname=4862305019&adk=3761144729&adf=3842957454&pi=t.ma~as.4862305019&w=300&lmt=1632112607&psa=0&format=300x100&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607873&bpp=3&bdt=157&idt=96&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=6320254085226&frm=20&pv=2&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OOEMcJ5XeI&p=https%3A//ptl123.blog.se&dtd=110
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 20 Sep 2021 04:36:48 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 04:51:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 04:36:48 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1631879122047051"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 04:36:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9FBA 		60 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a918a9299ad3617d395fe361fe1a0e1e290f72c5a1373dd31fb13cd9fa2746af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 20 Sep 2021 04:36:48 GMT
server
cafe
content-length
17763
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 04:51:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 04:36:48 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&tn=DIV&id=branda-cookie-notice&cls=ub-position-bottom%20ub-style-none&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 04:36:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EEA5 		235 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&adk=1812271804&adf=3025194257&lmt=1632112608&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607886&bpp=1&bdt=169&idt=114&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C610x280&nras=1&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6c2a348f013688561b8e9150e24a38a9c6722682e9f352e88dd7650157b1bebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9972993672936206&output=html&adk=1812271804&adf=3025194257&lmt=1632112608&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607886&bpp=1&bdt=169&idt=114&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C610x280&nras=1&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 20 Sep 2021 04:36:48 GMT
server
cafe
content-length
57299
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 04:51:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 04:36:48 GMT
cache-control
private
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 9FBA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:25:44 GMT
css
fonts.googleapis.com/ Frame 9FBA 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 04:25:02 GMT
server
ESF
date
Mon, 20 Sep 2021 04:36:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 04:36:48 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame 9FBA 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 17 Sep 2022 09:23:10 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame 9FBA 		357 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126725
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 17 Sep 2022 09:22:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 9FBA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:32:18 GMT
csi
csi.gstatic.com/ Frame 9FBA 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kts5pgid&c=4058902690888&slotId=2029451345444&qqid=CK-P8KHdjPMCFQ0b4AodWEkAnw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.174.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom07s25-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 04:36:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9FBA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options
nosniff
age
384432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:49:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9FBA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options
nosniff
age
