mdundo.com Open in urlscan Pro
159.69.149.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mdundo.com/profile/130145/
Effective URL:
https://mdundo.com/loginfb
Submission: On April 15 via api (April 15th 2023, 11:00:39 am UTC) from IE — Scanned from DE

Summary HTTP 115 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 28 domains to perform 115 HTTP transactions. The main IP is 159.69.149.44, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is mdundo.com. The Cisco Umbrella rank of the primary domain is 215974.
TLS certificate: Issued by R3 on March 25th 2023. Valid for: 3 months.

This is the only time mdundo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	159.69.149.44 159.69.149.44	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.18 108.138.17.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	52.13.189.96 52.13.189.96	16509 (AMAZON-02) (AMAZON-02)
1	65.8.234.54 65.8.234.54	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 20	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
5 5	3.124.143.199 3.124.143.199	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2 4	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5 6	18.184.93.146 18.184.93.146	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	3.125.54.52 3.125.54.52	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:398b:a04b:d794:3da4	16509 (AMAZON-02) (AMAZON-02)
115	28

13 159.69.149.44 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.44.149.69.159.clients.your-server.de

mdundo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-18.fra56.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.13.189.96 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-189-96.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.234.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-234-54.den52.r.cloudfront.net

a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.124.143.199 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-199.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.182 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.35.84 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.184.93.146 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.54.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-54-52.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:398b:a04b:d794:3da4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	441 KB
34	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 220	247 KB
13	mdundo.com 1 redirects mdundo.com — Cisco Umbrella Rank: 215974	95 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 314	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	87 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 768	4 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1255	923 B
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 585	3 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4908	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6074 adservice.google.de — Cisco Umbrella Rank: 9047	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	147 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2338	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 779 s.tribalfusion.com — Cisco Umbrella Rank: 1904	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4727	745 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 42407	1017 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 685	798 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 833 r.turn.com — Cisco Umbrella Rank: 3425	869 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 182 partner.googleadservices.com — Cisco Umbrella Rank: 925	18 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 449	714 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 627	543 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 654	98 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 337	265 B
1	cloudfront.net a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net	58 B
1	a2z.com 1 redirects redirect.prod.experiment.routing.cloudfront.aws.a2z.com	138 B
1	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 16151 certify.alexametrics.com Failed	2 KB
115	28

	Domain	Requested by
20	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
18	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
16	pagead2.googlesyndication.com	mdundo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	mdundo.com	1 redirects mdundo.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
7	www.google.com	1 redirects mdundo.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	x.bidswitch.net	5 redirects
5	pm.w55c.net	5 redirects
5	www.gstatic.com	googleads.g.doubleclick.net
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	d5p.de17a.com	4 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	mdundo.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	mdundo.com googleads.g.doubleclick.net
2	a.sportradarserving.com	2 redirects
2	pool.admedo.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google.de	mdundo.com
2	www.google-analytics.com	mdundo.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net	mdundo.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	certify-js.alexametrics.com	mdundo.com
1	www.googleadservices.com	mdundo.com
0	certify.alexametrics.com Failed	mdundo.com
115	39

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
www.facebook.com
www.mdundoforfans.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
mdundo.com R3	`2023-03-25` - `2023-06-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
certify-js.alexametrics.com Amazon RSA 2048 M02	`2023-03-01` - `2023-06-27`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://mdundo.com/loginfb
Frame ID: 1150A7A2D88EC7CB9B04E2F2FC921F94
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 0AB2F2F163905C4DCDFE73D403D61C62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4721105574136909&output=html&adk=1272721408&adf=3838797007&lmt=1681556434&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmdundo.com%2Floginfb&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681556434639&bpp=13&bdt=383&idt=319&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4324616783219&frm=20&pv=2&ga_vid=307114816.1681556435&ga_sid=1681556435&ga_hid=1903012678&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073806%2C44786918&oid=2&pvsid=3452936507512671&tmod=1074937321&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=348
Frame ID: 6E9B7F356EBF29E02203524E8A1AD340
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: C6F76CED561BF6BAE59A6B44FF3D189A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7B926FC892023C4DA0D9AE258FD10D45
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 54D384ED2D0D6D464697D3D27E19D23E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0A9A0A35B377C10A837DA63E1906081A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED92AF8E4A653CFBC7E3FE9A751F9584
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 90D792A587DCAD93904EBF2ED3D09AEE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 637346F182427DAAE090613B1CF4D1CA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3766907D3951EAEAB72136795171F202
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 171C801D086F3ECE37B114A265483690
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A158957D3F055E84B5E484A902ADEFC7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 45DB00BD26F16C28C991FD0E16A34C19
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 07179494AE8C20CBEEF8EA07B8316602
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login to continue

Page URL History Show full URLs

https://mdundo.com/profile/130145/ HTTP 302
https://mdundo.com/loginfb Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

115
Requests

83 %
HTTPS

53 %
IPv6

28
Domains

39
Subdomains

28
IPs

7
Countries

1065 kB
Transfer

2980 kB
Size

38
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://get.adobe.com/flashplayer/
Title: Flash plugin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/v3.2/dialog/oauth?client_id=219180598216415&state=eee3674d75abf2a7645484d0f53cb1bd&response_type=code&sdk=php-sdk-5.7.0&redirect_uri=https%3A%2F%2Fmdundo.com%2Floginfb%2Fcallback&scope=email%2Cuser_location%2Cuser_birthday

Search URL Search Domain Scan URL

URL: https://www.mdundoforfans.com/
Title: About us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mdundomusic/

Search URL Search Domain Scan URL

URL: https://twitter.com/Mdundomusic

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mdundomusicke/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mdundo.com/profile/130145/ HTTP 302
https://mdundo.com/loginfb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
https://a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net/test.png

Request Chain 78

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENM6I9OWA2oy67WXQY1orxQ&google_cver=1&google_push=Aer7DvI_FbRXeEqUEw34p8njM65kiQ8wnn6l4mKX66mkFv5NnvkAr2yg9V5VLWux3ZSpGlHsRzYtdrck69UjId23iCivmQdnlBdthZDN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQwMDc5MzA3MDU3MTc0NjUyMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENM6I9OWA2oy67WXQY1orxQ&google_cver=1

Request Chain 80

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvLjnTNVXPtcC2GYQKkq_kjLtvmnTDguhXnsCQ65ONQrBme4t07L5TZK_-VnGR5Q1eaQa1N8O79M2C1ivaTc6wSFSNcLqiY6R_lp HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvLjnTNVXPtcC2GYQKkq_kjLtvmnTDguhXnsCQ65ONQrBme4t07L5TZK_-VnGR5Q1eaQa1N8O79M2C1ivaTc6wSFSNcLqiY6R_lp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvLjnTNVXPtcC2GYQKkq_kjLtvmnTDguhXnsCQ65ONQrBme4t07L5TZK_-VnGR5Q1eaQa1N8O79M2C1ivaTc6wSFSNcLqiY6R_lp

Request Chain 81

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKkDHbg53VvnrUuDSHh_zgI&google_cver=1&google_push=Aer7DvKIXMU1W7RY3b4EB4KdigHD_kZt3kYnB197HbwKxprLXO79jt70nodlbyWRolLDH8H24wLjEJSlB9Hp5Rw-D1WH1VXT77t0x_ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKIXMU1W7RY3b4EB4KdigHD_kZt3kYnB197HbwKxprLXO79jt70nodlbyWRolLDH8H24wLjEJSlB9Hp5Rw-D1WH1VXT77t0x_ag&google_hm=Y7K-OQCQSoWqZXTvFST6N8Q

Request Chain 82

https://d5p.de17a.com/cookies/google?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlxj9Bt8NRWY HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlxj9Bt8NRWY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlxj9Bt8NRWY

