mgoblog.com Open in urlscan Pro
2606:4700:20::681a:294 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mgoblog.com/
Effective URL:
https://mgoblog.com/
Submission Tags: tranco_l324
Submission: On November 10 via api (November 10th 2021, 7:02:10 am UTC) from DE — Scanned from DE

Summary HTTP 583 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 90 IPs in 7 countries across 60 domains to perform 583 HTTP transactions. The main IP is 2606:4700:20::681a:294, located in United States and belongs to CLOUDFLARENET, US. The main domain is mgoblog.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time mgoblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 102	2606:4700:20:... 2606:4700:20::681a:294	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
23	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5 26	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 11	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	52.74.177.52 52.74.177.52	16509 (AMAZON-02) (AMAZON-02)
1	44.227.231.197 44.227.231.197	16509 (AMAZON-02) (AMAZON-02)
4	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
1	2600:9000:211... 2600:9000:211e:7000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1 10	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
11	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
6	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
6	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
6	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
10	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	52.206.110.153 52.206.110.153	14618 (AMAZON-AES) (AMAZON-AES)
1	52.0.73.248 52.0.73.248	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	54.187.25.111 54.187.25.111	16509 (AMAZON-02) (AMAZON-02)
1	52.25.225.148 52.25.225.148	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
2 9	44.240.108.244 44.240.108.244	16509 (AMAZON-02) (AMAZON-02)
4 4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 14	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
31	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	3.221.83.174 3.221.83.174	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	37.187.27.147 37.187.27.147	16276 (OVH) (OVH)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.157.213.64 18.157.213.64	16509 (AMAZON-02) (AMAZON-02)
1	35.84.44.29 35.84.44.29	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
22	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	13.35.253.60 13.35.253.60	16509 (AMAZON-02) (AMAZON-02)
2	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
1	54.85.167.1 54.85.167.1	14618 (AMAZON-AES) (AMAZON-AES)
1	51.89.21.21 51.89.21.21	16276 (OVH) (OVH)
1	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1	34.210.245.148 34.210.245.148	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	5.135.141.80 5.135.141.80	16276 (OVH) (OVH)
8	2600:9000:214... 2600:9000:214f:1c00:1e:8f08:2900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.232.180.222 34.232.180.222	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	13.37.59.66 13.37.59.66	16509 (AMAZON-02) (AMAZON-02)
4	13.32.21.201 13.32.21.201	16509 (AMAZON-02) (AMAZON-02)
2	3.86.21.221 3.86.21.221	14618 (AMAZON-AES) (AMAZON-AES)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400f:80c::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:4c::6	15169 (GOOGLE) (GOOGLE)
1 2	34.253.169.181 34.253.169.181	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211e:ac00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:112:f000... 2620:112:f000:bbbb::11	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	18.185.182.242 18.185.182.242	16509 (AMAZON-02) (AMAZON-02)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	3.219.181.211 3.219.181.211	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:813::200e	() ()
583	90

102 2606:4700:20::681a:294 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mgoblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

waa-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.177.52 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-177-52.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.231.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-231-197.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.110.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-110-153.compute-1.amazonaws.com

px.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.73.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-73-248.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.25.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-25-111.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.225.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-225-148.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.45 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 44.240.108.244 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-108-244.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.221.83.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-83-174.compute-1.amazonaws.com

content.predictinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.27.147 (France)

ASN16276 (OVH, FR)
PTR: js12.adlooxtracking.com

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.213.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-213-64.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.84.44.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-44-29.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-60.fra6.r.cloudfront.net

w1.predictinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.167.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-167-1.compute-1.amazonaws.com

yeti.predictinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.245.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-245-148.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.141.80 (France)

ASN16276 (OVH, FR)
PTR: hap2.adventori.com

adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:214f:1c00:1e:8f08:2900:93a1 (United States)

ASN16509 (AMAZON-02, US)

image.predictinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.180.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-180-222.compute-1.amazonaws.com

prod-tw-api.predictinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.37.59.66 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-59-66.eu-west-3.compute.amazonaws.com

tk.airfrance.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.86.21.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-21-221.compute-1.amazonaws.com

report2.hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400f:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:4c::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6nzs.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.169.181 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:ac00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f000:bbbb::11 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.182.242 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-182-242.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.219.181.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-181-211.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	mgoblog.com 1 redirects mgoblog.com	2 MB
88	googlesyndication.com pagead2.googlesyndication.com 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com tpc.googlesyndication.com e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com ade.googlesyndication.com	736 KB
77	doubleclick.net 12 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net	774 KB
47	youtube.com www.youtube.com	3 MB
26	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	289 KB
24	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5e6nzs.c.2mdn.net	5 MB
18	google.com 1 redirects www.google.com adservice.google.com play.google.com	71 KB
17	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com cdn.adnxs.com fra1-ib.adnxs.com acdn.adnxs.com	85 KB
16	pubmatic.com 7 redirects ads.pubmatic.com hbopenbid.pubmatic.com image2.pubmatic.com image8.pubmatic.com image6.pubmatic.com	117 KB
14	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	97 KB
14	predictinteractive.com content.predictinteractive.com w1.predictinteractive.com yeti.predictinteractive.com image.predictinteractive.com prod-tw-api.predictinteractive.com	168 KB
13	googletagservices.com www.googletagservices.com	366 KB
13	yahoo.com 2 redirects c2shb.ssp.yahoo.com ups.analytics.yahoo.com	2 KB
13	googleapis.com storage.googleapis.com fonts.googleapis.com waa-pa.googleapis.com imasdk.googleapis.com	620 KB
12	ad.gt 2 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	17 KB
12	casalemedia.com 3 redirects as-sec.casalemedia.com htlb.casalemedia.com dsum-sec.casalemedia.com	7 KB
8	criteo.com 2 redirects gum.criteo.com mug.criteo.com	2 KB
7	rubiconproject.com fastlane.rubiconproject.com token.rubiconproject.com	7 KB
7	brainlyads.com hb.brainlyads.com report2.hb.brainlyads.com	171 KB
6	lijit.com ap.lijit.com	4 KB
6	33across.com ssc.33across.com	1 KB
6	a-mo.net prebid.a-mo.net	1 KB
5	ytimg.com i.ytimg.com	279 KB
5	ggpht.com yt3.ggpht.com	21 KB
5	powerad.ai powerad.ai reporting.powerad.ai	40 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
4	fastly.net confiant-integrations.global.ssl.fastly.net	193 KB
4	google.de adservice.google.de	1 KB
4	google-analytics.com www.google-analytics.com	23 KB
3	airfrance.fr tk.airfrance.fr	6 KB
3	adlooxtracking.com j.adlooxtracking.com data00.adlooxtracking.com	62 KB
3	adsrvr.org 1 redirects match.adsrvr.org	2 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	facebook.com www.facebook.com	442 B
2	openx.net 2 redirects u.openx.net	878 B
2	facebook.net connect.facebook.net	115 KB
2	4dex.io script.4dex.io	23 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
1	blismedia.com tr.blismedia.com	142 B
1	simpli.fi 1 redirects um.simpli.fi	710 B
1	adventori.com adventori.com	17 KB
1	sharedid.org id.sharedid.org	211 B
1	crwdcntrl.net id.crwdcntrl.net	335 B
1	id5-sync.com id5-sync.com	529 B
1	clarium.io protected-by.clarium.io	345 B
1	jsdelivr.net cdn.jsdelivr.net	9 KB
1	contextweb.com 1 redirects bh.contextweb.com	556 B
1	taboola.com trc.taboola.com	238 B
1	aufp.io aufp.io	3 KB
1	thrtle.com thrtle.com
1	britepool.com 1 redirects px.britepool.com api.britepool.com Failed	650 B
1	quantcount.com rules.quantcount.com	439 B
1	zprk.io pixel.zprk.io	3 KB
1	googleadservices.com partner.googleadservices.com	406 B
1	rlcdn.com api.rlcdn.com	325 B
1	googletagmanager.com www.googletagmanager.com	42 KB
1	indexww.com js-sec.indexww.com	13 KB
1	paypalobjects.com www.paypalobjects.com	982 B
0	atdmt.com Failed ad.atdmt.com Failed
583	60

	Domain	Requested by
102	mgoblog.com	1 redirects mgoblog.com
47	www.youtube.com	mgoblog.com www.youtube.com
47	pagead2.googlesyndication.com	mgoblog.com pagead2.googlesyndication.com tpc.googlesyndication.com 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com www.googletagservices.com s0.2mdn.net srcdoc securepubads.g.doubleclick.net c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net
31	tpc.googlesyndication.com	mgoblog.com googleads.g.doubleclick.net tpc.googlesyndication.com 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net pagead2.googlesyndication.com c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com imasdk.googleapis.com ad.doubleclick.net
26	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com www.youtube.com mgoblog.com googleads.g.doubleclick.net 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
22	s0.2mdn.net	mgoblog.com s0.2mdn.net imasdk.googleapis.com c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com ad.doubleclick.net
20	securepubads.g.doubleclick.net	mgoblog.com securepubads.g.doubleclick.net www.googletagservices.com storage.googleapis.com
14	cm.g.doubleclick.net	7 redirects mgoblog.com googleads.g.doubleclick.net c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
13	www.googletagservices.com	googleads.g.doubleclick.net mgoblog.com 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com hb.brainlyads.com securepubads.g.doubleclick.net c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com www.googletagservices.com ad.doubleclick.net
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com mgoblog.com
11	c2shb.ssp.yahoo.com	storage.googleapis.com
11	www.google.com	1 redirects www.youtube.com 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com tpc.googlesyndication.com c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
10	www.gstatic.com	www.youtube.com www.gstatic.com
10	ib.adnxs.com	1 redirects storage.googleapis.com acdn.adnxs.com googleads.g.doubleclick.net
9	dt.adsafeprotected.com	c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
9	ids.ad.gt	2 redirects mgoblog.com
8	image.predictinteractive.com	mgoblog.com
7	googleads4.g.doubleclick.net	mgoblog.com ad.doubleclick.net
6	ap.lijit.com	storage.googleapis.com
6	htlb.casalemedia.com	storage.googleapis.com
6	ssc.33across.com	storage.googleapis.com
6	fastlane.rubiconproject.com	storage.googleapis.com
6	prebid.a-mo.net	storage.googleapis.com
6	hbopenbid.pubmatic.com	storage.googleapis.com
5	ade.googlesyndication.com	mgoblog.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
5	hb.brainlyads.com	powerad.ai mgoblog.com
5	i.ytimg.com	www.youtube.com
5	yt3.ggpht.com	www.youtube.com
5	static.doubleclick.net	www.youtube.com
5	storage.googleapis.com	mgoblog.com storage.googleapis.com
4	csi.gstatic.com	imasdk.googleapis.com
4	c.amazon-adsystem.com	hb.brainlyads.com c.amazon-adsystem.com
4	fra1-ib.adnxs.com	mgoblog.com cdn.adnxs.com
4	image2.pubmatic.com	4 redirects
4	mug.criteo.com	mgoblog.com
4	gum.criteo.com	2 redirects
4	confiant-integrations.global.ssl.fastly.net	mgoblog.com confiant-integrations.global.ssl.fastly.net storage.googleapis.com
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	waa-pa.googleapis.com	www.youtube.com
4	www.google-analytics.com	mgoblog.com www.google-analytics.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
3	tk.airfrance.fr	s0.2mdn.net tk.airfrance.fr
3	image8.pubmatic.com	2 redirects mgoblog.com
3	content.predictinteractive.com	mgoblog.com content.predictinteractive.com storage.googleapis.com
3	reporting.powerad.ai	powerad.ai
3	match.adsrvr.org	1 redirects js-sec.indexww.com ads.pubmatic.com
2	play.google.com	www.youtube.com
2	ups.analytics.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	pixel.adsafeprotected.com	1 redirects c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
2	c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pubads.g.doubleclick.net	imasdk.googleapis.com mgoblog.com
2	report2.hb.brainlyads.com	hb.brainlyads.com
2	imasdk.googleapis.com	storage.googleapis.com imasdk.googleapis.com
2	data00.adlooxtracking.com	j.adlooxtracking.com
2	www.facebook.com	mgoblog.com
2	ad.doubleclick.net	mgoblog.com www.googletagservices.com
2	u.openx.net	2 redirects
2	connect.facebook.net	p.ad.gt connect.facebook.net
2	65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
2	script.4dex.io	storage.googleapis.com script.4dex.io
2	ads.pubmatic.com	mgoblog.com
2	powerad.ai	storage.googleapis.com powerad.ai
2	fonts.googleapis.com	mgoblog.com tpc.googlesyndication.com
1	image6.pubmatic.com	1 redirects
1	tr.blismedia.com	c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	r1---sn-4g5e6nzs.c.2mdn.net	mgoblog.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	prod-tw-api.predictinteractive.com	w1.predictinteractive.com
1	adventori.com	s0.2mdn.net
1	id.sharedid.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	yeti.predictinteractive.com	content.predictinteractive.com
1	w1.predictinteractive.com	content.predictinteractive.com
1	acdn.adnxs.com	mgoblog.com
1	pixels.ad.gt	p.ad.gt
1	protected-by.clarium.io	mgoblog.com
1	cdn.adnxs.com	mgoblog.com
1	j.adlooxtracking.com	mgoblog.com
1	cdn.jsdelivr.net	mgoblog.com
1	bh.contextweb.com	1 redirects
1	trc.taboola.com	mgoblog.com
1	token.rubiconproject.com	mgoblog.com
1	secure.adnxs.com	1 redirects
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	thrtle.com	mgoblog.com
1	px.britepool.com	1 redirects
1	pixel.quantserve.com	mgoblog.com
1	rules.quantcount.com	secure.quantserve.com
1	a.ad.gt	mgoblog.com
1	pixel.zprk.io	powerad.ai
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.quantserve.com	www.googletagmanager.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com ads.pubmatic.com
1	www.googletagmanager.com	mgoblog.com
1	js-sec.indexww.com	storage.googleapis.com
1	www.paypalobjects.com	mgoblog.com
0	api.britepool.com Failed	ads.pubmatic.com
0	ad.atdmt.com Failed	mgoblog.com
583	109