520410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:03:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FBA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=ClZC-4A9IYa-fAY22gAfYkoH4CajP4rJkg430i70Oj5D0_QgQASCorOYOYMmGgIDkJKABuKq6oAPIAQWoAwHIA5sEqgTSAU_QKYt--h3qDzYWI8v9NyR1UTVf6-IQ0hIGwYWrtP3ZtmyMQ8gO7avcFGEasNdwRZk85y5ZK-jNmSUPr_WP5wPDNjPeM0mr_O1ePg5BW0giLaTQT9LldfVwWk8oPlpZjJVXFRxykEcnsg0vhtXPcfKe005BAyB0Jr3foFgm9iRwj8Kn0wRkBahVgleGAS2wUzHUmO8909cL9XJ0f11moszIq2zSMVIkpmn7DM9m45DqKDfeRPfqVmiED5CV7zw-H6jyyK7cEbzu71mD1jx7vO1Wb8AEjqGuodYD4AQDkAYBoAZOgAew1cVfqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoBmAsByAsBgAwBsBOGlb0MyBPrzd_dA9ATANgTCogUENgUAdAVAYAXAQ&eventType=clickstring&clientTime=1632112608477&ai=ClZC-4A9IYa-fAY22gAfYkoH4CajP4rJkg430i70Oj5D0_QgQASCorOYOYMmGgIDkJKABuKq6oAPIAQWoAwHIA5sEqgTSAU_QKYt--h3qDzYWI8v9NyR1UTVf6-IQ0hIGwYWrtP3ZtmyMQ8gO7avcFGEasNdwRZk85y5ZK-jNmSUPr_WP5wPDNjPeM0mr_O1ePg5BW0giLaTQT9LldfVwWk8oPlpZjJVXFRxykEcnsg0vhtXPcfKe005BAyB0Jr3foFgm9iRwj8Kn0wRkBahVgleGAS2wUzHUmO8909cL9XJ0f11moszIq2zSMVIkpmn7DM9m45DqKDfeRPfqVmiED5CV7zw-H6jyyK7cEbzu71mD1jx7vO1Wb8AEjqGuodYD4AQDkAYBoAZOgAew1cVfqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoBmAsByAsBgAwBsBOGlb0MyBPrzd_dA9ATANgTCogUENgUAdAVAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 04:36:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 9FBA 		29 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BwVIKM9hAWDfjnTRb4YXLpsldYh0J8qQnwQAkxduC8QJc3qFfmx8VexwNLajzaRa6eXKn4Kz6MKYvTOtqXpwOw3Y2ELg&dbm_d=AKAmf-D4XpjmnUN13OAJ5_HHQey8muYnypdvjYFaJfRSDsDqlc3ItSb2dIzzCeccRMr7X7TZzSh8hgctxfs6AeN_zCNl6HX1P4MazEWTFXquhugZVZy1kz51SVUH7GPvEqh5pTiP3OrVMTT3Hf1RVmVqjHGrctY6mKALNm6Rg9hjc02haUr2_gohPd1CYl1kwM6FSz1SMmrNCPrCfDzolDEPPUeCS-wTOlz1S2DdYMH7kuGjMBZPbe-yjbIopA5pQDvGqj1tb7rVJv5UBpdoVHQHodXdi76huSGKP13wB3irdyGE8IzPkg0hYLByZq7h8JZHZfvI9Q5D1eK7tR2Q0DTwq6aT1lTJqDG4oJ61h92bQ0a9bH41I-U-4XTSRYqk49dJWnChcg1JL_WmOJ3HQKqX05lpsSR9QFUWaB4CjYNmPPYDclWfvIKLkud0Zxy_abaNpeOPki_N23ChXTMhK22_cemgCMzN7yFjmzJa089beTgUCrSdA0ztVuT8RLB-_6OTZEFMVWJJBptYOnWkZ-CQidcL_E8Egho1cNyMOFb_JrwOK_ovSZhxA9_7AiAhnPiz1DScmb2UpK2Ym3lFAl3tUf1_c-DbYw54K-2K3VpTaq4pYu5YqUD1YcIxblFGfXcH06Z49hjtIvS439kNrugq6zHa3jd-VDcIBkvH9dOxSa9AXsvwlYIClgkmVz3QEv14zPjKwOscGthfpOOdFXKZExjLKfV6waFrHTX9sjLxYUCchy2D-gWHjZIJ6AY9jJCSHb6oRCh9b2IXKuorxYF4TlzWFZWraVy3sg5t8rLJ9UHYsOV-OTZdwH7hGNxivLpVUOXAlMix3kNXSdQItjEL1yLIwvKJLpJH6aY9b6NCERLgIdMTh2LIEfNzQPPS2pUJZ9tS3pWMKRBx-Ff-xA038ala-JfFTuROHzhQLvLufiJScsD53eU4pCcdeA5_OimoEiAHhNb08EixPqMko1Do3gIv4fbYH4LAQTpT1p8kSpprZbsAVYfR82UkOQI4CAESobn0lYq5S-ewr80fAm3OOcvhmxczHBIsfKjxFdNvdOKgrJLJqSYE_6W1ZnsddJJADwf2W0m-q2Vy_dg2DC42oWnUsTjJpocoP4ukOkTmXjHxJDONxW5DWN__wuWYlP1kEBeu8odYMSEpHBQsHbS5oAq31WlqTRgaGuRFmJVzoEdfg0gB12cEGM8jMQM99umycsQaFV4OQxmG6CJgfjB5qmdTslIbrJLsQ8qdSddGoDDLv9AwMSVfIbV776pp1QHgBq1aHJ-Sxi1wG9_CbLLtvWR1vWoQlZc1pftYUNuUJe3d2rnAZpI0EtsORTJ6TVp1P5hXwGYBTNUjDS-wvNUxgcTp131SQuQwtyIWP6ACeAc-YMpswfzHBz7NsuZl674W-QxbcmDTDhNAbz-DWmHhwlBe1uYBUR2x7SSaImc9CsXISoSRurtusUB9VoGPOTpTVU7f2dbyC7oiYuBRgt0B1ROgUDCXPmEhXTm7ssLQkhEuq78noaTW4dSWk6X2bPRTFMZoMj0BmCws5mrUv6fCpFGdRXPLiTmEox1FF3U44WFNIrImDbmRuJieeOu9-QQOouKm8Dy4scWMKQQJI_ssFS0K4B75kwXM96Rw-JJhGrVepn0PkvXpS0MP1D5s7cisIDoFLnK46_PraV-E0ZcZTZp9tvXtgknhloG9sZUSSzdotKVfI14X6BdJEkhAiRe6tAB-JjR-BEHS_H1o_inoJop3P8CEOuEY8QkVoSM2NqL81y0QVwleA7_LOfEs4yD0iUvC7wtEN_5WzNkbjtFiKp5WqerRS6-dh-nI_3Kkbzqe2dweZO05FG-SeZinXIp1dVD65pK63rydiCehUTWbuw9j3a-ktfdR5JdgTGmANeht75UDobIwAHsgShqApZ7QRsvv93wF3vUPl31_H4FbMTjY7256mugzoPGTTIthZCDyaJpRDMAp5km_0n3msJ-9mlgXXJARvT9rPwvHsqx8SiCrMb0Q-EXXjZCHlEqAggtnfEIOvVj7vQ5tzUnUfxyGaswXCA-ORBWcnbVrs7FFg7oFgXY5LCsiPGnA64BP07foyrXxSLnfSAZ0j-zCQY1yD3YVxHisvB78h-NrN7whM9kSFbqCPq1XIq1CJqyM0a6k3Vd0UbuknobRPMxn-TFYNJCmRPNHdE8mT5h5jHLh1twWFjsHMC3gRC092ktP2jmDT42GZMtxQKx62n060qETaD-Q-RX5lnEB6nA2Hqcau7g4v7OQf5VrOZTtYQmf4MSK_7oK06iXt8M3a8Ou4MbXC1nRi6blIcGcGahpAuKq6Gg96AGvHFamw3UmEPmvjCBHKy_LhqoReft4kbbvlGagDiB09Dp95Ykdln6gosWqhEW5diUb1bv3zIdV1N99jYs5ITdLnp4DffT-D51mLszanw2s5boLUDHNaZ2dnDIevQya8lzyDAJxQjlNxbtlY4annWt1wSM_OogZRV5n3DVbFLjwFBePyakNpwVxWdcnRotncxZO15gDcYtdxH723c1EXehipYDdj17EiSZ6cP_wyTful_im10a6x1tVV5VXR-nKcVp-rI66qZMreqUw44DTjrv9JabmRaBkQDbb1HBHt0ImvKuTJKywNtWr5q7oKMXiar3gkBVmRJGrdJEu-DaM9BNDeTMTEy2nIPbIVE4uoIC5ndql7WzLwIPvd2_fxlBB-rBRXI4GFR6T6Bib6layP4hje_AEUUVIslxY7xMq77UD8ChXn1VGPn25UqrfKy8Z1f1ykdEJ0PV_tnewN30iNt3dI3g&cid=CAASBORoA_E&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