Request Chain 83

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRgi9s0w6pje94e-3ndJ9_uqJl1ST HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRgi9s0w6pje94e-3ndJ9_uqJl1ST HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ3MDA4NDk1OTQwMjkxMzQ1Ng&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRgi9s0w6pje94e-3ndJ9_uqJl1ST

Request Chain 84

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOjvKFXjjDl7JaIoqAOMuEA&google_cver=1&google_push=Aer7DvKr7uDvj29yn9VcYjzzn92kRreaxpTizhh_2cmMoXABm0K8xwnAXb3SWCr5U7aySS2TSjllOeR66d9kyiXsrsQO9YbeMBP6aLTDMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKr7uDvj29yn9VcYjzzn92kRreaxpTizhh_2cmMoXABm0K8xwnAXb3SWCr5U7aySS2TSjllOeR66d9kyiXsrsQO9YbeMBP6aLTDMQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 86

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvKlkwQAIES8Rt8snoaDgbhjWXTPDPqExlDYRKsRgc4jy840s-sg_V67II7_Sy2cDM5hZ1I99RzTbMvaE5fwUtdy4EVU2aCMmCV0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvKlkwQAIES8Rt8snoaDgbhjWXTPDPqExlDYRKsRgc4jy840s-sg_V67II7_Sy2cDM5hZ1I99RzTbMvaE5fwUtdy4EVU2aCMmCV0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvKlkwQAIES8Rt8snoaDgbhjWXTPDPqExlDYRKsRgc4jy840s-sg_V67II7_Sy2cDM5hZ1I99RzTbMvaE5fwUtdy4EVU2aCMmCV0

Request Chain 88

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKkDHbg53VvnrUuDSHh_zgI&google_cver=1&google_push=Aer7DvLtNOEVRgsgI8d5MUnsO66roDuifuMsDI5K8WypIGavAengYatGg3ko2LO7sf8EM-9l2EEFW3rkbLwWTI2huP5ZhABc1pHYGh4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLtNOEVRgsgI8d5MUnsO66roDuifuMsDI5K8WypIGavAengYatGg3ko2LO7sf8EM-9l2EEFW3rkbLwWTI2huP5ZhABc1pHYGh4&google_hm=ab47v2wrQTuM-9-A2H3BucQ

Request Chain 90

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO87iIsP0o2bo8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO87iIsP0o2bo8 HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1e74a359-089f-424a-a981-a022534ed103 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1e74a359-089f-424a-a981-a022534ed103 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d693bf65-e08c-4a70-a752-ad454071ad6a&user_group=1&ssp=google&bsw_param=1e74a359-089f-424a-a981-a022534ed103 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=HnSjWQifQkqpgaAiU07RAw== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1

Request Chain 91

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277szhv6XnN1MrrJP1dVjexNhvvh90 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277szhv6XnN1MrrJP1dVjexNhvvh90 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1MjUyNDc0NjU4NTU1MjY4MQ&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277szhv6XnN1MrrJP1dVjexNhvvh90

Request Chain 92

https://d5p.de17a.com/cookies/google?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJfuRCcWyE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJfuRCcWyE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJfuRCcWyE

Request Chain 95

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMiKU5DE8jQ1XXxF28SGbm8&google_cver=1&google_push=Aer7DvK4n2fK1zFLha-3zH4-ybkEZGzMNJnBCde44B0okSfJToz0hJhiNBIFBcNanxxvQAiYrPQ1DPObQbpQ_-NBYJPI2MwiHCPtjexj HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK4n2fK1zFLha-3zH4-ybkEZGzMNJnBCde44B0okSfJToz0hJhiNBIFBcNanxxvQAiYrPQ1DPObQbpQ_-NBYJPI2MwiHCPtjexj&google_hm=xDLMCMxoxP69ndw0ojySdw

Request Chain 96

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvJolNCyJDEYTMmmphWPg7L83jl2bc4HgAE90YCwir4cJ63N5NxfInkysGV3HDxGhDaTjc4D0X6tABPhQN-PsfeEo7dBw_JY6wPu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvJolNCyJDEYTMmmphWPg7L83jl2bc4HgAE90YCwir4cJ63N5NxfInkysGV3HDxGhDaTjc4D0X6tABPhQN-PsfeEo7dBw_JY6wPu

Request Chain 97

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEJoCRRHyJJ9ZrLy1bEZxew&google_cver=1&google_push=Aer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEJoCRRHyJJ9ZrLy1bEZxew&google_cver=1&google_push=Aer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 98

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH0EqXH4aR5xWvRgzOBKKFk&google_cver=1&google_push=Aer7DvJzehAnsjYMqJb0B226_-upZ6r0bEfWCr0p0Ymktsz1g8jVBF9SAWKsKBQdGGPh-6SRsLqm88vOUWI_AuD2pYl0L6Ho51BMm9s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH0EqXH4aR5xWvRgzOBKKFk&google_push=Aer7DvJzehAnsjYMqJb0B226_-upZ6r0bEfWCr0p0Ymktsz1g8jVBF9SAWKsKBQdGGPh-6SRsLqm88vOUWI_AuD2pYl0L6Ho51BMm9s

Request Chain 99

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1&google_push=Aer7DvLZQoPGersRhoGGk9JT5qMjJ54cfZj21Ztck-o1CORiSAWNttGS_qCisizQHRpwq1hlxN0kbDHkrZH7obxoLOw7A-IXM61puZ0Q HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b0f4074a-68a2-42cd-9bee-1583dfea6dd2&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO87iIsP0o2bo8&google_hm=HnSjWQifQkqpgaAiU07RAw==

Request Chain 100

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELp9kk9n7Z7OwtUiLkCh1eM&google_cver=1&google_push=Aer7DvKmmVsRpp7CgETtZoIpSiTeyM8aSaDJ26dRXPrEjU4mf2Qw40Qu0ucatbVhYhZ0gZ-EPb_MDI96JAJoRhFJxUYhl30EBxIZMww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKmmVsRpp7CgETtZoIpSiTeyM8aSaDJ26dRXPrEjU4mf2Qw40Qu0ucatbVhYhZ0gZ-EPb_MDI96JAJoRhFJxUYhl30EBxIZMww&google_hm=eS0zNHgzMWRsRTJwRm9FTkJQbzVocjl2WWRQUVBnWTl3VX5B

Request Chain 101

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOjvKFXjjDl7JaIoqAOMuEA&google_cver=1&google_push=Aer7DvLR98TaDa_C4R7FId3Q-Rg-ZHRKzThPpY5om8nsIVA1y0BD2Y-HAMMnIm5lPZjfmH3uLuD22uuqgPmacfZSPCNEyiLABPi4Vvq66A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLR98TaDa_C4R7FId3Q-Rg-ZHRKzThPpY5om8nsIVA1y0BD2Y-HAMMnIm5lPZjfmH3uLuD22uuqgPmacfZSPCNEyiLABPi4Vvq66A HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