This site contains links to these domains. Also see Links.

Domain
www.quantcast.com
mgoblogstore.com
www.flickr.com
www.amazon.com
basketball.realgm.com
theathletic.com
www.paypal.com
www.facebook.com
instagram.com
twitter.com
www.instagram.com
itunes.apple.com
www.wtka.com
www.human-element.com
nextmillennium.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-09-28` - `2022-01-11`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.zprk.io DigiCert TLS RSA SHA256 2020 CA1	`2020-12-11` - `2021-12-15`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.predictinteractive.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.adlooxtracking.com R3	`2021-09-06` - `2021-12-05`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
*.adventori.com R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
tk.airfrance.fr R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
report2.hb.brainlyads.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 50 frames:

Primary Page: https://mgoblog.com/
Frame ID: 7467BD6D0CBFA031F12147FBBF410F95
Requests: 234 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
Frame ID: 7DF74C61BAD4B7B27153D18F52B8D2EC
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
Frame ID: D0FC69F7C8FB889D5E7E613ACC06DBA8
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Wv66JRknCs0?start=73
Frame ID: 9C0EE1D18D53D9E2BEEEE24EBF67AFC4
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
Frame ID: C87142CFAC0FB35AD240D1A6EC859CD6
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GWbIicSNti8
Frame ID: CED5FA66B83CD6D57A1218FE527DB47D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Frame ID: CA5A12B3E88CD26F32853459680B6EA1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 7D78AF9748201A999FB2DF210087C494
Requests: 3 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: ABA103CEEB52FAD6D3CF9AB5B92AC27E
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 230BE9B385AD1147818CE09078D64315
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: AB312E3B75C09EA775926605C19570D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&h=600&slotname=5906251774&adk=2132498600&adf=424694094&pi=t.ma~as.5906251774&w=284&fwrn=4&fwrnh=100&lmt=1636527611&rafmt=1&psa=0&format=284x600&url=https%3A%2F%2Fmgoblog.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692640&bpp=5&bdt=805&idt=1747&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=5305611325941&frm=20&pv=2&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1036&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ciXTz0Y0B&p=https%3A//mgoblog.com&dtd=1764
Frame ID: AB304D02775E9AEF94C6B08A9524954E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&adk=1812271804&adf=3025194257&lmt=1636527611&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmgoblog.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692702&bpp=8&bdt=868&idt=1803&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x600&nras=1&correlator=5305611325941&frm=20&pv=1&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1810
Frame ID: 0C73A5D60EC07ECF989AD268C45E0A10
Requests: 1 HTTP requests in this frame

Frame: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5022224AA9C0E065AE6B7946ADD37E21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html
Frame ID: 46C4073B519CC12B0399DBEFBE04E691
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjIeHTm6LYeiHHNSq3gPSsbzwAumbmIZjpfvVtukN2tkeEAEgxKuXBGCV-vCBjAegAZSytP8DyAEJqQLkM-6wOnKzPqgDAcgDSKoEwwFP0IIGNCG_7hkSacBwf061apQJZtZJbPQHi-fb1t4aAkzF-9rkmVD3vwoX_LEIFuF8MdEo2wbwOeglNC_rgx1fFwdSqyvldkc4PexZRDzsJ75A4xRg_WNoYRZux_ZcYaqFztbgNmbo4DGqep3I7s8euVrGPoEzVNwIeohhBwzPcAcQuAmaSJc_28X9WFocMC36aK_egmso6_tjzPZPjF5vBtYFHAqic0vprh7ebjD6sYlIqfDDha3cdH2PvyvSac64hc3ABJ-CoLvUA6AGLoAH1M1LqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQg88D0ggJCIDhgBAQARhfgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTY0NDM4MjE4ODIxMDkwNTQYAA&sigh=B2B__708c80&uach_m=[UACH]&template_id=419
Frame ID: 684CB66D1070658A3C1BC0E5D3B5DC98
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8276B67835AC30886D8E3163C0D75801
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCQ9pAMLRp8_NshtgmAkMrptNmE_Vh61q0dgrglq0-GT8BivG-zTeZA4aC9PdThycofsyzr9cAQJXyvg-vuKxg8cT7htRfNBZl2A1ZJkjC3I79dQjMJCLCXQy_g4NJV7UM0RJKR_rwe_swqrTF_yH0-72Nz0StR9c1ncyc4f3EpEx1uqjq5S0sT3Dky1JM3dSZCQVS8DQQ27KFW0og9HDiYKkhijTGkKzV-L2clR27Mk5Wd6B3BU4FJyz7Mdd_rRXHO7eG7t0tnWdaQgvaKXNouCpAm51HNtIKI3m2W04YLEnh6ln43Z6lI_245M6pH3E&sig=Cg0ArKJSzIpGyoZKyU67EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 44EDED22D630DA5FCCFD80C311040ACE
Requests: 7 HTTP requests in this frame

Frame: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C0B26F4563A7641068007EF46CFBC09
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4G33W8HNHR19jWWaVDsNqO1cx9ZLFuo3q5kVmxgfAVhdjwvPcJhhVMCLO4k7glFl4aQ15AanJeA08ERg1JPz3aYC-wHOBGBtA6Ul1H-PrOSu2c8dcel--iM4SED9rrGDdrvz9Nqqprmw84esWgK0pWqPMv-xpmToW3zsBQqAG3WnmtxXJ0GqVXwZ_qJcqJFvaRQ2g7aSTnWfIOqlUQl7FO-I75ri_LbYuqw3YRFQMT1nldwvsu9aizfStX0K_zgRRt912zmDHQo4-ZUm6xogasFE3YmlIHIYbUcWqnxiGepPX&sig=Cg0ArKJSzBsZK3-x5B7bEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9442AE6FB4B46CDCF9050E2A2790425D
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiq4pi5ATAB&v=APEucNVI2QgbU30BuzG_cXAT979De3nuXQ4K-q2tTzHkq46QaP8NLFECvXSv0tjw3pNfk8CnT0qjYwaeo4B4TzXln8qcBXyhMg
Frame ID: 472B6CC258181A6EE54D223320C5CEED
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8219&pub_id=1242660
Frame ID: A4625531EA0B1F47FFA68F5240996321
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 44ECE5414D0378F50C11849CA49279B2
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/didna-prod/didna_util_v3.15.1.min.js.gz
Frame ID: A10220E43FE9DEE14B8BE012ED01D4AA
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B28B39E071D3B325F255F0C7FCB7A075
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
Frame ID: 8C24AB9A27387B3464C735952C1F2CE8
Requests: 23 HTTP requests in this frame

Frame: https://image.predictinteractive.com/01/trivia/icons/2017/06/icon-try-again.png
Frame ID: 2CDDA00E046EEB19539D7011E65D16AD
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5B78DE2FCEF35FBD4306F1C1B0B4EF6E
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: EF9C2B64462F9914E844D50DD8D9F1A3
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6000988EF5A02F929DD12F9B893D7F65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Frame ID: 41E304B16279C95BBBDC57243F8C1968
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 0EC3BAF53AE258EF12C4203363F541BF
Requests: 12 HTTP requests in this frame

Frame: https://e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6C4834664E6A924337A261B760A08526
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6E249CF726451F3AF75AF9E2611972E8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4B746BB0F09F550DE0A79767AF05AC5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf42OlpFYcuAykdRzytfxvB9gmMPs9D7rDqEaEvudiN8EB9cazaYUn06fCmD66bFn9swIGWzvA6PFUg-fxM1DDzli_wvW4U_areAEpE1R9ncnvD5Lm191GJVMcVtf-FAd_1GwZd5f2v5p2OyoqRkSi61xVrwXH5HbThr_6p8UVEqyA5HKpsI6cd8-YsS7z2jlq32O-Skv88qVGrTKXAHEiQ3Q7nGTqUZLoBgH9HIcpLWKAZE1lFEWDX9yhKxMPHs3aYiJR-SwAN_tqvH7uIzuHmyxmAaw43txE2ZH5U5-nyImzaMEMH3JeJkKc0z_OaLvE0SNkosP1MEPN&sig=Cg0ArKJSzLpz0ohTJMPuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C48D10D2640F2212FEF5D3263955E298
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9E91CF3C965908B6A9C1178298F0E1D7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24C611E790D29FC85E47E0C3F65F0493
Requests: 2 HTTP requests in this frame