cafe /
Resource Hash
09cfdc8b1582f58a28a81d2b8a2a4efeb687e66af8685892fbe96b09a9e53569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9FBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6Ncd4A9IYa-fAY22gAfYkoH4CajP4rJkg430i70Oj5D0_QgQASCorOYOYMmGgIDkJKABuKq6oAPIAQWoAwHIA5sEqgTPAU_QKYt--h3qDzYWI8v9NyR1UTVf6-IQ0hIGwYWrtP3ZtmyMQ8gO7avcFGEasNdwRZk85y5ZK-jNmSUPr_WP5wPDNjPeM0mr_O1ePg5BW0giLaTQT9LldfVwWk8oPlpZjJVXFRxykEcnsg0vhtXPcfKe005BAyB0Jr3foFgm9iRwj8Kn0wRkBahVgleGAS2wUzHUmO8909cL9XJ0f11moszIq2zSMVIkpmn7DM9m45DqKDeGRUWAXkJkGwJnNPBUwmTRdG_HpX33C5P_Mt44psAEjqGuodYD4AQDiAXG86G6NJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHsNXFX6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwoQtdodGIr_j7EB0ggHCIBhEAEYH4AKAcgLAbAThpW9DMgT683f3QPQEwDYEwqIFBDYFAHQFQGAFwGyFxwKGggAEhRwdWItOTk3Mjk5MzY3MjkzNjIwNhgA&sigh=reUM1kSuU0Y&cid=CAQSGwCNIrLMFGOSZltXDwVO5-aKzp91ScXDT6j1hQ&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9972993672936206&output=html&h=280&slotname=8232744207&adk=1740061813&adf=1633149064&pi=t.ma~as.8232744207&w=610&fwrn=4&fwrnh=100&lmt=1632112607&rafmt=1&psa=0&format=610x280&url=https%3A%2F%2Fptl123.blog.se%2Fpine-tree-lane%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632112607877&bpp=1&bdt=161&idt=113&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=6320254085226&frm=20&pv=1&ga_vid=1178442119.1632112608&ga_sid=1632112608&ga_hid=200045223&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=495&ady=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048%2C44750532&oid=3&pvsid=2245770185150041&pem=249&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8tMxMB55yg&p=https%3A//ptl123.blog.se&dtd=116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 20 Sep 2021 04:36:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 20 Sep 2021 04:36:48 GMT
truncated
/ Frame 9FBA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
868b89400a36bb54614504b4d9206f292fc92f4d5cccf03f8ae4b0fd29b16a9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 9FBA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:11 GMT
file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 9FBA
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/520B469848CF276DAFBAF4021C584F7171F3BC1A.0E2503EF4CD72283876D2D506376196AD80E9515/key/cms1/cms_redirect/yes/mh/oC/mip/216.131.114.157/mm/42/mn/sn-4g5lznez/ms/onc/mt/1632112350/mv/m/mvi/1/pl/24/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.160.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s14-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 04:36:48 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4489659
Last-Modified
Wed, 01 Sep 2021 01:15:09 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 20 Sep 2021 04:36:48 GMT

Redirect headers

date
Mon, 20 Sep 2021 04:36:48 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/520B469848CF276DAFBAF4021C584F7171F3BC1A.0E2503EF4CD72283876D2D506376196AD80E9515/key/cms1/cms_redirect/yes/mh/oC/mip/216.131.114.157/mm/42/mn/sn-4g5lznez/ms/onc/mt/1632112350/mv/m/mvi/1/pl/24/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
701d598b21e9cfbec38334bfcc5c17d882917acec3975285901d0425586f7f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8404
x-xss-protection
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53040
x-xss-protection
0
server
cafe
etag
10624087348813358335
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 04:36:48 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D36A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Fri, 17 Sep 2021 08:58:11 GMT
expires
Sat, 17 Sep 2022 08:58:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