115 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request loginfb Show response
mdundo.com/
Redirect Chain

https://mdundo.com/profile/130145/
https://mdundo.com/loginfb

11 KB
4 KB

27ms
26ms

Document
text/html

159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7b3351df0a6eb5434aa8703ee3148d365d07f6a9048d5469bdcfa7b352e5010e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 11:00:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 11:00:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://mdundo.com/loginfb
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 138ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3ac8f8e7ca28c015328c1c7107d63abde799529cde0cd99e026410b2c0fbc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 10:28:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK normalize.css
mdundo.com/media/css/lib/ 8 KB
3 KB 11ms
11ms Stylesheet
text/css 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/media/css/lib/normalize.css
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d14fd5e2878e4af0e1e5d59fbb18d86fa17cf34bf15506ee64770828f79f4352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2017 16:09:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"58b05aba-1e3e"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK styles.min.css
mdundo.com/media/css/ 47 KB
10 KB 39ms
27ms Stylesheet
text/css 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/media/css/styles.min.css?6
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 11b8f67c842cd30296045ea9e03a39881951bb458f70b7b229381ccfac676ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 11:19:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63e8cb43-ba85"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 196ms
112ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d94ecbb36b187419e8cb28e32611859fdb6afe50c340e764588b42befaf0eb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25676
x-xss-protection: 0
server: cafe
etag: 693 / 19462 / 31073843 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 177ms
94ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39327a35fb8377eb81a97afbd6fa5c6553c14451b0de199a41ab38d7d527be42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Origin: https://mdundo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48132
x-xss-protection: 0
server: cafe
etag: 12849973819909023535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK logo.png
mdundo.com/media/img/ 5 KB
5 KB 11ms
9ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/logo.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 58c556a77e1091ea10a769e3dcd5f78ce23da8b8f8cecc5e0c6bec4f6982a19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-1263"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4707
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK search.png
mdundo.com/media/img/ 837 B
1 KB 34ms
12ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/search.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4f91c1a82b10ae7114c24b5209184946d2077504317445146b12ad241f5faf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-345"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 837
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK login.png
mdundo.com/media/img/ 2 KB
2 KB 33ms
11ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/login.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 95f5781079435ee28d5944187bf013b60680a54311038914048c7d426940f14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-749"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1865
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK favicon.gif
mdundo.com/media/img/ 382 B
699 B 31ms
9ms Image
image/gif 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/favicon.gif
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4b4623dcf73eed08e1b1f1647f5930eaceb8cd577e113cf1d55871edbf74a2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Mon, 29 Oct 2012 11:19:23 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "508e663b-17e"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK fblogin.png
mdundo.com/media/img/ 5 KB
6 KB 33ms
11ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/fblogin.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b0f6dfbdb0c4661c98625afa1b6e73167265db04cbfc21f7347abe74c561a91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 29 Nov 2019 13:57:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5de123ca-154d"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5453
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK fb_ico.png
mdundo.com/media/img/social/ 975 B
1 KB 21ms
10ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/social/fb_ico.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c734b0c73ede2b80c38da454f7f032b1fdc89c6ca267f6cb04dde785f7dd8cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-3cf"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 975
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK tw_ico.png
mdundo.com/media/img/social/ 1 KB
2 KB 20ms
9ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/social/tw_ico.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3792b26878c08fef3901b4a2be810c3b5f686a0511563dda0fcb0d82b81225d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-563"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1379
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK insta_ico.png
mdundo.com/media/img/social/ 1 KB
1 KB 11ms
9ms Image
image/png 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdundo.com/media/img/social/insta_ico.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 67e3252b91889bf16e4e28affed531d22ff53cbc5d3f166f5e878e00e44006be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Last-Modified: Fri, 24 Feb 2017 16:09:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "58b05abb-472"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1138
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H/1.1 200
OK all.js Show response
mdundo.com/media/js/ 159 KB
58 KB 12ms
11ms Script
application/javascript 159.69.149.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdundo.com/media/js/all.js?5
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.149.44 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.149.69.159.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 700152000df3a6ac1ac70c078b5554f974e2d93be0113a9aab46a65d36b7d53c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/loginfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Feb 2023 11:15:07 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63e8ca3b-27c30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sun, 16 Apr 2023 11:00:34 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 48 KB
18 KB 247ms
119ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ffe9f5af1f80a9ba2f3208eb78ffcc24421bdbdd2964fa9799e055091a0970f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17795
x-xss-protection: 0
server: cafe
etag: 11089304436725066277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 161ms
36ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 10:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 12:11:32 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 51ms
20ms Script
application/javascript 108.138.17.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 04:50:57 GMT
Content-Encoding: gzip
Via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 8402978
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: aMj6Ld7O8I3l8uB-QyaTHt-6G5hG__ILUYcPoBbdTpahIdPyDBD0OA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 154ms
37ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mdundo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:18 GMT
x-content-type-options: nosniff
age: 347356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:18 GMT

GET atrk.gif
certify.alexametrics.com/ 0
0

GET
H/1.1

200
OK

test.png
a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net/
Redirect Chain

https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
https://a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net/test.png

58 B
58 B

484ms
131ms

Image
text/plain

65.8.234.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net/test.png
Requested by: Host: mdundo.com
URL: https://mdundo.com/loginfb
Protocol: HTTP/1.1
Server: 65.8.234.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-234-54.den52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 11:00:35 GMT
Via: 1.1 d50ea39d66fbd0459a5507b1cf70c2dc.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: lIZwwLRzXgl58-bdXjuonFrujXsWx7zhJL2hyhGI8Pc4SoHw3TCyoQ==
Expires: Sat, 15 Apr 2023 11:00:35 GMT

Redirect headers

location: https://a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net/test.png
access-control-allow-origin: *
date: Sat, 15 Apr 2023 11:00:34 GMT
server: Server
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/ 398 KB
124 KB 53ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59036
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126317
x-xss-protection: 0
server: cafe
etag: 18140124545370589291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:36:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 89 B
93 B 190ms
88ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mdundo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57e046398f9d9641640adf9f3a0261655e9aa772113d08ddee736d132b414ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:00:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 345 KB
116 KB 184ms
99ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4721105574136909&plah=mdundo.com&bust=31073806

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f28d52566e06d7573ca2c0192e3024140b00cc37a4d45eedfd037bd363a0bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118227
x-xss-protection: 0
server: cafe
etag: 16588080230812835794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 0AB2 10 KB
5 KB 158ms
34ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 20:00:38 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 20:00:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/932117244/ 3 KB
1 KB 145ms
78ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932117244/?random=1681556434729&cv=9&fst=1681556434729&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmdundo.com%2Floginfb&tiba=Login%20to%20continue&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332fbecd639ed92efea139f6d76c5ad38f3680a2cddf540f1fe289a1a79ca65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 100ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5519182-38&cid=307114816.1681556435&jid=2082488463&gjid=1014320226&_gid=1078347833.1681556435&_u=IGBAgAABAAAAAE~&z=1734883918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdundo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 15 Apr 2023 11:00:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdundo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 65ms
42ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1903012678&t=pageview&_s=1&dl=https%3A%2F%2Fmdundo.com%2Floginfb&ul=en-us&de=UTF-8&dt=Login%20to%20continue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=2082488463&gjid=1014320226&cid=307114816.1681556435&tid=UA-5519182-38&_gid=1078347833.1681556435&z=1322435229

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 22:05:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46518
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 148ms
63ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5519182-38&cid=307114816.1681556435&jid=2082488463&_u=IGBAgAABAAAAAE~&z=129041849

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 145ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5519182-38&cid=307114816.1681556435&jid=2082488463&_u=IGBAgAABAAAAAE~&z=129041849

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
600 B 130ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mdundo.com&callback=_gfp_s_&client=ca-pub-4721105574136909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4721105574136909&plah=mdundo.com&bust=31073806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db207e79fda637962b2b471ed29e9b8f96a1cee636b4109415566fad776b4c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 127ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mdundo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 125ms
43ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mdundo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=main-header%20js_main-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E9B 377 KB
74 KB 1332ms
1328ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4721105574136909&output=html&adk=1272721408&adf=3838797007&lmt=1681556434&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmdundo.com%2Floginfb&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681556434639&bpp=13&bdt=383&idt=319&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4324616783219&frm=20&pv=2&ga_vid=307114816.1681556435&ga_sid=1681556435&ga_hid=1903012678&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073806%2C44786918&oid=2&pvsid=3452936507512671&tmod=1074937321&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=348