Frame: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 6F0ED0DAE4D1AA335D3B90D9A36B5FC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5FCC8F17DC2D20F238AF112B98EC4C4D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA58E40C3127D654915C098CE03D2BD9
Requests: 2 HTTP requests in this frame

Frame: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: CF21BB570D7D12C38A275BFB99B03DD2
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNWldQ1f_BAFE-sb7jfH8i2MDBlYtr71VcIJH88YIAFz2S_F7hRyJDiC3atNhHanlzetbXv7gePXXVXrN4v5ZR1Ko2AV35z3N7hBZ3V7gv-30KqKtc8A6m055icFgdNkUoYBLtTXdTeJR0lDxAU4Ag_Ztqw8J_rcFLfEU3LPLQNZ5-TjfZA
Frame ID: CA160D80ED05C5B6CCDACE363D455711
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01BBC7CFF4B108BB0C67918F91155121
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=81.235;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1055419988;ord=4qbpls;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1cIRZW6LYafiIuizx_AP8-SswAO2wN6rZvul5IKjDvAuEAEgxL_OOGCVgoCArAegAcWI5dMByAEJqQI-YQYZ7G-zPqgDAaoE3wFP0GCYeR6sbEWk9GeHeHZ8c21UdUADDPIQqoOCG00PQKBDag3WzunqBpw4KxRvPhPmVsbLG7J92Ah3nLZIU3zvRYtJjlz8dMpx236doEEdD9iDdAoDBU7EXBIpDnvYC7zeG7_fEEofuxyPSAAlh0zksix57LY7TGnBnrBILoSvRfXldXe3DcHnjGw_RYnbLlXSi5vFTAt5hvHIsu_P8B6Wqp1AO0LGqZf_SgN7nbQXUVyEgq2hvdDt7Ixth-SMx0yQw47rVNmVC-_KOigDQ0ir4PRREA2AbTnJw7O5ckXjwAToxK2S6QPgBAOQBgGgBk2AB6P3mqwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04NzY5MDczNjE4OTA2ODA1gAoDmAsByAsBgAwBsBPAsZIN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoieyRq7F2nvPXmKOULCrPMg%26sig%3DAOD64_0y-ZqZyhO0Ejg7ER0sLVbvJxbbyA%26client%3Dca-pub-7269238500499280%26dbm_c%3DAKAmf-DwKnCXm8p49FL7bY8rmK-o5nC41jWHp0ffFoJDzUUVqRgnnelHgBcy4Mbi0HIsMGhbbq6EYii0xF4vDpD7qoXMsV-R8d_KZZNNEszDMeFrYPayCotrjoIaOVT7oC4S5B9dihSbSf28h2Oxqs7vOfW-Cji6qA%26cry%3D1%26dbm_d%3DAKAmf-ApCg15_e55hPrlkoojgIj97EqTi9s_elEi6t2EN0yC41J10zg6cR1EJirUBAYp9noB2MIqk7PhPoNJnTQxCDfCeL_kAhtbs5ILanrLqLFjv5jWe0qXZwJU-1eeJlNpEUJE786e7daEA6GPjHEmkinR-9G23i_GLV4401hfdW24AOKDff-WJqLLeIFiBO6FNKbUfPrtE5kCndoR-FdyoULBO3smSzPUVfRHPz2ghoEYfHzVkO81lfskjgJtmvhIWbkforAhstC4iC9BUQnwDwfCAcj2VdXRdoVSY38LhLy1YKXywMtJrLabauuYJ60e-LzIBcT9aaBKIy8sIn1_3ZTjrKgMjznkrze94vka_0i_2K1xe0cB2Iodb8gi2ZT-ZJVMpk3U5vOtYNsKmL14yve5Sm92lY04pjuxt2gL0ug2ahSw-HdNMld9H7sUuoqiVtGLdNqz%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=4,https%3A%2F%2Fmgoblog.com$2,,,https%3A%2F%2Fmgoblog.com%2F$0;xdt=1;crlt=uc9tRRlaXW;sttr=37;prcl=s
Frame ID: 145B97A6B4E8223CACC4F02BB64FDE1C
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB58CCF84AFB0033208CA6346C86510B
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E82ADCF5CE92EBB1E8F884E55052C123
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B9F4C7E82BC65B233EE68FAC94CEF36A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41877952D160A0D8F6D91CDEE5942037
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Frame ID: FB85DAC522D04E6D20E9322A831DE828
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | mgoblog

Page URL History Show full URLs

http://mgoblog.com/ HTTP 301
https://mgoblog.com/ Page URL

Page Statistics

583
Requests

94 %
HTTPS

38 %
IPv6

60
Domains

109
Subdomains

90
IPs

7
Countries

14660 kB
Transfer

32350 kB
Size

81
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.quantcast.com/mgoblog.com
Title: Traffic and Demographics

Search URL Search Domain Scan URL

URL: https://mgoblogstore.com/
Title: MGoStore

Search URL Search Domain Scan URL

URL: https://mgoblogstore.com/collections/mgoblog
Title: The Store! The Store! The Store!

Search URL Search Domain Scan URL

URL: https://mgoblogstore.com/collections/mgoblog/products/preorder-httv-2021-football-preview-magazine
Title: Hail to the Victors 2021

Search URL Search Domain Scan URL

URL: https://mgoblogstore.com/products/httv-tales-from-old-blue
Title: Hail to Old Blue

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/mgoblog/
Title: MgoFlickr

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/search?ie=UTF8&keywords=Michigan%20Wolverines&tag=mgoblog-20&index=sporting&linkCode=ur2&camp=1789&creative=9325
Title: Amazon

Search URL Search Domain Scan URL

URL: https://basketball.realgm.com/player/Caleb-Houstan/Summary/117539
Title: nearly 9 free throws per contest

Search URL Search Domain Scan URL

URL: https://theathletic.com/2863922/2021/10/18/2022-nba-mock-draft-2-0-paolo-banchero-back-on-top-as-seasons-gear-up-but-class-has-questions/
Title: in the lottery of preseason NBA Draft projections

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=mgoblog%40gmail%2ecom&item_name=MGoBlog&no_shipping=1&cn=Any%20req

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MGoBlog-121996394480471/?ref=aymt_homepage_panel
Title: fb

Search URL Search Domain Scan URL

URL: https://instagram.com/mgoblog/
Title: ins

Search URL Search Domain Scan URL

URL: https://twitter.com/mgoblog
Title: t

Search URL Search Domain Scan URL

URL: https://twitter.com/Misopogon
Title: @Misopogon (Seth)

Search URL Search Domain Scan URL

URL: https://twitter.com/endless_motor
Title: @endless_motor

Search URL Search Domain Scan URL

URL: https://twitter.com/NastyIsland
Title: @NastyIsland (David)

Search URL Search Domain Scan URL

URL: https://twitter.com/Bry_Mac
Title: @BISB

Search URL Search Domain Scan URL

URL: https://twitter.com/Alex_Drain
Title: @Alex_Drain

Search URL Search Domain Scan URL

URL: https://twitter.com/FullOfTwitt
Title: @FullOfTwitt (Fuller)

Search URL Search Domain Scan URL

URL: https://twitter.com/BlueBarronPhoto
Title: @BlueBarronPhoto (Patrick)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mgofrenchy/?hl=en
Title: @MGoFrenchy (MG Campredon

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/podcast/mgoblog-the-mgopodcast/id331191165
Title: MGoPodcast

Search URL Search Domain Scan URL

URL: http://www.wtka.com/
Title: WTKA

Search URL Search Domain Scan URL

URL: https://www.human-element.com/
Title: Human Element

Search URL Search Domain Scan URL

URL: https://nextmillennium.io/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mgoblog.com/ HTTP 301
https://mgoblog.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 152

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 154

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 157

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 195

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 258

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmgoblog.com%2F&domain=mgoblog.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lEVKhnxTQWpETnV0dDE1UlJqSWRiRTNVRU9pdUxVTm00bmtEQlp1ZGhjWG41RlVtL3FTbG5JYjZsZER1Q0V4SlMyWFhCc1VrejBHWjdneTl5STRJREJCV05vTDZCSjlSaTJQRTZBaWVPOGgyLzJkbUdsMVUvck9uUkJ1SXpWR1hRMUt3VkxKZ0l3MEo5S0M3R0NGV29hektuWlR0YzhYWEgxZGZPTjVYcE9nV1dGMTE2cW5HYjJCdTlyNkx3QVc3WktDZWRJWGpUaFQrWHJUVzhnTXRTOStrdmJyWk1ZTWh6WnZ2R3ZNZXlhZklieEdvPXw&cppv=2

Request Chain 259

https://px.britepool.com/new?partner_id=t HTTP 302
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=277cc471-3772-4e50-855d-4aca26d6ea3a

Request Chain 299

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&adnxs_id=1374527662504782850

Request Chain 300

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=0cc474ab-2678-4f47-a800-b7b7f6ca73c5&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

Request Chain 301

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=FF6EA0D7-0AD1-43B7-B27B-49213BFC2EDE&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&google_gid=CAESEHj07i_F0bh6LtoUSAupKFk&google_cver=1&google_ula=450542624,0

Request Chain 303

https://ids.ad.gt/api/v1/g_hosted?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2I2YjlmMzEtM2ZkOS00NzJmLWEwM2MtY2E2NGVkNDY5ZWU5

Request Chain 304

https://ids.ad.gt/api/v1/rub?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&gdpr=0

Request Chain 306

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=MHZPFqUNzTA4&ev=1&pid=562316&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

Request Chain 321

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 343

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=db7780e8-58be-4156-ae53-8f8de0e19edd&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

Request Chain 402

https://image8.pubmatic.com/AdServer/ImgSync?p=159745 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkY2RUEwRDctMEFEMS00M0I3LUIyN0ItNDkyMTNCRkMyRURF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE_5nX16aya36BKU-p11ZPg&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 463

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmgoblog.com%2F&domain=mgoblog.com&bundle=QceMXF9JTUFMQ1kyU3Y3Q1NDVTBUV2VMZEs4TmFtNk5oenZGa2hXellUWGVUR1huNmElMkZvMEx3OEdrZ0pZRURGZ1Z4Wk9QdXU0USUyQjUlMkZuakVJS2ZXbXRZJTJCJTJGV3cwb1d1aUw5dEFvaG82UE5kdU5uTzFxTlNDbGx5NUk3UE5GajV5NE1pJTJGMg&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=CpKBnXx4bGpVbnRwdURaUTNJQzluSXh1UTRTMmlvS3VpZ29yUzBEbXdieVdnbDNOUzlYYkpaMlhWSnluOEllVVcvcm1Gam9mWjNhZUEwQ0JsSnBjZGF1N3dNVThaVFhWUmlXVlZVVXk1ZnFxZUFpTFBRUGY3MDRWSnVJeTBmTGcyb0FJVXBST1l2dFllTzBXL1JsUDRCZlA5OUtITDlhWFlTTHpFSkxRTkVQK0ovQ3lqTEhXanZSWE15c3REcGJMandSZ0xKV1JyT3gvVUYvaTFiajJxZUtkaUlnV293a3NRMU0vVGhObjBxb2JCdEYzSVV6Y05nMnVoUG10YTR6NTRlYUFVfA&cppv=2