243517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FBA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=34&d=1&s=1&f=0.01&li=v_h.0.0.0&bgai=B9wJM4A9IYdLhIqqPxgKhqYboCAAAAAA4AeAEAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 04:36:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
pagead2.googlesyndication.com/bg/ Frame D36A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
61231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13319
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 19 Sep 2022 11:36:17 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ptl123.blog.se
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame CB28 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 19 Sep 2021 12:54:32 GMT
expires
Sun, 03 Oct 2021 12:54:32 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
56536
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame 9E09 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 19 Sep 2021 12:54:32 GMT
expires
Sun, 03 Oct 2021 12:54:32 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
56536
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 20 Sep 2021 04:36:48 GMT
css2
fonts.googleapis.com/ Frame CB28 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 03:40:53 GMT
server
ESF
date
Mon, 20 Sep 2021 04:36:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 04:36:48 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CB28 		205 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 16:27:22 GMT
x-content-type-options
nosniff
age
43766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 16:27:22 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CB28 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 19:55:10 GMT
x-content-type-options
nosniff
age
31298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 19:55:10 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/ Frame CB28 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7656
x-xss-protection
0
server
cafe
etag
8352096984186353373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:33:15 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 9E09 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:25:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 9E09 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:16:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E09 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1631879102694099"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 04:36:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 9E09 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:29:21 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 9E09 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 15:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
server
cafe
etag
553973696465445763
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 15:48:07 GMT
14111333443517331800
tpc.googlesyndication.com/simgad/ Frame 9E09 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14111333443517331800?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnmANTrizyN3aip5sHFHiDmzDYT8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
62fc75382988d62768547187a523500bb6a397cc53599803076cd434f0a85fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 02:06:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 17:15:01 GMT
server
sffe
age
9030
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11426
x-xss-protection
0
expires
Tue, 20 Sep 2022 02:06:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 460F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 19 Sep 2021 17:49:19 GMT
expires
Mon, 19 Sep 2022 17:49:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
38849
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 48BB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
2a9a4a259b2c682fc29c388b9456798fbecc7968a87ac502e908991026c8ea9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hX35fmXf8OV8pBOYGbQvZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ptl123.blog.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 20 Sep 2021 04:36:48 GMT
date