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe01291528467c7ac5397942f89ede78d097d9112261d9abc4b6c82218522d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:00:36 GMT
expires: Sat, 15 Apr 2023 11:00:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/932117244/ 42 B
455 B 88ms
51ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/932117244/?random=1681556434729&cv=9&fst=1681556400000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmdundo.com%2Floginfb&tiba=Login%20to%20continue&fmt=3&is_vtc=1&random=3925604721&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/932117244/ 42 B
455 B 89ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/932117244/?random=1681556434729&cv=9&fst=1681556400000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmdundo.com%2Floginfb&tiba=Login%20to%20continue&fmt=3&is_vtc=1&random=3925604721&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 85ms
83ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d72c6cc9306c44a085451865222231ab0ef84b4c6bbbbfde0933531fa92249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11301
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 150 KB
51 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/reactive_library_fy2021.js?bust=31073806

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4a7da8fbb125aaa25e76f6c32e394ab35051cbf3454c0c14192b33dc32db5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52139
x-xss-protection: 0
server: cafe
etag: 13598107546233077658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 87 KB
30 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/slotcar_library_fy2021.js?bust=31073806

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4721105574136909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3671881892bbac652c4c7e8a8481f0e7f9b3d0b662107cc35db6c95b6c6d3947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30770
x-xss-protection: 0
server: cafe
etag: 7582008660690961071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 131ms
46ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 47ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mdundo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
43ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mdundo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame C6F7 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 00:19:45 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 00:19:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 7B92 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 00:19:45 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 00:19:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 54D3 10 KB
4 KB 38ms
35ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 00:19:45 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 00:19:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C6F7 4 KB
728 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 10:21:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C6F7 205 B
650 B 149ms
37ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:36:50 GMT
x-content-type-options: nosniff
age: 23026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Apr 2024 04:36:50 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C6F7 604 B
695 B 149ms
37ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:17:39 GMT
x-content-type-options: nosniff
age: 78177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Apr 2024 13:17:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame C6F7 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7B92 2 KB
846 B 36ms
36ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 7B92 22 KB
9 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7B92 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7B92 20 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7B92 0
0 45ms
43ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwCR6YUQTfQhKUfDPCRxCngOsmQZwlis9-qc4HI8IqbpYZOA51KMjKCGJfNC0_DT3Kyc24RIlKqn-z8uSumzIzPOdFZg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B92 159 KB
49 KB 143ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 7B92 33 KB
14 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:17:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 54D3 2 KB
799 B 43ms
43ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 54D3 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 54D3 3 KB
1 KB 50ms
46ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 54D3 20 KB
8 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 54D3 0
0 46ms
43ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyrv5JY11O9opvfpNI7brtrKNhroAAgVbc7X0Sxzb0uVhAoKdyxKRzsCB_UZhq45etTGIbRWOtowRyQiKY2H-71kPOqQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54D3 159 KB
49 KB 178ms
105ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 54D3 33 KB
14 KB 152ms
79ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:17:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0A9A 13 KB
5 KB 55ms
36ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:09:42 GMT
expires: Sun, 14 Apr 2024 10:09:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED92 783 B
952 B 61ms
47ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9065536161996d42964f03bdf5d13d72e504ef7f4cf5c5ad257893a4ce514680

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QkVwlMxttEY_SlsaTekZFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mdundo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-QkVwlMxttEY_SlsaTekZFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:00:36 GMT
expires: Sat, 15 Apr 2023 11:00:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame 90D7 8 KB
893 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 10:19:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 90D7 2 KB
765 B 36ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 90D7 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 90D7 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 90D7 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 90D7 0
0 45ms
44ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdljBWQMeNChYg0oxnhDOlsbVLllXEFqJJyHunjKQh6WAsD7js1DuPduLMN0XPIknEo1lv6lxaafKjrBjRyDaMqC9XPg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90D7 159 KB
49 KB 133ms
127ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:00:36 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 90D7 33 KB
14 KB 57ms
51ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:17:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6373 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3766 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 171C 143 B
166 B 41ms
36ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A158 1 KB
643 B 41ms
36ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A9A 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6373
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENM6I9OWA2oy67WXQY1orxQ&google_cver=1&google_push=Aer7DvI_FbRXeEqUEw34p8njM65kiQ8wnn6l4mKX66mkFv5NnvkAr2yg9V5VLWux3ZSpGlHsRzYtdrck69UjId23iCivmQdnlBdthZDN
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQwMDc5MzA3MDU3MTc0NjUyMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENM6I9OWA2oy67WXQY1orxQ&google_cver=1

43 B
398 B

163ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENM6I9OWA2oy67WXQY1orxQ&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENM6I9OWA2oy67WXQY1orxQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6373 35 B
464 B 42ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMiKU5DE8jQ1XXxF28SGbm8&google_cver=1&google_push=Aer7DvKRnJB53MI93wAf9tYC10BCmYq7t5w-Y9SZK0M_ZeT-1VU3rqdoAg3DEwRJh4nYwM4n5spjaFDolOUref5RCeRZKCL3o5Nm3n0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6373
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvLjnTNVXPtcC2GYQKkq_kjLtvmnTDguhXnsCQ65ONQ...

170 B
232 B

56ms
53ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvLjnTNVXPtcC2GYQKkq_kjLtvmnTDguhXnsCQ65ONQrBme4t07L5TZK_-VnGR5Q1eaQa1N8O79M2C1ivaTc6wSFSNcLqiY6R_lp

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 11:00:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-09a32cc2c473a3db5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvLjnTNVXPtcC2GYQKkq_kjLtvmnTDguhXnsCQ65ONQrBme4t07L5TZK_-VnGR5Q1eaQa1N8O79M2C1ivaTc6wSFSNcLqiY6R_lp
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6373
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKkDHbg53VvnrUuDSHh_zgI&google_cver=1&google_push=Aer7DvKIXMU1W7RY3b4EB4KdigHD_kZt3kYnB197HbwKxprLXO79jt70nodlbyWRolLDH8H24wLjEJSlB9H...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKIXMU1W7RY3b4EB4KdigHD_kZt3kYnB197HbwKxprLXO79jt70nodlbyWRolLDH8H24wLjEJSlB9Hp5Rw-D1WH1VXT77t0x_ag&google_hm=Y7K-OQCQSoWqZXTv...

170 B
232 B

83ms
57ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKIXMU1W7RY3b4EB4KdigHD_kZt3kYnB197HbwKxprLXO79jt70nodlbyWRolLDH8H24wLjEJSlB9Hp5Rw-D1WH1VXT77t0x_ag&google_hm=Y7K-OQCQSoWqZXTvFST6N8Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKIXMU1W7RY3b4EB4KdigHD_kZt3kYnB197HbwKxprLXO79jt70nodlbyWRolLDH8H24wLjEJSlB9Hp5Rw-D1WH1VXT77t0x_ag&google_hm=Y7K-OQCQSoWqZXTvFST6N8Q
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6373
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlx...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67kn...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlxj9Bt8NRWY

170 B
232 B

54ms
45ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlxj9Bt8NRWY

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvIsk1HkPdQx-hjDoACGmPMEZra4ePsJbO1NxmSpe9oh-6maur5029Ck_IBKDXhY08swwJyEAmcbrblYGg0FP67knlxj9Bt8NRWY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6373
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRgi9...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ3MDA4NDk1OTQwMjkxMzQ1Ng&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRg...