Request Chain 520

https://gcdn.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/714DAACF1B0DBDA354B1F5680404D08C26E98820.0683574032B04390E1A7CC7E7AB6918ACE4E53E8/key/ck2/file/file.mp4?cpn=pQsTYhe0hux5S7yq HTTP 302
https://r1---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CF186E6DE07321A9F759822507125D7CAD6C616.074086BD4DF329E0EAADCFFEA01F39BFF9272E97/key/cms1/cms_redirect/yes/mh/2x/mip/2a01:4f8:212:78e:31::1/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1636526814/mv/u/mvi/1/pl/54?cpn=pQsTYhe0hux5S7yq&file=file.mp4

Request Chain 530

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1&C=1

Request Chain 531

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYtuZpUuSJ4SZPV8rJ9M3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1

Request Chain 532

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMD992MVKS4DhwtnKgRHprM&google_cver=1

Request Chain 533

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3NDUyNzY2MjUwNDc4Mjg1MA%3D%3D

Request Chain 545

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKzfn0XAu-FXuIZN0Z5RDU8&google_cver=1&google_push=AYg5qPK6KKYJLwG5ndokveVsQIvM0lLJS99v2Q4LHgKnQEY3CU2u4-XIB0gL_jnqDCfMzLonfRBxaB5ZtuPK88ZDXW418biPPJOj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk3NDgzMDM2Mjk3MjQyMDgxMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKzfn0XAu-FXuIZN0Z5RDU8&google_cver=1

Request Chain 546

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cver=1&google_push=AYg5qPJr60qmCBRcsyocNGE9lVP6DkaPvLgX2LbXeQdh3t6KqSwZXAFEnGSReVT3gQedQT4BM2PgCuaIgnYMN9uekoVp9ibLZvFh HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cver=1&google_push=AYg5qPJr60qmCBRcsyocNGE9lVP6DkaPvLgX2LbXeQdh3t6KqSwZXAFEnGSReVT3gQedQT4BM2PgCuaIgnYMN9uekoVp9ibLZvFh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QVBZR3FJaVoxTUtIQ201&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cver=1&google_push=AYg5qPJr60qmCBRcsyocNGE9lVP6DkaPvLgX2LbXeQdh3t6KqSwZXAFEnGSReVT3gQedQT4BM2PgCuaIgnYMN9uekoVp9ibLZvFh

Request Chain 547

https://um.simpli.fi/gp_match?google_gid=CAESEPjB6483GWBTqmqbDvYczrI&google_cver=1&google_push=AYg5qPJpAggEGL4cVcWZJ8t-4EaQNP_1vbI6FfXcs3_JXajUUaHjqa6pPGr58gYxJfSD57JnCBGfErvGlTPRk0dNG5eyVzLs47zB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1D908C5D69B423293F68D1861CD360F&google_push=AYg5qPJpAggEGL4cVcWZJ8t-4EaQNP_1vbI6FfXcs3_JXajUUaHjqa6pPGr58gYxJfSD57JnCBGfErvGlTPRk0dNG5eyVzLs47zB

Request Chain 549

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECLGE4cx2MMpv24CbS__dVs&google_cver=1&google_push=AYg5qPI9os9dYVL1no2P_vZWNCx8GGNc_Mk4lpg8j_7ClYuFJeoC53eNxIHiv6aO-kptqxpEOUy3SWNE3nBLIu1sX7bvswTWcMrE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_26g1wrRQ7eye0khO_wu3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI9os9dYVL1no2P_vZWNCx8GGNc_Mk4lpg8j_7ClYuFJeoC53eNxIHiv6aO-kptqxpEOUy3SWNE3nBLIu1sX7bvswTWcMrE

Request Chain 550

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDSDJkWchij2i3KBFTb61AY&google_cver=1&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2KhC9Nh5Ozal_vdVEojQHjdgEoU7iw HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDSDJkWchij2i3KBFTb61AY&google_cver=1&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2KhC9Nh5Ozal_vdVEojQHjdgEoU7iw&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zTDJqcTNoRTJ1RzI5am5OSU9fUC5wTUd2Zm9ZYkdvWn5B&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2KhC9Nh5Ozal_vdVEojQHjdgEoU7iw

Request Chain 567

https://pixel.adsafeprotected.com/rfw/st/787359/56365210/skeleton.js?adsafe_url=https%3A%2F%2Fmgoblog.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmgoblog.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D3&adsafe_type=d&adsafe_jsinfo=,id:a53f098d-98d7-f60c-14f6-460a462b58be,c:txSK9q,sl:na,em:true,fr:false,thd:1,mn:app12ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:257,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:291,oid:187aa900-41f4-11ec-a9b0-0a1e87f1382c,v:19.8.267,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

583 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mgoblog.com/
Redirect Chain

http://mgoblog.com/
https://mgoblog.com/

68 KB
20 KB

563ms
526ms

Document
text/html

2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860ce6d1ab1decef34593f9ac4d3630c77a3ccdc89ec2a06a627caa9c6e2ea83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300, public private
x-drupal-dynamic-cache: MISS
link: <https://mgoblog.com/>; rel="canonical", <https://mgoblog.com/>; rel="shortlink" <https://mgoblog.com/content/home>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 10 Nov 2021 07:00:11 GMT
vary: Cookie
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
x-hostname: wce005-node6.nexcess.net
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMfF2oUQBpzWAXXp69GJlhh%2FuFLDYd608nBOFVs1gI1UaQAPwBBTr0wvFg3C%2Fz0cKeeWe2cg8ZUZEVtnGIBb4GV4uqnv7gcAbUbZITXtTMBSxMhr3kThO2VJEaoxbo27YYU9BdYLHpSJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6abd68f6efc24c9e-AMS
content-encoding: br

Redirect headers

Date: Wed, 10 Nov 2021 07:01:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 10 Nov 2021 08:01:31 GMT
Location: https://mgoblog.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZyfnGT5CBntuJvHvMF611VTgDFROIUBgzrZvQQWxfJ3s9fndrCKrlw95%2Fqy7RvPyZlOZulfUPdfAASyDRsETrAulJ5IQfDof%2BjQMQdFdnpDazJutMjwPomaQoTqoIVqD9iRvoffVXq4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6abd68f669affa9c-AMS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 99ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca2dfa44aae1d8af7f6e859037c47e2caf5455e3fa68c9fe9e1a36c38476bbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51324
x-xss-protection: 0
server: cafe
etag: 1421716718957195843
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 07:01:31 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/husker/mgoblog/ 19 KB
19 KB 158ms
136ms Script
text/javascript 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/husker/mgoblog/didna_config.js
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 92520ed9f51c1c2931d94eed4950580c5f935ef8bc9135297ac279dee21701ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
x-guploader-uploadid: ADPycds34DuxhKR_PsRPg_dR_vZbqjtwkOBGqRUPDw3K707SVzwSGZZ--9K8XRx6PjABCXVBo2cXxS0EtdbeghPTowI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19223
last-modified: Tue, 02 Nov 2021 19:42:51 GMT
server: UploadServer
etag: "98d276e98c3760ea811a4b475eeeada2"
x-goog-hash: crc32c=oRQbSA==, md5=mNJ26Yw3YOqBGktHXu6tog==
x-goog-generation: 1635882170955055
cache-control: no-store
x-goog-stored-content-length: 19223
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 10 Nov 2022 07:01:31 GMT

GET
H2 200 google_tag.script.js Show response
mgoblog.com/sites/default/files/google_tag/primary/ 348 B
613 B 39ms
33ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/sites/default/files/google_tag/primary/google_tag.script.js?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f28a7363bc8466b1e2fb3d178ee8353cbe6a8f7311b334b906271e5ce33af85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607365
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 00:13:52 GMT
server: cloudflare
etag: W/"15c-5cc8a63a31211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkmeymFODymfb07N9BhioQzfOuMi4vFHZ3ipLfzsygjCUfLkNG%2FFDFVCYu8VjqOnCAjQjyCkFdE4lcyGeeVnCubS3pQ%2FpNA02DLngke4G3qOdIWH2djcjehUbCVU%2FMHOp1UIAHSL17Ng"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fb3bf44c9e-AMS
expires: Wed, 17 Nov 2021 06:18:47 GMT

GET
H2 200 normalize.css
mgoblog.com/core/assets/vendor/normalize-css/ 8 KB
3 KB 63ms
62ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/assets/vendor/normalize-css/normalize.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1e1c-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLU0RVKIDD%2F1pqPli8DN9i5YIkPqf9O88wL5QOKCaEkY2nQ50RHitvL3UAqMLAcy0t8hc3qRIWuBYiGQRD6M7sOprjX0NqPIQejwQrMQsqkUJTlLj0nKRFytIQjBn7XqN%2BHM4bT%2FYLh5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa69a14c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 normalize-fixes.css
mgoblog.com/core/misc/ 254 B
504 B 66ms
64ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/misc/normalize-fixes.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848e395b67c5a776114425ac9ea4cc4f809cdca2caf2685fd2f6a94eba4c7238

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"fe-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSKwDNQs2QRKcO1Tav4uUUYlU53wsm%2FfWyOPQiUdObkjG3753wSZLrKnmeGegqdC7Te%2BYBtoZIL0cie66VvAhGiS4EJwReYQYrFAGAHWAycxOKZWjDLtN9RvKXNDngoDJL5KqjhFmk4Z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa69a24c9e-AMS
expires: Fri, 19 Nov 2021 19:41:07 GMT

GET
H2 200 ajax-progress.module.css
mgoblog.com/core/themes/stable/css/system/components/ 1 KB
916 B 64ms
62ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/ajax-progress.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

018bc192232b968b662399f1cb800c44ee22b64285a6334366c667f7ebfea058

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040359
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"40b-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IYqK%2BohB%2F9fWvhaIY9SAAO6ad1FNYP4yBgJ79cSzT1SqA8aBNj%2FfWXOinw09vWO8S5SlH4w2EMeD5NcF7EbEfwlmNVxAoUJZ86E0gRyE%2FxVbaxXmJHxRY78EjuBjhycOD78WaLtZQ%2FW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa69a44c9e-AMS
expires: Fri, 12 Nov 2021 06:02:12 GMT

GET
H2 200 align.module.css
mgoblog.com/core/themes/stable/css/system/components/ 484 B
612 B 59ms
57ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/align.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 555347
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1e4-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RxhrtlRBKHk8aEjdxLFE3XGZTKqXr7gj6cZCKGuF6m%2B91j3Lji1fRcQUoyLVKoZ%2Bogf8E3HoAmV4h7uX23m7HyG2w1H7BUVv2nUL7YmkxHwPs9tZkrYk87miASDwjBK0BU%2FufZk9FSC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fa69a64c9e-AMS
expires: Wed, 17 Nov 2021 20:45:44 GMT

GET
H2 200 autocomplete-loading.module.css
mgoblog.com/core/themes/stable/css/system/components/ 611 B
565 B 61ms
58ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/autocomplete-loading.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5ac9ecf677f9a456c8faf304f9cd9a6deb61b2f7cad70bac84c63428bc7dbe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120323
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"263-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIZcPtOlnJtmoasSlJbOGzEEgcJlUYCLCLxCsH8OcpiLlruNa4Qs7eVUxw8BJPv7eOpEhVohUQUB%2BPDDIYRQ%2FALNkig4WiWSZ1wSZIKvoTMQKHNntyQ5yJLf9VrxNbb811y2S6%2B%2BdpXB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node1.nexcess.net
cf-ray: 6abd68fa69da4c9e-AMS
expires: Mon, 22 Nov 2021 21:36:08 GMT