Mon, 20 Sep 2021 04:36:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-hX35fmXf8OV8pBOYGbQvZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 529A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 20 Sep 2021 04:02:16 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame F486 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 02:51:02 GMT
server
ESF
date
Mon, 20 Sep 2021 04:36:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 04:36:48 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame F486 		1 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:33:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:33:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame F486 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:25:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame F486 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:16:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F486 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1631879102694099"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 04:36:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame F486 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 04:29:21 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame F486 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 09:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 04:03:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sat, 18 Dec 2021 09:35:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 167A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 20 Sep 2021 04:02:16 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
pagead2.googlesyndication.com/bg/ Frame 460F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
61231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13319
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 19 Sep 2022 11:36:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 48BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=2245770185150041&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 9FBA 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/520B469848CF276DAFBAF4021C584F7171F3BC1A.0E2503EF4CD72283876D2D506376196AD80E9515/key/cms1/cms_redirect/yes/mh/oC/mip/216.131.114.157/mm/42/mn/sn-4g5lznez/ms/onc/mt/1632112350/mv/m/mvi/1/pl/24/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s14-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Sep 2021 04:36:48 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4489658/4489659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4489659
expires
Mon, 20 Sep 2021 04:36:48 GMT
last-modified
Wed, 01 Sep 2021 01:15:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
si
googleads.g.doubleclick.net/pagead/drt/ Frame 529A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 20 Sep 2021 04:36:49 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 20-Sep-2021 05:36:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 04:36:49 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 20 Sep 2021 04:36:48 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
pagead2.googlesyndication.com/bg/ Frame E4DF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
61231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13319
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 19 Sep 2022 11:36:17 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 167A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 20 Sep 2021 04:36:49 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 20-Sep-2021 05:36:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 04:36:49 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 20 Sep 2021 04:36:49 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
pagead2.googlesyndication.com/bg/ Frame 3B8C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Requested by
Host: ptl123.blog.se
URL: https://ptl123.blog.se/pine-tree-lane/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