170 B
232 B

63ms
55ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ3MDA4NDk1OTQwMjkxMzQ1Ng&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRgi9s0w6pje94e-3ndJ9_uqJl1ST

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ3MDA4NDk1OTQwMjkxMzQ1Ng&google_push=Aer7DvJb6SWaE-Ya9R3jzWsrctDjktBvQvfCx-nAtpAwAUogILrxGxHzHPtTwo4l0VTDpwQ28_6kRgi9s0w6pje94e-3ndJ9_uqJl1ST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 6373
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOjvKFXjjDl7JaIoqAOMuEA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKr7uDvj29yn9VcYjzzn92kRreaxpTizhh_2cmMoXABm0K8xwnAXb3SWCr5U7aySS2TSjllOeR66d9kyiXsrsQO9YbeMBP6aLTDMQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
48ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 15 Apr 2023 11:00:37 GMT
pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6373 0
130 B 143ms
43ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lgyms5R6ypgoN0bCs33bxyZoIExcFbeNi3NiP1oolmt637V_GifOqbyhf0r3QptI0WrIUjtg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3766
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvKlkwQAIES8Rt8snoaDgbhjWXTPDPqExlDYRKsRgc4...

170 B
232 B

54ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvKlkwQAIES8Rt8snoaDgbhjWXTPDPqExlDYRKsRgc4jy840s-sg_V67II7_Sy2cDM5hZ1I99RzTbMvaE5fwUtdy4EVU2aCMmCV0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 11:00:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-00cce439c1d70db9e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvKlkwQAIES8Rt8snoaDgbhjWXTPDPqExlDYRKsRgc4jy840s-sg_V67II7_Sy2cDM5hZ1I99RzTbMvaE5fwUtdy4EVU2aCMmCV0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3766 70 B
265 B 116ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI4liXgZfAKALhFHVa-wnYg&google_cver=1&google_push=Aer7DvLa6KnBRYxBPSaFCnOknGCZVPlbXeZJ_kULRHRef8W9B48nWWX1wDhHgMZ8jGUPOjkICuRuNPgx_Wcg8WHu2Bbn0eu4tg1DBxHX
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 15 Apr 2023 11:00:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3766
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKkDHbg53VvnrUuDSHh_zgI&google_cver=1&google_push=Aer7DvLtNOEVRgsgI8d5MUnsO66roDuifuMsDI5K8WypIGavAengYatGg3ko2LO7sf8EM-9l2EEFW3rkbLw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLtNOEVRgsgI8d5MUnsO66roDuifuMsDI5K8WypIGavAengYatGg3ko2LO7sf8EM-9l2EEFW3rkbLwWTI2huP5ZhABc1pHYGh4&google_hm=ab47v2wrQTuM-9-A2...

170 B
329 B

78ms
53ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLtNOEVRgsgI8d5MUnsO66roDuifuMsDI5K8WypIGavAengYatGg3ko2LO7sf8EM-9l2EEFW3rkbLwWTI2huP5ZhABc1pHYGh4&google_hm=ab47v2wrQTuM-9-A2H3BucQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLtNOEVRgsgI8d5MUnsO66roDuifuMsDI5K8WypIGavAengYatGg3ko2LO7sf8EM-9l2EEFW3rkbLwWTI2huP5ZhABc1pHYGh4&google_hm=ab47v2wrQTuM-9-A2H3BucQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 3766 0
98 B 69ms
23ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvLw5Hp3M-VzdYXGUKYkWc2S6vVFtDki2rZi4tvZZvjs3uA9M38_R8VWRqL-ulcAx3-_WK3bWkHgdsBhnq8glq98C2F_Hv4dRV8&google_gid=CAESEIFSUziFkan79lOfXQAWAwo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame 3766
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO8...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13Mu...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1e74a359-089f-424a-a981-a022534ed103
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1e74a359-089f-424a-a981-a022534ed103
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d693bf65-e08c-4a70-a752-ad454071ad6a&user_group=1&ssp=google&bsw_param=1e74a359-089f-424a-a981-a022534ed103
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=HnSjWQifQkqpgaAiU07RAw==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1

43 B
145 B

9ms
8ms

Image
image/gif

18.184.93.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1
Protocol: H2
Server: 18.184.93.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-93-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3766
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277szh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOHkwq09_qcNF4hRbvlvGiQ&google_cver=1&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1MjUyNDc0NjU4NTU1MjY4MQ&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277s...

170 B
232 B

63ms
54ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1MjUyNDc0NjU4NTU1MjY4MQ&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277szhv6XnN1MrrJP1dVjexNhvvh90

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1MjUyNDc0NjU4NTU1MjY4MQ&google_push=Aer7DvIXZczhHyKHlLBpRx0JLQd4npGXtkUvtnWG_r1tWWlTBtkDdeitQzBRk7hd-Vcn3Y1fpo277szhv6XnN1MrrJP1dVjexNhvvh90
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3766
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJNlIAh5RhEyw44aiY1xMIA&google_cver=1&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefV...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJfuRCcWyE

170 B
232 B

55ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJfuRCcWyE

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLO7TIc0cgUpmYYQeJ1Kw3o3usElPS9T9BdF2Eu0EXJjLTqdctcx36Uu66eP0jGES4_y3EI-HKCIuWhJ3cenkefVrJfuRCcWyE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3766 0
49 B 141ms
43ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KR4vTCmpABaKjx67ZHFxwLbEG_9BC2PqmB6Z-U-u3m_i6F_SJGH0LcXL6D-eyLhlDnXGSn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED92 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=3452936507512671&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A158
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMiKU5DE8jQ1XXxF28SGbm8&google_cver=1&google_push=Aer7DvK4n2fK1zFLha-3zH4-ybkEZGzMNJnBCde44B0okSfJToz0hJhiNB...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK4n2fK1zFLha-3zH4-ybkEZGzMNJnBCde44B0okSfJToz0hJhiNBIFBcNanxxvQAiYrPQ1DPObQbpQ_-NBYJPI2MwiHCPtjexj&google_hm=xDLMCMxo...

170 B
232 B

55ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK4n2fK1zFLha-3zH4-ybkEZGzMNJnBCde44B0okSfJToz0hJhiNBIFBcNanxxvQAiYrPQ1DPObQbpQ_-NBYJPI2MwiHCPtjexj&google_hm=xDLMCMxoxP69ndw0ojySdw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK4n2fK1zFLha-3zH4-ybkEZGzMNJnBCde44B0okSfJToz0hJhiNBIFBcNanxxvQAiYrPQ1DPObQbpQ_-NBYJPI2MwiHCPtjexj&google_hm=xDLMCMxoxP69ndw0ojySdw
pragma: no-cache
date: Sat, 15 Apr 2023 11:00:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A158
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvJolNCyJDEYTMmmphWPg7L83jl2bc4HgAE90YCwir4...

170 B
232 B

55ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvJolNCyJDEYTMmmphWPg7L83jl2bc4HgAE90YCwir4cJ63N5NxfInkysGV3HDxGhDaTjc4D0X6tABPhQN-PsfeEo7dBw_JY6wPu

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 11:00:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-03d536d47c7b38dcc@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clJxWVVTU1oxUE5ERTA1&google_gid=CAESEElkmsmWGu6yo5fhm4OVom8&google_cver=1&google_push=Aer7DvJolNCyJDEYTMmmphWPg7L83jl2bc4HgAE90YCwir4cJ63N5NxfInkysGV3HDxGhDaTjc4D0X6tABPhQN-PsfeEo7dBw_JY6wPu
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A158
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEJoCRRHyJJ9ZrLy1bEZxew&google_cver=1&google_push=Aer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEJoCRRHyJJ9ZrLy1bEZxew&google_cver=1&google_push=Aer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_l...