GET
H2 200 fieldgroup.module.css
mgoblog.com/core/themes/stable/css/system/components/ 95 B
452 B 114ms
111ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/fieldgroup.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"5f-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhEP3hOaG3I1GRd5yeyS3QyR1x3tmg1dbEWi4AZtyY4lNnbRpCesbOnxfbaCEXU%2BaeCxzPDzmeRLcbXW97s4IJRQZFnd7fjn%2BBQ2XEPHi2sBb04LMX6mcKEKnGtGGEI6xnR4MsWomHOL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa69f44c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 container-inline.module.css
mgoblog.com/core/themes/stable/css/system/components/ 222 B
480 B 67ms
62ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/container-inline.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5730d19f43f160faa47af29f7e1dc2bafc393be75aa71d21dc93c775a1833c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"de-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgKsBCP92ILqntiXSdpsDo3DzmIg%2F7kSYzIdFbxRupdQZsAJJnAFZKvF6uWJTenM%2FmUJl5D9tUIrUNhgwPq8pQFO1OeyCQyqEDny%2FsHV6EXsRjvb4OPalwpQPuJ0txED0h17PjF8cSZ0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa69f54c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 clearfix.module.css
mgoblog.com/core/themes/stable/css/system/components/ 306 B
528 B 61ms
56ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/clearfix.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"132-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO%2Fn1OAmlulghlM6Veyx91R5g5sKp3tc2QAT%2BTcfBrHsTkh8y5l5IrF%2BIlAZae6Vn%2F2J5PqKs4AxRWjH1XHdYEqiqrN1YLagaX37FovmYk6j5HiuvI3Ok0XN3omjeUvHF2c6jdFn3H7j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa69f94c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 details.module.css
mgoblog.com/core/themes/stable/css/system/components/ 127 B
394 B 90ms
85ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/details.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"7f-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42dyRwmMidEqxiIpwl6QTcS6EVpz%2BblBLG9x6HoKgPg44sNHyayq%2Bm1N79UfhNBiWAdRcvRyxjjE0gd9ee%2B7%2FQuAulnFFj3nEjpQbngtbgC5xuyjCYt7mVaQVH8R8ctQ8oCJemLJ7%2FtO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa69fa4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 hidden.module.css
mgoblog.com/core/themes/stable/css/system/components/ 1 KB
917 B 62ms
57ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/hidden.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"54f-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI3YINDoxZpcTAdzTyq1W2QAodoq55WX5hdeIv%2FNHTPeqmzP5zRrwwcZLyvOcM%2B0ujO6IPNFjLmy2N7aCGgripi8aypMACfacoEhpTPjPaalUgiQc658KlRAnAp27s1Lzm1G9xR2f11m"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa69fb4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 item-list.module.css
mgoblog.com/core/themes/stable/css/system/components/ 285 B
456 B 62ms
56ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/item-list.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"11d-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul4GMLepC7%2FKYR9UOcqV3c1Dt%2BJXn5IG7jxQ%2FUfvU4Nk39ygto8EzUuNw3kDYbn1xoREjoxUMFqhoalehtTVNHc0RqyaEX19wzmpcNJL1gimpgr197yvRjnirxonEMTnbwmo52KJcOyU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a004c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 js.module.css
mgoblog.com/core/themes/stable/css/system/components/ 402 B
516 B 100ms
94ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/js.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"192-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCu04t8egxb1jp%2B5MojaQPvSD%2FM%2F9YQ1maTb5lM4QrhMVq%2FWXClcqzei8HzOe40%2F%2FYLAYI5puiwa4NciJnPdf0SJylit61dFr7k9wb73aF%2BYql%2FziA3qPivLi1TD90wlaqaYzDKt%2FrhH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a014c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 nowrap.module.css
mgoblog.com/core/themes/stable/css/system/components/ 96 B
386 B 66ms
61ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/nowrap.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"60-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BxHXsvvzDdgcJd%2B12fa3im2h1PDzF%2B8dFrBvAyamZ8SgqmO3Et%2F34yrNa2WYDZ3lAgF5Knk%2F1HWHgbMypv8BhIWamFtBwuSaMarVhk2LKwttFVuN%2BPiBLnNdg8oL10vkE3AfCd%2FB3Ks"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a024c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 position-container.module.css
mgoblog.com/core/themes/stable/css/system/components/ 95 B
493 B 62ms
57ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/position-container.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576191
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"5f-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B03SlnsxbFpjm2wg%2B3Wka6aRZsh8oaKMxu5zOP%2BdCkLe%2Bubw4n%2FbPfvlGh6uoERK%2BNoJK7V5h5qGFYS1bHRqK0SPJeQ1mH7rMUOaDq%2FZn8oAd0w1O%2BMXxjE3K7MQrmacTunZnatNZbVZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a064c9e-AMS
expires: Wed, 17 Nov 2021 14:58:20 GMT

GET
H2 200 progress.module.css
mgoblog.com/core/themes/stable/css/system/components/ 826 B
774 B 73ms
65ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/progress.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9de30f44d155113b05e267edeb3f534339c20b02135b37b954e2be32f1f061

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"33a-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaCqoPeBstul4PZtaq%2Fr58nCs0HRwVyBTy2Nq2SVKyl%2FjOTbAXvtWpZcFkEnFGI1XAq4eNHTVwfetrD7lM%2BMKxn89XBqsy2AhTT%2FYbCCT3MvsWAKD%2FWg74jYKewYlWD20sCopfZxE96O"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a074c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 reset-appearance.module.css
mgoblog.com/core/themes/stable/css/system/components/ 274 B
479 B 67ms
59ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/reset-appearance.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"112-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jM1QoMC5sw5Sry%2FNvv3s%2BUWlNPLpDdBZt3GNcbHdizblaQ6B0WZe%2BArTNCIzOSHcZWmUIKds4DjD%2FTvCElAuYxcRzBFsegmnkBXYqbW0ff4gsxLNk1TPdu%2BgaEVdkNFu7QEcky4ZX2iP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a094c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 resize.module.css
mgoblog.com/core/themes/stable/css/system/components/ 270 B
459 B 65ms
57ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/resize.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576191
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"10e-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqaXhni2zaxCTlaQDs3itKs5kfwPi1iMCtvHW%2F6rH0QaPd7Zid1qfeOO%2BfiAMn9YN3PBm0HHx%2BrclCSS6v5drVHZ7I%2FlfaGO7w7snPsNgGxdD8CLagoUfOMiksNdHu%2FUVm%2BbKfl2vLVs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a0d4c9e-AMS
expires: Wed, 17 Nov 2021 14:58:20 GMT

GET
H2 200 sticky-header.module.css
mgoblog.com/core/themes/stable/css/system/components/ 163 B
402 B 61ms
54ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/sticky-header.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"a3-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPukV%2BYDGB14cATWgflyrgRM9A1C2SlKYUReankHPbPsYixsNkViarc1ENwBFj559luw2hyk8hGhkZvVlkmipFeinhiXZD80JQmYdfrvXAy3Y6kxoizlep1wnbG%2F7E92ciiJ1j0K8HuA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a0f4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 system-status-counter.css
mgoblog.com/core/themes/stable/css/system/components/ 742 B
586 B 72ms
65ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/system-status-counter.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0160c0d198d260e42d1394b516e5495ee57c204e41cd2147e4026110843d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"2e6-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWbN4eVD351Wfn5Lj%2FVi5NxIC18ld0U7YIU1W4yYM5J6LNCXXJQUKo8AaW4rAg7QNxsr8F4sCwx%2FWYqJeudbVDmdpR7k38t6iw6jhyWVxoZdRHT1U5INq%2FR5Fx6qiQVL63IVBtKAHu4l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a104c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 system-status-report-counters.css
mgoblog.com/core/themes/stable/css/system/components/ 557 B
624 B 86ms
78ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/system-status-report-counters.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"22d-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrsGI%2Fhb0v3lvvVu2dAfWqzXZn2IXE4RPC8VELY7XbLvcCIvNJhJ9ti%2Ba66%2FfpNiHJ6zkBipSnChQbiG1Ow0I88tt2R%2FPTZhscHWWOk8Sfq%2F6O0YmyQXl5F%2BaY%2B5dsSwfGa3Nv9Hv5tm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a124c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 system-status-report-general-info.css
mgoblog.com/core/themes/stable/css/system/components/ 255 B
478 B 86ms
78ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/system-status-report-general-info.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"ff-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leAxH%2Bwvh7kG0UNmPXJhJwTXAysz9wIN0PTxIZel91ClBxs9KHPUh2OAZipHMqPui43zL93uA1DlcVQEAS30NeneU0xpjO28gVtHmDuloZ6UnDOtn79qFa4Bhc0sPB9XwwngTy7sRBHY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a134c9e-AMS
expires: Fri, 19 Nov 2021 19:41:07 GMT

GET
H2 200 tabledrag.module.css
mgoblog.com/core/themes/stable/css/system/components/ 2 KB
936 B 63ms
55ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/tabledrag.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8188bad0f77aaf0e06c5d199b36c85263048a4ac6361bed201939fdab3dd196f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"730-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q9eET5Qy2hHfCaLpUPDBQOAiaKBkWfP7yNSWxiXX9hMFuIH2fK0wxoExprTIluyvX25cZe4YUn%2FWr%2BZgN1vgoNsD7EoXpf3MfZAfvSET8A0UuOoJPqOTm87gwqL2XuW5DsH0CidpFxr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a174c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 tablesort.module.css
mgoblog.com/core/themes/stable/css/system/components/ 373 B
543 B 65ms
57ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/tablesort.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

750e66789618a2e5a917b34aa2e29abd2713041f80259ce54ef1b4f0fdffcbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"175-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxwL7Nv5ZycCie%2F0hu0VjHU%2BnQ9Mffqz0PdkusDgzr82rAVxyut0aGJpScEERp3PLbjRApUQ5lH6XXM2w0Zxh7%2FSXy9x6%2Bz9jJ5Yi9K3l1GFsPxET%2ByeUOUzqa0vQLA36%2BQzxwAGX5S8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a194c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 tree-child.module.css
mgoblog.com/core/themes/stable/css/system/components/ 478 B
603 B 66ms
58ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/system/components/tree-child.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b01b36d9b978726eeb935eb9cf4ca4b7ac06e7191264f079068f6b0f3a51e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23113
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1de-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2fdAz%2BibulCPN%2Fl8AFUzeFnDOzjUNU5GR6Ewi%2BtebOEu57yn3ES1RLZy7XvttPctSkU3GIuEPY8UnDsVOa1ufAFbpqaCKAPdQnFb%2BLbUgyFcus7OzlBRFIr%2B%2FiRkTcWZovUMP30WTJQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node2.nexcess.net
cf-ray: 6abd68fa6a1b4c9e-AMS
expires: Wed, 24 Nov 2021 00:36:18 GMT