61232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13319
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 19 Sep 2022 11:36:17 GMT
file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 9FBA 		185 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/520B469848CF276DAFBAF4021C584F7171F3BC1A.0E2503EF4CD72283876D2D506376196AD80E9515/key/cms1/cms_redirect/yes/mh/oC/mip/216.131.114.157/mm/42/mn/sn-4g5lznez/ms/onc/mt/1632112350/mv/m/mvi/1/pl/24/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s14-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=131072-

Response headers

date
Mon, 20 Sep 2021 04:36:49 GMT
x-content-type-options
nosniff
Content-Range
bytes 131072-4489658/4489659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4358587
expires
Mon, 20 Sep 2021 04:36:49 GMT
last-modified
Wed, 01 Sep 2021 01:15:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame D36A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9wJM4A9IYdLhIqqPxgKhqYboCAAAAAA4AeAEAg&bg=!mZqlmt7NAAaUnz4elJ87ACkAdvg8WkSzCwXF5Ztl7XEwmn27BJf5nugt1dRyAn2dbswLCERWpykrvwIAAADvUgAAAJ9oAQcKAIwPLvpHNue34X1t07lnJqqrArg1H1c3thrDVa3kMUqDHd1YYdp4IxdsiJYUM1Rb5qeEmffgqjH5xcqh-96N1uhtPueBFRl0UZYIdreoJjTccFBOf_S-czAg-B7v9cxTnpO96QsIpGl0CHijkzVYEqoyrsRfypzjJ3YGjXSgQidceSanRZp5mT2yMMlaq5kCpouB5-HIKrcFDmCZ6mLvbEEHjFQ3Vhxk-HeZnT_G2pfr01Sj90nE_ApMi2F0ssJjhdU0reT9QqVY8uQk8NAwwdWgyff4-x3V9uMGwDSYPuYgE9pHZiYrNtUbOupN-sK2BtExH_lziz0EhWmNkvUzXhyNvNbASaxXPRdKb793VXv-3S1LJLiF8K7fE7AEvaVh_fT5bvAbcl8qIJ8eQ4x0arpCVafTPi57sDalRQweEk9TnibMBAnZoQ9LuoQqtXiwzD8dBBqsMheBgQ6KMvv51JooKx2dMdscl4qMN17fVQ5lT1YkdY-NcNfdsl9vD51rpELEX_rMn6TQP-H1iPWpGjBk0Acd9yfUPUlNPujbRnXGLHAGf4GJvq_2m0LR74J6KcErgLs4pwwX38iS7jA6oKQ2PPJdmIV6_at9u27QgK0wofUUuUP0NGbIOmncX9UUji-VVsZ9V_6SSgU0RzIb2A3j5nFjwdJO2Z4u0ycKP3rTjbT3E9nrXqWGsoWPEG-ZV82mHM-hby-XAbIZr7Jc-7yxynaLm2p0N4hTqi0PdKc_AN9zVScpXG3StVtER8AucE5_EjgCZaqOZQhrgLq6895SGwWtNySzgiCwQiqj7MAMsuisXhaC8xGN3ZNlfOXvakPgmwh0DDQbnid_UZBNWYZxtaPQlgb7Aescu3OqQvjqpYIUTwWHZ4iP7x13u0aJX-s7q8K68AcbmVNlf9QKkKH0CKpV6eKXWIXtEI8_Rd37FxchD4o27FONXJWpT_NYqnn1OOCsVmkXyXI0ZeIQhl2rYfCSdtvsyPVtqedt4pE6CpxHD1b7OrrMKfavz94fRrOImcRbQTqE6qMwEHVH8x00KyDW6nyO8QzFcu90Wbv8KIeyQ3evtcwLUnV0h0OnhkQPj2tc9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 04:36:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=2245770185150041&bg=!WFulWx_NAAaUnz4elJ87ACkAdvg8Wp8tNyfMZ9_vBr-eTUsMRTHJhILdH6nmxziBTbtG0dbeFSfT4AIAAAD0UgAAAAZoAQeZAo5WXfuWhbVkQ4XOzHUoInDzHqzX0M0HMD60qqj4Vsfz2OyJDCJxv-Z_zEhDY3iFnvmZ8iAzz9fBi9QcbvisAC66jG9_5seHoN3F4rc5LPG9O5ncrS-JftA_cDpTKrOvG6OSQ-aCkXVDAneWVb1Fp9tHwQIyTIbcl_8p_Dx-ENk28vPqfe-2WLuSzUar09kStF-T-aiH5A6QcrquuOLUrLzNTkrvtFDQJA_2pZeaQH2s2bTEYo7Q8TS48Qixx8tiBpJwbERA2_aoVuGn3ok9wzS5vh0GWuFxWfxhUbjEdIjZD9SzSZPTuQsEfI9Bo3WzLtnUXJH_ZkNMXL1nB-44Iu-5T0_9qsCYjggf3zNGIjSHXm98tL2M8e7l7cmeKwgKQcDdpL8uosRi8PUUS7QFQjZx_jkGTqcDD_CHtkAq8PkrUNGEAJJKs0yNmfceSU6RSWJwCWHPhSjT82ju_pWxu-bRWsVMUTxmQayMbcihFJm9ErA-0NCAMuvtxJK4drJeKnOShJqpbws8hj9SBWADX_ZdBKaTzt5725pAlssNNueTYwWEdrjP9wY6LiB1iuHGooMxTiEXMn56meCtHmBmLVKft3gW_5H_hAYEGFwyn1CRHkOYB3qH19DyU6u0_IWCq63csx-Q6m22IjacjMhYSnOCFRemfnlimDXODA7QOTYlnale7TySfiKM5ffxp7PDWUkyOMYexIqW3X5PEgDbogomfHkNRUMHlurHRZ_OCSnIDwELIoUdzhxdLkK82-4EVNCg5MYe6g892QhIOQt8EmcA3LQ2xA3XmSE-q1nz_cFTY_KLeKPK70uByLtHC9pXADK9ZtPKratFv98emm7DZdSmFVsCDrbuYGkuohQDdMk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ptl123.blog.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 9FBA 		65 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/9c5013894796bfb6/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3774906910/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/520B469848CF276DAFBAF4021C584F7171F3BC1A.0E2503EF4CD72283876D2D506376196AD80E9515/key/cms1/cms_redirect/yes/mh/oC/mip/216.131.114.157/mm/42/mn/sn-4g5lznez/ms/onc/mt/1632112350/mv/m/mvi/1/pl/24/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s14-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=294912-

Response headers

date
Mon, 20 Sep 2021 04:36:49 GMT
x-content-type-options