43 B
414 B

222ms
191ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEJoCRRHyJJ9ZrLy1bEZxew&google_cver=1&google_push=Aer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b83af94fe5b049b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1217
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEJoCRRHyJJ9ZrLy1bEZxew&google_cver=1&google_push=Aer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIRE0FzrOZ45yFRkF-Ev1JlcKf3XIzU5WkAbH2fFKqp_Kl4irR4IDjCtuHaEJrsTHIkFS-uhzydIcSJAQkM5Im4Wv3cd_lq0cJn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b83af935b46049b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH0EqXH4aR5xWvRgzOBKKFk&google_push=Aer7DvJzehAnsjYMqJb0B226_-upZ6r0bEfWCr0p0Ymktsz1g8jVBF9SAW...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH0EqXH4aR5xWvRgzOBKKFk&google_push=Aer7DvJzehAnsjYMqJb0B226_-upZ6r0bEfWCr0p0Ymktsz1g8jVBF9SAWKsKBQdGGPh-6SRsLqm88vOUWI_AuD2pYl0L6Ho51BMm9s

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230114-FRA
pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681556437.176212,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH0EqXH4aR5xWvRgzOBKKFk&google_push=Aer7DvJzehAnsjYMqJb0B226_-upZ6r0bEfWCr0p0Ymktsz1g8jVBF9SAWKsKBQdGGPh-6SRsLqm88vOUWI_AuD2pYl0L6Ho51BMm9s
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A158
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDCpkqFFAQMDRu-HxO1pPXw&google_cver=1&google_push=Aer7DvLZQoPGersRhoGGk9JT5qMjJ54cfZj21Ztck-o1CORiSAWNttGS_qCisizQHRpwq1hlxN0kbDHkrZH7obxoLOw7...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b0f4074a-68a2-42cd-9bee-1583dfea6dd2&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO87iIsP0o2bo8&google_hm=HnSjWQifQkqpgaAiU07R...

170 B
188 B

45ms
45ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO87iIsP0o2bo8&google_hm=HnSjWQifQkqpgaAiU07RAw==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvImeB5vMlFl1oNKObrp-GA4KttD80Y57v4APqIKMeh63UDFwyQMpIKZYAa8np-Dl7oBY8Lzb9_mPd13MuASJVO87iIsP0o2bo8&google_hm=HnSjWQifQkqpgaAiU07RAw==
date: Sat, 15 Apr 2023 11:00:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A158
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELp9kk9n7Z7OwtUiLkCh1eM&google_cver=1&google_push=Aer7DvKmmVsRpp7CgETtZoIpSiTeyM8aSaDJ26dRXPrEjU4mf2Qw40Qu0ucatbVhYhZ0gZ-EPb_MDI96JAJoRhFJxUYhl30...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKmmVsRpp7CgETtZoIpSiTeyM8aSaDJ26dRXPrEjU4mf2Qw40Qu0ucatbVhYhZ0gZ-EPb_MDI96JAJoRhFJxUYhl30EBxIZMww&google_hm=eS0zNHgzMWRsRTJwRm9...

170 B
232 B

53ms
44ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKmmVsRpp7CgETtZoIpSiTeyM8aSaDJ26dRXPrEjU4mf2Qw40Qu0ucatbVhYhZ0gZ-EPb_MDI96JAJoRhFJxUYhl30EBxIZMww&google_hm=eS0zNHgzMWRsRTJwRm9FTkJQbzVocjl2WWRQUVBnWTl3VX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 11:00:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKmmVsRpp7CgETtZoIpSiTeyM8aSaDJ26dRXPrEjU4mf2Qw40Qu0ucatbVhYhZ0gZ-EPb_MDI96JAJoRhFJxUYhl30EBxIZMww&google_hm=eS0zNHgzMWRsRTJwRm9FTkJQbzVocjl2WWRQUVBnWTl3VX5B
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame A158
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOjvKFXjjDl7JaIoqAOMuEA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLR98TaDa_C4R7FId3Q-Rg-ZHRKzThPpY5om8nsIVA1y0BD2Y-HAMMnIm5lPZjfmH3uLuD22uuqgPmacfZSPCNEyiLABPi4Vvq66A
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

42ms
40ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Sat, 15 Apr 2023 11:00:37 GMT
pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A158 0
40 B 78ms
51ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KC-AmyZavJp0SZtAGKeoRh6gyJvPmVMPqWiY6bRT2aLRlmyIMAIu4ZF4-94RoXAsIYNQj_KQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4235295560895765067
tpc.googlesyndication.com/daca_images/simgad/ Frame 7B92 31 KB
31 KB 193ms
193ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4235295560895765067?w=360&h=640

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dd09164d75ef5daf5f60a6ef05beb4c0a03bcc46d9ef83e9509ce2451b32a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31329
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:47:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Apr 2023 11:00:37 GMT

GET
DATA 200
OK truncated
/ Frame 7B92 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 698efeb7ce8d1839c83d386023ef289fc1d51287e629befad03d139ede557a47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 171C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:00:37 GMT
expires: Sat, 15 Apr 2023 11:00:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:00:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 45DB 36 KB
14 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B92 0
19 B 108ms
108ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czmxd04M6ZJ-4Ac2KrASZx66IDYfkt4Nw-_CJ_50R6Kq2lYsDEAEg3u7XMGCV4pCCoAegAZKZq_wCyAEBqAMByAPLBKoExAFP0Ls6KUy4roxfSPGvt9DsT13Optv1MbCNM1UDXCZgLvjwPrMLnNh5H8Ta0aokncfQ40V8FDUYeGCq3a55J4pcikwhGsvOQOT2vQb_12gc2kucj5IYWrq097me2r0Vsi5QuPuudAoAowzCZNIQ5ohCh5joytP7vW_yOKVArNfmXDUijbJ1F90RCdPW8eFCXCg2bbZmQNZ35rpAKcO-cApFReWQUmAR3hf6c99xi7Mus1qy4FVKURu_XV1lF3jcaUFidopswASg282U2wOSBQQIBBgBkgUECAUYBKAGAoAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCPiTLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NzIxMTA1NTc0MTM2OTA5GAA&sigh=MQWunAHQRCk&uach_m=[UACH]&cid=CAQSKQBygQiDsBehGFklBv4eJ7psBiqHXrPsUAOF6yLNZ-YQPcLWz84UP2UaGAE&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 11:00:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 11185077496034125231
tpc.googlesyndication.com/daca_images/simgad/ Frame 54D3 34 KB
35 KB 65ms
65ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11185077496034125231?w=360&h=640

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c941e452327118d7d26576846b4c981e7c048f6dad3c7145af0d9758909b1791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 15:34:17 GMT
x-content-type-options: nosniff
age: 69980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35303
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 22:12:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 15:34:17 GMT