GET
H2 200 views.module.css
mgoblog.com/core/themes/stable/css/views/ 434 B
555 B 61ms
54ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/css/views/views.module.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34169af71b02b45feb08dbe27772638c0b3bed26fe26d9f015b019be64e4389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1b2-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SfpSHch%2FOh3wQ3BTuJjZ8WBvv7vGaJGt9Q0yuILl4aY5%2BGKMjvJ38yA8iQYWk94Sjl7hTaTrc4AxBCZCdUzpGNhIshhg6k6XTej5RAVgKlpkUjcfKXubCDfoyCHmgfAl7CR%2Bs%2FM39u3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a1e4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 stickynav.css
mgoblog.com/modules/contrib/stickynav/css/ 169 B
584 B 68ms
61ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/stickynav/css/stickynav.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4ea7b65f5c1ca5d0b20d09f97eebb5641e93176290f94d60add8865e5aad0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 17 Jan 2017 16:26:32 GMT
server: cloudflare
etag: W/"a9-5464cc352de00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JP1gKHkDlSk8RLeuqT0Tnr6l%2B2Xc8DdJnN%2Bi8fo2TJvTjJYRIp5AAzZfPvZPwk6%2FyH388vRuL5nYmxjgKDqi35aW%2Fd4O%2FHugTvk0M3Md2RoQGersw0IHvuGqv168ynNH89rApsOHdv1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a214c9e-AMS
expires: Fri, 19 Nov 2021 19:41:07 GMT

GET
H2 200 google_cse.css
mgoblog.com/modules/contrib/google_cse/css/ 192 B
485 B 93ms
85ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/google_cse/css/google_cse.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c23ddd28ba4dd81afab4c9cc2a78db2e097eacc750573a9f85cc7038829bad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Wed, 22 Sep 2021 00:07:52 GMT
server: cloudflare
etag: W/"c0-5cc8a4e22a600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpDlzVtoZ7UYZjzowQsuL6XNUywj%2BuTZnSsAvpKbOS7NSmi3FTwxiurdFG0cJzO98Gtol%2BP4jB25KFB%2BxtqPvDevfuWbSNnkddUYYsI7QilHVUvr%2BYpiVHGd989VQZZSff0zX7vG6NQn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a234c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 base.css
mgoblog.com/themes/mgoblog/css/ 3 KB
1 KB 85ms
77ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/css/base.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbef5d073377eecce8b62ff2438767b4ab0253dbb4fe7423bacc464cecad984c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346234
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"a12-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VF7QopZJazO0v3ApPsO%2FUlNc%2B%2FuLw33VwSMm0mxbJU7rhR%2FYti7xOkFhhCoKIoFlLjDgvTFKjxkNDj3W3GKIclpReiT%2FgOZYNCT%2F7tG7Bf8X708LdDhYMr%2FTkUM62m3o4y1f%2BC%2FXZO1D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node2.nexcess.net
cf-ray: 6abd68fa6a254c9e-AMS
expires: Sat, 20 Nov 2021 06:50:57 GMT

GET
H2 200 layout.css
mgoblog.com/themes/mgoblog/css/ 530 B
573 B 66ms
59ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/css/layout.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e501a166dd6f17a0845252683dd83657bc3e05b9187ca1da8399f13159f910a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"212-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcZO%2FIkJ7hbnKvqsq8hIJqvht%2F4VIyJFEQ%2Fo0Rdng%2BD2kKzqfCupHCt8svjN7b674qPHuA48wk3wpIT9aL5u50yUugJoPozlB0uzzWIpBwH2dw8hAlpoxzIZWwWqgJ9IB71H8h6shiFh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a2a4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 action-links.css
mgoblog.com/core/themes/classy/css/components/ 832 B
628 B 69ms
63ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/action-links.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2c11562c4db62fcaa730cee623e84c9a205115de4bb13785cc434c152831da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"340-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7UPyxBWD0%2FC5FfrZ%2F1L1p3Dk%2BkZ46xVAup7rwLFJh5C3gng6xqg7IO8aF1%2FWrGk93m2B2anHsmtKDkhfIogsAsnC25%2B8r7LNRt6HOZkgWLx6CcPn%2FZFNzupmYEMXZh6oxfQlfR6YInw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a2d4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 breadcrumb.css
mgoblog.com/core/themes/classy/css/components/ 491 B
631 B 82ms
76ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/breadcrumb.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc4c8976917e48d271dc01b9cea9b0fd1b52811fb4a85ba5d807735b0312f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576191
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1eb-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNHC2QaAsgixBoSCPzIajaZa7u%2FCxEbkyE9YArMIZ97TYzNCHvcqHqBsx%2F7OS5zFTluO7LtryhFlB32wUxixdcAJYn5Jc4MBqAezoMzl46bywud1w3U5EIcR9fFIzefibjGsTz4rY8Rg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a2e4c9e-AMS
expires: Wed, 17 Nov 2021 14:58:20 GMT

GET
H2 200 button.css
mgoblog.com/core/themes/classy/css/components/ 204 B
546 B 61ms
55ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/button.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a630cf5111901233f94887450c9fe9189ea23f6ba08c0e7c60629b3b85049e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"cc-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWR8Dxh0gCudxRQQpUlBI7z1fK3p%2BibhLzYCVTLSwwV9NXD%2FXrrh4hTqaAhcM2aOmARqi00CATficCsV5P1FlprIoUjp492rjcjK%2BykwF5igNm6Q1cAFYOsAHlLxd5AnepUZ6VgSwRm0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a2f4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 collapse-processed.css
mgoblog.com/core/themes/classy/css/components/ 825 B
671 B 67ms
60ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/collapse-processed.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcdb22c649de0d33d65a202d01640250834ba056731b1379abf74e0235497667

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"339-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRkgBBqU0w7ExyjUNhzkdz2YNDI9psui%2B01FmSPPWwf1os7Q0I3T3Ums8%2BYZrNaBTo9rZ729bvxtR5xLOMjF9QUbBn7eOfsufF7H%2FTWdPnW9CsJtwKJc0qEnUO3jOK7kdDNDYgjlYR5M"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a354c9e-AMS
expires: Fri, 19 Nov 2021 19:41:07 GMT

GET
H2 200 container-inline.css
mgoblog.com/core/themes/classy/css/components/ 477 B
551 B 67ms
61ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/container-inline.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10504939833401b539099f2fe040c8346889db8387ada82330f1fc377bc2fc64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1dd-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnquifNGs5Opmsh5m5IyPgRszjykBWw%2FmvDeLjYKdByXKyfOmOGUVqf3sAXYFkAjxp73UywLS2R4siieFVvP7mIL7ZaObX%2BO8lj8fQZCX6xygoemGmhglfVV%2BX9wpvTjVqkmwe5qSTWw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a364c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 details.css
mgoblog.com/core/themes/classy/css/components/ 492 B
614 B 59ms
52ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/details.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ade4448213a70309ff4c8e6157e4a386d24af7c89abecb8df2cfd88fc65701

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 549291
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1ec-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHiJIqhJq40bXrt8VWvgScIQGnkqOf441h7HIIwdTiuRUdGjYNziehHY%2F6%2FEt4Lk6ZdnDJKpMzhD6tVsNo8GULHtbBB9eVKMI%2BGLAvOYUbhQ3PhubkS3kbV7PvWVo7ETrdwbQo0ujYi%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fa6a394c9e-AMS
expires: Wed, 17 Nov 2021 22:26:40 GMT

GET
H2 200 exposed-filters.css
mgoblog.com/core/themes/classy/css/components/ 905 B
626 B 63ms
56ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/exposed-filters.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

694010e3722a2e8575aef0c6684b60ceed96995a9558d56fbdf7ee7339cc0438

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 520768
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"389-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1MlqycCh22OIR3ANcIFiMIOsfRe0LRikt2Jst8n4k4WuboHMryHvMr5ZYYdtmbdKXdgMxVLCHWdmdza9FTtjIPPL2ZxzZ5ZVBoaeYCx00SqUfhFkBwnjFtmmVZwK6Vie8fbDXS%2FkbOk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68fa6a4c4c9e-AMS
expires: Thu, 18 Nov 2021 06:22:03 GMT

GET
H2 200 field.css
mgoblog.com/core/themes/classy/css/components/ 526 B
522 B 60ms
54ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/field.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6726a445d070701980a6ba5e452381f6a9cf2fb9265ae574b861c3f6c21612

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576191
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"20e-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03iprkgFvDxigE4mEN08Znzr%2FHFmqFcbOI%2ByC5C3M%2BbkdYXmnvtcJNou9hNmzN5%2BvtyuxGZpXcw%2BmE%2FGQLxBUEj9vLcHkp9Ob4ZDlAvz%2BmoXmemuw9aOkD9pPcj3MMvvs6n0oBu16uuL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a504c9e-AMS
expires: Wed, 17 Nov 2021 14:58:20 GMT

GET
H2 200 form.css
mgoblog.com/core/themes/classy/css/components/ 2 KB
1 KB 66ms
59ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/form.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a680ead09d80d74ea14470a6308e2dcec48b7308baa6a914417a2af5b687a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"888-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13SPZss8fcjnOfqPU73C4DwcqE2lgF0PjUEbxzoHctZ%2FetJqurX3glSQWPHSmK%2B0ziwAcByKCMPzowXryzMEwtgKXuGtQLH1X0kpRZ2z6EmPLy4S7gEy4OGi5zDi9f1cHsvjqqNkdtTp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a524c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 icons.css
mgoblog.com/core/themes/classy/css/components/ 421 B
559 B 64ms
58ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/icons.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ffae1f46d118d9c065d96f02ee4fa16061dbf1a7620957d9564b51289a4317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1a5-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLpoIgoLe7sGzYvFjwA8IIknFbsGAeN1I0xLMEtNadOpeOkWljpOVNafPELDZr2lv64Ak0v7pYuwxef%2FQvfWLsI8cJrL5rSBHZm6ImG%2Bx5rrA05H%2FIiM39Iy3nMPm0QdNbsBS4Y4o20e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a564c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 inline-form.css
mgoblog.com/core/themes/classy/css/components/ 741 B
622 B 77ms
71ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/inline-form.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc0fb547c3465ce7d3f9c8c532278d9466fcfe4b1477bb346c031f2f5da2fd88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"2e5-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmiFCo6hiU7OlggIpdQHCUOpZIseukmEdJUiKFveFimbZBK%2FeJMyIvaK%2B4kmsXuFBHnRy6qu1sn0MC4xz9S8tSKgtSXjrxDNYBgoWGLY1rwgVGDOkX8jK0RHRiFD%2Bk76IFqUcyonATpJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a5a4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 item-list.css
mgoblog.com/core/themes/classy/css/components/ 546 B
586 B 88ms
83ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/item-list.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bab3880f653cc4d004c2012e94eed50909ba0a6cfd8540d5a5ffce7caf56c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"222-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXqo9Hp26a8HfujajHHsBnv7XRcIpgTWi8FEqwOk6bydj%2B0QVGEObFeRFo3Y%2FACymm8EsS%2FSg1W%2B6KTJml0m2whB9NCFNfAN8pEFjSb1w9heBOxLIv6sf%2Bee%2Fit8nBMQ5LIkYCTF3%2FJ%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a5e4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 link.css
mgoblog.com/core/themes/classy/css/components/ 217 B
534 B 69ms
63ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/link.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16f119714d9dbe39af89d26b0545d10cfc34751216fded19ff68b2c5078a48b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"d9-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnQPRonywHAjWsBJnhUlbHiJgTTnNFmUlLaPZ7QM72aQ92ts9YSJc11qmr2FuL9CHKNimyMl9HR5vvYBlmrhEDCnlB3Y%2B3N9zA%2FKtEG3ZVeUJga5eg7ZrMgPGfOx1ZLswambeEWvXD0x"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a6c4c9e-AMS
expires: Fri, 19 Nov 2021 19:41:07 GMT