nosniff
Content-Range
bytes 294912-4489658/4489659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4194747
expires
Mon, 20 Sep 2021 04:36:49 GMT
last-modified
Wed, 01 Sep 2021 01:15:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame 9FBA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kts5pgin&c=4058902690888&slotId=2029451345444&qqid=CK-P8KHdjPMCFQ0b4AodWEkAnw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=1000&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.174.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom07s25-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 04:36:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| love_me object| sbe_localized object| adsbygoogle object| branda_footer_node object| branda_footer object| ub_cookie_notice function| twentytwentyoneResponsiveEmbeds object| wp object| twemoji object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| google_llp object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
ptl123.blog.se/ Name: PHPSESSID
Value: 51dc2e8c4a6682ca83997774d4d6a5a1
.blog.se/ Name: __gads
Value: ID=99aca4198c3b4a37-22ad08e13dc900c7:T=1632112608:RT=1632112608:S=ALNI_MbzXgTCw71nhcgsjW4ORCZHOyzAJA
.doubleclick.net/ Name: IDE
Value: AHWqTUmSNskWxafNr7SREq8Ky4m1o1mab9lSjboIPGcT-iA4XJHnAH0hNXw1iPpjQIo
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
ptl123.blog.se
r1---sn-4g5lznez.c.2mdn.net
secure.gravatar.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
142.250.184.202
142.250.184.226
142.250.184.234
142.250.185.162
142.250.185.226
142.250.185.238
142.250.185.97
142.250.185.99
142.250.186.164
142.250.74.195
172.217.174.67
172.217.23.98
192.0.73.2
209.42.194.111
74.125.140.154
74.125.160.198
037ea6d62946a9717e6ba5c0d9abd0be1bb77359ec5c21379e85afb8e1d30c13
09cfdc8b1582f58a28a81d2b8a2a4efeb687e66af8685892fbe96b09a9e53569
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
16baa3d91cfb213bf83344b69d7e674fe2dd53559412cd4ec00f658810fefa0d
175437ab2d5703d39c01d0f479b19f9b1569bfb2cf43dca8cbf30ff962f0f48b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e795f0dd16d7f8d6456e9ef9e02f21781af0546ddfada8ed75ac7d9abadae6e
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
284e92ac7c086f48990efe91782ffbd5dbe5642c83aa51217959e1864b2a8fba
2a9a4a259b2c682fc29c388b9456798fbecc7968a87ac502e908991026c8ea9f
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5058934dd8559719f83ba5fc9dc0f76582cba080679ab2c5a1618d1c4dfb1967
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
62fc75382988d62768547187a523500bb6a397cc53599803076cd434f0a85fa7
63853358062851484805239d8047f783c3468bfad489ce3f80fe6ded4e581266
6c2a348f013688561b8e9150e24a38a9c6722682e9f352e88dd7650157b1bebf
701d598b21e9cfbec38334bfcc5c17d882917acec3975285901d0425586f7f4f
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
868b89400a36bb54614504b4d9206f292fc92f4d5cccf03f8ae4b0fd29b16a9c
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
94dcbfd217ebcabb12fcd3012f9e2f098bd9f2a2bbd89fb6a1c3596258372f26
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9d2f744cffd63a62122c33b074064aa1f5d61269922a19ac636fd1720da59f27
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a
a914dcbc1a475591ca1493cc05020c4d6e32b2d24d5e0094a13840ed00ca0038
a918a9299ad3617d395fe361fe1a0e1e290f72c5a1373dd31fb13cd9fa2746af
aaca667dd776a7818c683b3a645aedd18452e0409c28ce90f0eb46c2545a6735
ae28f0678daab517350e23060181d3ad86fab9c3efd9f7419eac21706680716f
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c81958c9efd64cd66c55483a3b51870cba3f108d863300962133d1acd1784916
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd9748e774b3b473989eb1683678462580f7a2b79ea28b3c5db2527027e241c5
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
dbb8783903eac41e13202f9cdb441e23fb7fc93ae3cf66acb23cfc244cf3c6b1
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
f9fae20d30474c95bf8745df26cfa5c62803462a9ee57dd710c8266d7ece3f3e
fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5