GET
DATA 200
OK truncated
/ Frame 54D3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b9a3754ea2937cb8d64c9ea92b8d39c8caf14a0fe485ec291ea1855d87fd03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0717 36 KB
14 KB 63ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: mdundo.com
URL: https://mdundo.com/loginfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54D3 0
19 B 93ms
84ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxpX804M6ZKC4Ac2KrASZx66IDfvLrYVwnfbuke4Q5IK7-5oCEAEg3u7XMGCV4pCCoAegAZ74pfYoyAEBqAMByAPLBKoExwFP0HlrvuCmGtqIDOH2yUGGMbEQIGIDx0DzBSEP1KV4HXSP7zMJRe1T8aLhLc0LuTHCtEzmeYitlAXj5GbYWa7WXzdKXMlX7xhuvinxi6Q0VJLJYUFw8FDuQjLWXzwTWJDOfPDaNklUDQV42-Dt7yPmH3y9Wx6nB1tWrlk6bsW01Fi6GPdJs6e9RwvBFbkJlEv-ePL5Q6Oau3rJXDUpOaw8pQ65OAUBoSzHHP_htDwLpx-h9JeBXhPMa7YM_I5-NqhK7ooEDDa6wASBwbGIpwSSBQQIBBgBkgUECAUYBKAGAoAH7ND01QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCAnogB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNDcyMTEwNTU3NDEzNjkwORgA&sigh=qLIlSPXrkBY&uach_m=[UACH]&cid=CAQSKQBygQiDsBehGFklBv4eJ7psBiqHXrPsUAOF6yLNZ-YQPcLWz84UP2UaGAE&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 11:00:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0A9A 0
10 B 35ms
34ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aCLQzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:00:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B92 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2gmW5IyfQXb_DDZYv5OK5V_X7G_aGPbMpLWHzpRfGFfWyEyDsiA_8teNehSlMBmsiL3B8SSARNavY5FM4BpQlhswF9F8h6J1OR6G_vansVQ3Vytgs_w3JRazgn2_vraGEJo1tXA&sai=AMfl-YTbvY8yIsfyxQpFD54V0x9EYt76lXZDH8TIOSZvZ2g-pmkkTTdr1pR1PWwe9XOGQFTomqx1rIBcs22tHrDO19vr8shqs01I3jg&sig=Cg0ArKJSzMujYasZZf2LEAE&cid=CAQSKQBygQiDsBehGFklBv4eJ7psBiqHXrPsUAOF6yLNZ-YQPcLWz84UP2UaGAE&id=lidar2&mcvt=1000&p=-72,0,428,200&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1272721404&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681556436584&rpt=392&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54D3 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxpnkqCds-FVufPqz2OlPNNaXp9Rxy1XiLl37nD85Qb9Hy1teytfYgmUn_GEewee6-4vJrFlA-xaGpcierrmL17rKBfjjPpZnwCg6QKvxd50KYz_RmhpDfWpp5pyjxI9Syt1QQLg&sai=AMfl-YQtOTVyfVFtBpFWyc5E4pPk9LJS7MpyukC6ylXG-T_bUG6QsLaaMU6i1AYMHxqfGkX17p2LDzY1pXnDcmS_3TsDzpI9KBsnZF0&sig=Cg0ArKJSzAFfcrd2hF_lEAE&cid=CAQSKQBygQiDsBehGFklBv4eJ7psBiqHXrPsUAOF6yLNZ-YQPcLWz84UP2UaGAE&id=lidar2&mcvt=1000&p=-72,0,428,200&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1272721403&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681556436588&rpt=495&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:00:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=3452936507512671&bg=!1Nel14PNAAZA7GLoYOw7ADkAdvg8Wu1jbWW8D7de9Z84PK75OWsZK4kDSU_Ok3Ijdi4WtrBDUMSO1aGG85mjoxxKdWd-6TkcZ24CAAAClVIAAAACaAEHmQLkExIJ-FJMWPdl3ZpvKkdOidr9cn-JGesR41iTw5KdwvfVutw-dNWZq_o3j6u2pd1cTs7TehLx5kOYW3swAVBwiXSaLeGJYMS_9ivhTR84O0XveBLU8h0kgHSKRf4QJc37SvyC6Pzbw9T3Oby56lB9zSH79huSVH502PDElw72zLCINjt8Tu7sAogb0CBlS_0RJ8nfvcuxhjQbZwdzqVvT92Y_h49xMvQAhNWDA7u-SrLM-z6lGGaoJG8517DaDrjd79YekjGJdS69_LsRcM4ykgObD7CwwpfSnAim8yRizgMbNDIop3PCPoTZMfucmk8A6C2tPXgw8sTeKCh40xS_D_nB8xo3oNX2UvYSBsPl9n9ROQE07yolAInBPq-ksSC4GSwEMrB8yzW1qmBYu0JeLCJ3slWvoUJFwydHeBeQNu4UucdexLCBpLASrw6OS4R4DUV77fnYagGSqRTZyT3zk3vJZHycLaLdisAPNfWqxqka29U6GVUgI8SKeKVPIptIlUBVfsU04bCYSw6Uc0Su1jqkWQwnkWBWmat5JCGTXxpqqt6zbgQAvoOlIErT0lEENELK2ac9_blx4ntlTu4_YrOGifSZAK7g-F2ZERyGzj3lj5OvHyg1meWQRUk0yXuKt-qhU4yXz66Z0nquKVxen7g4vBg8xgU5EqoBFUfaW8RSlxLulXR92GZl2DLr220RIP4bB87JkjBveQ0GxhFpCgPgtO4vdZuxQgeC3k4Qlibi4USrHbklOU4adZl-b9kRFHSLQl49yLZRLvAoHFX47dVRBpa4KP5qAzfGwQxbulQdxMKgJwbEGdGISe2ntnY2HMPEtk1d_uduEdg-LC0Pi9Ne41yP5F2FF7hd6CCgVWCBN_GdANidGcK55N7W6N6CcjxLvItUsBi1TjklfWOm1ZBikqSDzSf-F9eht3yfa1y7OzIkrlvA77WkBjdj2mPjzbePySlrYof2EY8h9d_LIY0dfq0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mdundo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Login%20to%20continue&time=1681556434427&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fmdundo.com%2Floginfb&random_number=127212578&sess_cookie=68ce37d21878492edf9601a0831&sess_cookie_flag=1&user_cookie=68ce37d21878492edf9601a0831&user_cookie_flag=1&dynamic=true&domain=mdundo.com&account=AxVyr1zDGU20kU&jsv=20130128&user_lang=en-US