GET
H2 200 links.css
mgoblog.com/core/themes/classy/css/components/ 343 B
626 B 63ms
57ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/links.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80dd92890eb3b5cf2998f3141668bf956843764f1027e038df2dc80ce145bd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"157-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfGfNr%2BLWqLOn4pqWgGvDucy7qzlxp69izZ3aJ%2FneiGDorMHS3awjfF5cs4cL1PNomfk6gEkBO%2BGB7brSGHBYZ03y7KscXs4bd%2FCRecoQNIAN0ARUkSp7souFuDU8EhlqqSTFu6xXOw4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a6e4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 menu.css
mgoblog.com/core/themes/classy/css/components/ 672 B
585 B 64ms
59ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/menu.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff310fb7f3399a67a4be790b014dfddb3b8e5178b2ca9fd93ee9a14543181e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"2a0-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd%2BeKA867fRWP%2FM9Klc676D%2Fq%2FUt3RZTpjqCO1vmtJBXwNKNh4uq3n3ODFb2o1zM9YLjjziw%2B1%2FXYsxbmYVZC2rgL%2BLOZAZR7yi9PnYhf6vKGGIGc%2BpDqpCTDIFOLzqXdTooowJvKRDS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a724c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 more-link.css
mgoblog.com/core/themes/classy/css/components/ 171 B
432 B 89ms
84ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/more-link.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322caa9e5fdb996a5afa9ef6283b3f0646c72c2add2f2540a82ac24e7c7d917a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"ab-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R87V88N4hwBlpzxMJl6OjqadAyyzZoTqQIGFKLN2XZ0EXJOGMq9pcHkPYEO8NMrdnONKTxU4dyyvT1U%2FXmlakCdbLlJ%2F%2FDg%2BiK7pqHglkejlpiahfZJ5bQaYdoxRWPIqC5gLV%2B97Snxx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a764c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 pager.css
mgoblog.com/core/themes/classy/css/components/ 203 B
621 B 105ms
100ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/pager.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0f43d721b07d29d6310e31aa037a28371e3d85d5ad27592ab1daab3a589e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"cb-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsxOPITx6SxywqYXO%2FAA8klXFBgxvKutJ43vWewaWW1RVmsNsJnn14oqyGY6dEO5CiVWozC%2BX4JMQxqSe%2FIl1cqZWWGIUgrKKUSm1zsb6QmysIugCokpBMlqLatb1KYnd%2BCJgSq3OAAt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a774c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 tabledrag.css
mgoblog.com/core/themes/classy/css/components/ 202 B
429 B 68ms
63ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/tabledrag.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a08a772c49fef577fd5e0a37663d6d010473be40763496bedb29cf77176bc7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"ca-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2tzNuNBgM0X88R7oBfyx8iZaCpDLTRgj%2FzfLRYEH95oD4tociwZEOB6b8D3GD%2FFYjPMoQL3g7FKPrbZLXI3ys%2FkFplzis6qGsoYT8JzCWTnRbUgdc%2FK8vqcVSgRMSCYQ5%2BQxsj2zmVh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a7b4c9e-AMS
expires: Fri, 19 Nov 2021 19:41:07 GMT

GET
H2 200 tableselect.css
mgoblog.com/core/themes/classy/css/components/ 302 B
648 B 79ms
74ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/tableselect.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b159e6ef41dbba1dffa56e2a922733a81656a00324bcf82b9b0e48cd6af325a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"12e-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O5LKof6WJauy%2BjFOfBB4Ymvx5fQHEatuFiBCWxFZ93DOvIYEh35lW%2F%2BEU6kgFq01xTVHw3O4Xt5M05reEL19dLZX5jJ5sAeD5FkOAM0Vtp%2BJCRasun%2BiX6Nn%2Fm0oH%2F%2Bv8gCZWtV3c2T"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a7e4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 tablesort.css
mgoblog.com/core/themes/classy/css/components/ 126 B
382 B 79ms
75ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/tablesort.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b46e0f428fdce40677abe43f33575023b1b2d87cc3285138bb06b253313a7665

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"7e-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYItdE2FpfhyeesLlNzWaDfS2huulvXVc%2BliT9YcpxKzfYIuTm58KLweMxfDNoOxa3ayOIzIIMng4aT5pMqJYQEFRHbNua36hWjap8l9t0vscgD605LQH2CmHhEtSWbSLgzlWjBsWqOA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a814c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 tabs.css
mgoblog.com/core/themes/classy/css/components/ 470 B
541 B 77ms
73ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/tabs.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732ac3d1e0be45497ec275b2d9b3f926661e243a4d80da8240abfeaa5eee21bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1d6-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3MZbf3HDvcpM2x1BbmgNnuHBKNH8Lodfk4jv628N8Z1oQNUDmK43p%2B0sFcd7XcwEaMm52nYIv3wXclFfkDJXCbQCqYpUff%2B%2BDgdFZvfxA6UeTnFm3pKNfC4i0BfB4%2FsQRVvhmZzKDvP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a824c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 textarea.css
mgoblog.com/core/themes/classy/css/components/ 169 B
424 B 107ms
103ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/textarea.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c9610ec0d923171ec822d71c9b605456b690320a72f4546af38aedf87737a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"a9-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YS7XtnLOWANQ2CPzs7AaZem0azPDxcaQiBs98N45X%2FnULyCpo0eiJHXjY9yCEPkdz6kLBO0Gz7GHOwVPn3O%2FCSBL2wn5%2Flg8A0GxzY35Ps4Qa2nJ4Vd%2BzeZkcjxzNjIgXWWPUml6crJm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a854c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 ui-dialog.css
mgoblog.com/core/themes/classy/css/components/ 208 B
623 B 86ms
82ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/ui-dialog.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99dd4d581c7006eabeebac8e77dbeae96fbc430cfa28bfffa222f4348d17127

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"d0-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N9VinJo6%2F54IT29v3UTj39iKewTit4tKL2BFIg%2F3hHimY%2Bk%2FmECVvaCRnAAenaKqvDNPMU1L%2FJob24jtyGg%2F9eOyYsAEBNFMfagJPlAQqNJUp6K1tcleQCiqYFYLtsWvaERpeRtkCu%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a894c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 messages.css
mgoblog.com/core/themes/classy/css/components/ 2 KB
885 B 66ms
62ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/messages.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9018c4c78b2c89ae030f975ba18c806a4b825d8b470e0f51cfc1327ae09723a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"77d-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nD7HZYmAFwGRWTZ0012ft0V0iYem8Kthxe%2Fn0oqfkWcVvH1fXjLhDmuJd6lGJNjKT4KlSS5CXC9CvxBuaBPut4jLf%2FCPjgJropDmov1LAQQs7Fc9L%2FjHdicj6ZYclt2yjEDDNA9w2IPi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a8c4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 progress.css
mgoblog.com/core/themes/classy/css/components/ 2 KB
927 B 77ms
73ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/progress.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c03018bcc148a940bf6837c3db4a91b969868b128a1163b35288a14c30b722

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040359
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"7a2-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mub5YJqghed%2BoefjELOPdGs82kyAcKxo8g13RJA7629NE5zy%2FXYmG7%2BeqEhwMa5VCXww%2Biz9Azav2SSI3iGRkXROjkNkt39InTftKyjc0IpBDNpttbyxtkjux09SMJ6dxS%2BYbOHduoH7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a8d4c9e-AMS
expires: Fri, 12 Nov 2021 06:02:12 GMT

GET
H2 200 node.css
mgoblog.com/core/themes/classy/css/components/ 98 B
404 B 75ms
72ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/classy/css/components/node.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a720a090101e698013011a9d951fa992ca6d948356759db34ed04f4695d6896c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612607
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"62-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7cg4PtlG5AXpEkupXZwS9MFCIZqV4nNGEP18WheX2d5F239BoRxBYP8DtTd6MrtGP2RaudohS3sFFG4Pf99QHD7OZ2%2BLHwFWDQeFDwuA8nusAq64wH6FceFjUBwiJ%2BwOmi7glLu3zXE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a8f4c9e-AMS
expires: Wed, 17 Nov 2021 04:51:24 GMT

GET
H2 200 components.css
mgoblog.com/themes/mgoblog/css/ 92 KB
18 KB 91ms
88ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295304f606b4fbb6e72bcf1dbb0e1356c5be90ebcb42154392d4795a721f3f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386423
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"171a2-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQyydssM7rePwykeazaOyeDvfSMGPTbxYl2chPeGZgI0v6RO56lqiGjROwsFyRB3Tgv9pSJAbBCJLCXaE9xHt9Upm6BjATu7Kd7FZenpce%2BT67bhgFeLI1chJHZD2HKmv3UKfx5Ylc%2B4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fa6a904c9e-AMS
expires: Fri, 19 Nov 2021 19:41:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 38ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto+Slab|Roboto+Condensed

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb9fac927a7d79654435cb8230b485067da307fd6ab180222a4ed98b3c33ec99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 07:01:31 GMT
server: ESF
date: Wed, 10 Nov 2021 07:01:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Nov 2021 07:01:31 GMT

GET
H2 200 colors.css
mgoblog.com/themes/mgoblog/css/ 1 KB
728 B 86ms
83ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/css/colors.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f259a7ddf55f91d0e5b14e03dd11fc5912d71465cee24b9d790a82fe48904e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"43e-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeKHZcJWu6mrHRrzeihvJL1z5aiffe1G%2FzHbIVePVtAG7HOed037zGURJJ%2FJcJZHIbNivyN0Er%2F4m9%2F8pMICjOJ4QP0EsU7lcU4iq%2Fg68MsLRVeOn7eYb6jfYhXieNG%2Fj9EqT%2FZHBQa8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a914c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 base.js Show response
mgoblog.com/modules/contrib/ad_entity/js/ 782 B
724 B 64ms
61ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/ad_entity/js/base.js?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

823638d416109400ff7caa3dfb31e2c25bdba67c2cc7c5ada6086d2e550f7b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=1060
cf-bgj: minify
last-modified: Thu, 29 Jul 2021 08:44:20 GMT
server: cloudflare
etag: W/"424-5c83f1be46100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx41hG8xwOoA2dyY7T0U4245CYbX0VL%2BANJxD%2BJSwLb9r%2BzGsiKTfGVV50oBFEfQ20HHMPGrqOAEPXzGt0PFShvS2IK3FucO5cXHgrwBhrQH%2BI1lYEuf5K9DwoaynprhSV84aaowr%2B30"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a924c9e-AMS
expires: Wed, 17 Nov 2021 06:18:44 GMT

GET
H2 200 gpt-init.js Show response
mgoblog.com/modules/contrib/ad_entity/js/common/googletag/ 572 B
594 B 64ms
61ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/ad_entity/js/common/googletag/gpt-init.js?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cda86b3c59f7b535dcb886441e00422802063171ad405f63f9f57a1c6228270