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mdundo.com/	1970-01-20 11:05:57	Name: mdundo_session Value: 9hpdjpima14lklm15i87cfvjio
mdundo.com/	1970-01-20 11:07:22	Name: mobile Value: 0
.mdundo.com/	1970-01-20 11:05:58	Name: __asc Value: 68ce37d21878492edf9601a0831
.mdundo.com/	1970-01-20 19:52:58	Name: __auc Value: 68ce37d21878492edf9601a0831
.mdundo.com/	1970-01-20 20:41:56	Name: _ga Value: GA1.2.307114816.1681556435
.mdundo.com/	1970-01-20 11:07:22	Name: _gid Value: GA1.2.1078347833.1681556435
.mdundo.com/	1970-01-20 11:05:56	Name: _gat Value: 1
mdundo.com/	1970-01-20 11:07:22	Name: visited Value: 1
mdundo.com/	1970-01-20 11:07:22	Name: clientId Value: 307114816.1681556435
.mdundo.com/	1970-01-20 20:27:32	Name: __gads Value: ID=85978dde51f0974a-2216d89d99dd0049:T=1681556435:RT=1681556435:S=ALNI_MarYQA12xBptJ6mrVbK1jApnxnqBA
.mdundo.com/	1970-01-20 20:27:32	Name: __gpi Value: UID=00000bd67d2ed6b9:T=1681556435:RT=1681556435:S=ALNI_MZBVMo9cpI_8rSHWedJyY4Jgy7e4A
.doubleclick.net/	1970-01-20 20:27:32	Name: IDE Value: AHWqTUky9ArPiyCbYTnEy7-tLlMQRLqb8OAp9eiEtEe56C7FCzyA6raHJGF6QUOSdG8
.quantserve.com/	1970-01-20 13:15:32	Name: d Value: EFEBCQHhKIEA
.quantserve.com/	1970-01-20 20:36:10	Name: mc Value: 643a83d4-e19a0-cb3fe-cb801
.bidswitch.net/	1970-01-20 19:51:32	Name: tuuid Value: 1e74a359-089f-424a-a981-a022534ed103
.bidswitch.net/	1970-01-20 19:51:32	Name: c Value: 1681556436
.bidswitch.net/	1970-01-20 19:51:32	Name: tuuid_lu Value: 1681556436
.w55c.net/	1970-01-20 20:36:10	Name: wfivefivec Value: rRqYUSSZ1PNDE05
.ctnsnet.com/	1970-01-20 19:51:32	Name: gid_CAESEKkDHbg53VvnrUuDSHh_zgI Value: 1
.ctnsnet.com/	1970-01-20 19:51:32	Name: cid_69be3bbf6c2b413b8cfbdf80d87dc1b9 Value: 1
.ctnsnet.com/	1970-01-20 19:51:32	Name: cid_63b2be3900904a85aa6574ef1524fa37 Value: 1
.w55c.net/	1970-01-20 11:49:08	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 15:25:08	Name: uid Value: 3400793070571746521
.de17a.com/	1970-01-20 19:44:20	Name: guid Value: 1.5669503061247511431
.adform.net/	1970-01-20 11:49:08	Name: C Value: 1
.yahoo.com/	1970-01-20 19:51:54	Name: A3 Value: d=AQABBNWDOmQCEMozugYB7jRPBo7e0ha5newFEgEBAQHVO2REZAAAAAAA_eMAAA&S=AQAAAuPtDGkuBKXaHG4sriwucyA
.adform.net/	1970-01-20 12:32:20	Name: uid Value: 2470084959402913456
.doubleclick.net/	1970-01-20 11:06:00	Name: DSID Value: NO_DATA
.sportradarserving.com/	1970-01-20 19:51:32	Name: zuuid Value: b0f4074a-68a2-42cd-9bee-1583dfea6dd2
.sportradarserving.com/	1970-01-20 19:51:32	Name: c Value: 1681556437
.sportradarserving.com/	1970-01-20 19:51:32	Name: zuuid_lu Value: 1681556437
.sportradarserving.com/	1970-01-20 19:51:32	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 19:51:32	Name: zuuid_k_lu Value: 1681556437
.everesttech.net/	1970-01-20 19:51:32	Name: everest_g_v2 Value: g_surferid~ZDqD1QAC9KcjeQBa
.tribalfusion.com/	1970-01-20 13:15:32	Name: ANON_ID Value: annseFoZdUQdR2Hp9vcgi9ZbYGyIsLrxcootpbAx8DGuQhak38ZaZaPV9HgXjldS3kSXPg2OER0LRAN1QAF4RUwF
pool.admedo.com/	1970-01-20 19:51:32	Name: tuuid Value: d693bf65-e08c-4a70-a752-ad454071ad6a
pool.admedo.com/	1970-01-20 19:51:32	Name: c Value: 1681556437
pool.admedo.com/	1970-01-20 19:51:32	Name: tuuid_lu Value: 1681556437

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Login%20to%20continue&time=1681556434427&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fmdundo.com%2Floginfb&random_number=127212578&sess_cookie=68ce37d21878492edf9601a0831&sess_cookie_flag=1&user_cookie=68ce37d21878492edf9601a0831&user_cookie_flag=1&dynamic=true&domain=mdundo.com&account=AxVyr1zDGU20kU&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvLw5Hp3M-VzdYXGUKYkWc2S6vVFtDki2rZi4tvZZvjs3uA9M38_R8VWRqL-ulcAx3-_WK3bWkHgdsBhnq8glq98C2F_Hv4dRV8&google_gid=CAESEIFSUziFkan79lOfXQAWAwo&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
a92efe48b5038aa45778b03b920eba2c5.profile.den52-c1.cloudfront.net
ad.turn.com
adservice.google.com
adservice.google.de
c1.adform.net
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id.rlcdn.com
match.adsrvr.org
mdundo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.tribalfusion.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
certify.alexametrics.com
104.102.35.84
108.138.17.18
142.250.184.194
142.250.186.98
15.197.193.217
151.101.66.49
159.69.149.44
18.184.93.146
2001:678:cb4:bbbb::11
213.155.156.182
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9c
2a05:d018:d29:3605:398b:a04b:d794:3da4
3.124.143.199
3.125.54.52
35.186.193.173
35.210.53.219
35.244.174.68
37.157.2.234
52.13.189.96
65.8.234.54
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11b8f67c842cd30296045ea9e03a39881951bb458f70b7b229381ccfac676ab5
11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2dd09164d75ef5daf5f60a6ef05beb4c0a03bcc46d9ef83e9509ce2451b32a6d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332fbecd639ed92efea139f6d76c5ad38f3680a2cddf540f1fe289a1a79ca65a
3671881892bbac652c4c7e8a8481f0e7f9b3d0b662107cc35db6c95b6c6d3947
39327a35fb8377eb81a97afbd6fa5c6553c14451b0de199a41ab38d7d527be42
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b4623dcf73eed08e1b1f1647f5930eaceb8cd577e113cf1d55871edbf74a2e1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f91c1a82b10ae7114c24b5209184946d2077504317445146b12ad241f5faf45
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e046398f9d9641640adf9f3a0261655e9aa772113d08ddee736d132b414ca2
58c556a77e1091ea10a769e3dcd5f78ce23da8b8f8cecc5e0c6bec4f6982a19a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59d72c6cc9306c44a085451865222231ab0ef84b4c6bbbbfde0933531fa92249
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67e3252b91889bf16e4e28affed531d22ff53cbc5d3f166f5e878e00e44006be
698efeb7ce8d1839c83d386023ef289fc1d51287e629befad03d139ede557a47
700152000df3a6ac1ac70c078b5554f974e2d93be0113a9aab46a65d36b7d53c
7b3351df0a6eb5434aa8703ee3148d365d07f6a9048d5469bdcfa7b352e5010e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9065536161996d42964f03bdf5d13d72e504ef7f4cf5c5ad257893a4ce514680
95f5781079435ee28d5944187bf013b60680a54311038914048c7d426940f14e
98b9a3754ea2937cb8d64c9ea92b8d39c8caf14a0fe485ec291ea1855d87fd03
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b0f6dfbdb0c4661c98625afa1b6e73167265db04cbfc21f7347abe74c561a91e
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
c3ac8f8e7ca28c015328c1c7107d63abde799529cde0cd99e026410b2c0fbc95
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c734b0c73ede2b80c38da454f7f032b1fdc89c6ca267f6cb04dde785f7dd8cf7
c941e452327118d7d26576846b4c981e7c048f6dad3c7145af0d9758909b1791
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
d14fd5e2878e4af0e1e5d59fbb18d86fa17cf34bf15506ee64770828f79f4352
d94ecbb36b187419e8cb28e32611859fdb6afe50c340e764588b42befaf0eb2c
db207e79fda637962b2b471ed29e9b8f96a1cee636b4109415566fad776b4c42
e3792b26878c08fef3901b4a2be810c3b5f686a0511563dda0fcb0d82b81225d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28d52566e06d7573ca2c0192e3024140b00cc37a4d45eedfd037bd363a0bb6e
f4a7da8fbb125aaa25e76f6c32e394ab35051cbf3454c0c14192b33dc32db5dd
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fe01291528467c7ac5397942f89ede78d097d9112261d9abc4b6c82218522d32
ffe9f5af1f80a9ba2f3208eb78ffcc24421bdbdd2964fa9799e055091a0970f8

mdundo.com Open in urlscan Pro 159.69.149.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

83 %HTTPS

53 %IPv6

28 Domains

39 Subdomains

28 IPs

7 Countries

1065 kBTransfer

2980 kBSize

38 Cookies

6 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mdundo.com Open in urlscan Pro
159.69.149.44 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

83 %
HTTPS

53 %
IPv6

28
Domains

39
Subdomains

28
IPs

7
Countries

1065 kB
Transfer

2980 kB
Size

38
Cookies

115 HTTP transactions
2 data transactions