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=777
cf-bgj: minify
last-modified: Thu, 29 Jul 2021 08:44:20 GMT
server: cloudflare
etag: W/"309-5c83f1be46100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x58vNfrqKMgauojZTYohXTF3FaB2BlM6qRv7iY%2BmESrCpMG1OPZUBZr3ZUPGnDoO0R3KEHfcniJ9NehtHKKN3e0jK9e6%2BK4dw1Y24uIHJHTSImONUOHZyDhprine1V4LAGkm7wovU%2BeR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fa6a934c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 461ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

238c00e5891d4873624fa6512f26eb7ee12d0ff95d2861427e3a718f31887331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1039 / 155 of 1000 / last-modified: 1636499218"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26966
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:32 GMT

GET
H2 200 logo.svg
mgoblog.com/themes/mgoblog/ 3 KB
2 KB 56ms
51ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/logo.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb2df8a8b79143697bf99a93f6d8edf31db839b7987e53287894bd94f217fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"da9-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kRWjbVHE8Ylooph3AffsiB4QI76QMy5sydUrHpteojyy4xhzIfIAcMaFPTa1lcXHoIDZZxnSjQo7puXoRN%2FsNumr2Gl0sqzFAAy5Tmj%2F2zBDRuCyEcOv6PYo8yMdWOFPQOyv3G8L0x5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fb3c0d4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 45ms
11ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3626
date: Wed, 10 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 10 Nov 2021 08:01:06 GMT

GET
H2 200 print.css
mgoblog.com/themes/mgoblog/css/ 678 B
707 B 47ms
45ms Stylesheet
text/css 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/css/print.css?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea41c7a611a9ee736dc1d2d5840835619b2f0ec25b19818a79d2ee0ccd7cde45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545059
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"2a6-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn2iQZYWI3P2quq3iRvmvOW9ds0K1BbmgpoEZ%2F5FHyLkh0FASDjtCfer9heUuN9ifdfKnqAmG7PeWEaEbEsfZlQnJAv0FBwhibfjD6%2BuKMSwi7gFFFDIFHFTr1j32kBPAJve6O6aJnOK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fb3c214c9e-AMS
expires: Wed, 17 Nov 2021 23:37:13 GMT

GET
H2 200 comment-icon-outline.svg
mgoblog.com/themes/mgoblog/images/ 499 B
703 B 37ms
33ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/comment-icon-outline.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bec6570c1210115038b973afb8294dcc384525c7703951499ab396da7059d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 604970
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"1f3-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZoYYvq%2BtffheahK6jS0IvG8xO81B0O2IgUO3NN3ABdqg7P5qoy3vsACzDa6Oqc00hGQMno5ybLURyFMWmnNFpF5caY6MPASYMMLtKgWMknXgU4vdCfoEVpgzKCnZ28lxXRYOziftVkj"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68fb3c134c9e-AMS
expires: Wed, 17 Nov 2021 06:58:42 GMT

GET
H2 200 image_thumb_2608.png
mgoblog.com/sites/default/files/ 385 KB
385 KB 39ms
35ms Image
image/png 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/sites/default/files/image_thumb_2608.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e063dd510341b9b6b5020f5e97eb7d55827a8745605e38db34b87b07f99fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40052
cf-polished: origSize=564713
content-length: 393804
accept-ranges: bytes
last-modified: Tue, 09 Nov 2021 19:01:56 GMT
server: cloudflare
etag: "89de9-5d05fbe4998a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyN0evmpSwrBQTAL4kGGza%2FrqnyS%2B3KRtfPzwAYU56Kn5cDk5w2OlWmefuqdEK2j6RaNJj6EUVOPG5%2BsCoRWFBz891YbMrZWD%2B5v3sg2eXADl5gSLnKg2NMU5xG%2F4LlttpV0Rt4ba4lB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Tue, 23 Nov 2021 19:54:00 GMT
cache-control: max-age=1382400
x-hostname: wce005-node1.nexcess.net
cf-ray: 6abd68fb3c164c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 image_thumb_2609.png
mgoblog.com/sites/default/files/ 410 KB
411 KB 49ms
44ms Image
image/png 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/sites/default/files/image_thumb_2609.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce56d35fd4889c1d80f079cbc6c9e3515350d7d3f2ab0ffa7c3d81c1d53bab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40052
cf-polished: origSize=558649
content-length: 420304
accept-ranges: bytes
last-modified: Tue, 09 Nov 2021 19:02:00 GMT
server: cloudflare
etag: "88639-5d05fbe847b85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT4ENz1b16wwEnrvStObc7qLbOT83KKn3RugnSs6%2FkvPCgBZe0wx7Rr7eRKRwZwlSFtZcHZVuCSWE5Xp5TQG4BIG6txqczx8SXTh9aGKxkxFHNEA1eCCNUcxEq7FeU9bGYUM%2BGNxRxcR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Tue, 23 Nov 2021 19:54:00 GMT
cache-control: max-age=1382400
x-hostname: wce005-node1.nexcess.net
cf-ray: 6abd68fb3c1a4c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 7F3O_WLSdlQ Show response
www.youtube.com/embed/ Frame 7DF7 60 KB
25 KB 500ms
64ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17ed069243b8b7be57e510cd57b37aff22fa9b4a1b76fd868c4d9dc011abf0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Nov 2021 07:01:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 7F3O_WLSdlQ Show response
www.youtube.com/embed/ Frame D0FC 60 KB
25 KB 507ms
72ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfbdf899233200dc6fd35e2e692722303b4c0a130bd17840cab718a0cc6727f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Nov 2021 07:01:32 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Wv66JRknCs0 Show response
www.youtube.com/embed/ Frame 9C0E 60 KB
25 KB 515ms
82ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Wv66JRknCs0?start=73

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

954905fd8a36ac5bcbd670c279777c29cc323e3c5001635091baae35aff1c6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Nov 2021 07:01:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 MWIHxdsgIe4 Show response
www.youtube.com/embed/ Frame C871 59 KB
25 KB 521ms
88ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2c873628dac7a4256f73d0e32e8338774649c296f7cf8c0660b1e35a7d609ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Nov 2021 07:01:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 GWbIicSNti8 Show response
www.youtube.com/embed/ Frame CED5 60 KB
26 KB 492ms
62ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GWbIicSNti8

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8820ea175029bc4576aa97d935dcbd9cc242231ba5950b14a78e41834e1d0fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Nov 2021 07:01:32 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 banner.png
mgoblog.com/sites/default/files/banner/ 508 KB
509 KB 55ms
55ms Image
image/png 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/sites/default/files/banner/banner.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

255a631d85aef03464f41508dd9ec095fc0e06ea143a39544897cc592bf4da76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502220
cf-polished: origSize=558058
content-length: 519973
accept-ranges: bytes
last-modified: Tue, 04 May 2021 20:03:46 GMT
server: cloudflare
etag: "883ea-5c18693678bb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo%2B%2FO%2FP3wdoa6xB9CZkCq61EKJVLRTWgt7ZjPPqc3U91ZDhSNIRDc9%2FylBAMJDxGiixnbeqD%2BiVWBhje%2FdgMe30PDK5JHB8k2fzm9nBOuA7X8ak4zhrlfBpvCzoAlYg6vuJejBsoAwAx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 18 Nov 2021 11:31:12 GMT
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fb5c694c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 userName.png
mgoblog.com/themes/mgoblog/images/ 217 B
603 B 60ms
60ms Image
image/png 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/userName.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cdefb6314d8a722453886c0368e52f4a7a8da60f52a7a764a339d5a3b073d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=15198
content-length: 217
accept-ranges: bytes
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: "3b5e-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nklrpUi3znGTNuq1x1xs0jZhMEEv9Xt4eMhlZdWIDr1dOZp%2FjqpU1PFHdPG69tveC7ypCE7ZCZnMh23yV%2FNLAu%2FPk5Jn8NN2pzcav6CEoFZoSOrmfFsv1xXJhChqdQ6IsealGvVylx9W"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Wed, 17 Nov 2021 06:18:46 GMT
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68fb5c6c4c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 password.png
mgoblog.com/themes/mgoblog/images/ 188 B
548 B 45ms
45ms Image
image/png 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/password.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2374c121665de61861a6172e64c12e28a0468c6a6c0799e8c3ad6662c00267

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=15135
content-length: 188
accept-ranges: bytes
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: "3b1f-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hROBks2nouWkcZaesMXD3JHm1a43VqyVLEql6lQJNntFCwfOFKaLFWeuJhCCyW5GKRWGAJeobn%2BSgCi57O0L57hcx4IzrXCDhriVQ3GkxdiYBwBKNqeU13yjY0V7oQMwgl2PvYN2qm7J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Wed, 17 Nov 2021 06:18:46 GMT
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68fb5c6d4c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-arrow-down.svg
mgoblog.com/themes/mgoblog/images/ 231 B
700 B 48ms
48ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/icon-arrow-down.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a935eee8aadbdffa9f0bada4e44532e303ff67554138ce1ca124c9a0e65db937

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590761
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"e7-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXk6j6X%2Bn0NCVhuCFTfQC1wdwm8z61FYw8zf9qtMYm8ynqVFGBVahQUCVFDWfwDvtewgP7beUhXG1Pg5SDbFbwxNIYvDd4iPtcuoMlLa%2FaFwNw0gurGWAXWd70GN0Op5mHUlFXrK61w%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node1.nexcess.net
cf-ray: 6abd68fb5c6e4c9e-AMS
expires: Wed, 17 Nov 2021 10:55:31 GMT

GET
H2 200 loupe.svg
mgoblog.com/core/misc/icons/505050/ 491 B
591 B 32ms
32ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/core/misc/icons/505050/loupe.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bf859d26d6a56c05f4506da579091faaf6a218e0dc12a221b63b4033100dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"1eb-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1fxQSQhFt%2FEhs3haPhASe0HpHZhFoTPm7bWoCRFNefm7KPImQub1kQ1XslyS69YKHPchoq5%2FPQ2Qf89v6q2g5Y4UL9Sc1ozkrsZG8Xl66QvGzK4cYODpTER1pKfTh9i8JeoXtB0LmPb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68fb5c714c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 411ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Slab|Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 91771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:01 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v16/ 12 KB
12 KB 416ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Slab|Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:59:08 GMT
x-content-type-options: nosniff
age: 460944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12488
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:59:08 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 417ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Slab|Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:43:50 GMT
x-content-type-options: nosniff
age: 451062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 01:43:50 GMT

GET
H2 200 Capture_2.JPG
mgoblog.com/sites/default/files/styles/850xn/public/2021-11/ 67 KB
68 KB 31ms
30ms Image
image/jpeg 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/sites/default/files/styles/850xn/public/2021-11/Capture_2.JPG?itok=MLG22iBd

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac956161b69562fd6e45a617913937ab16ae89ffc18eaba3a81d4526e0876d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40052
cf-polished: origSize=69420
content-length: 68818
accept-ranges: bytes
last-modified: Tue, 09 Nov 2021 19:42:15 GMT
server: cloudflare
etag: "10f2c-5d0604e70f81c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FARVIFEa1qgBplZYk38T%2Fzs%2F5DWHPfkfm5CmYKmB%2BDlM1%2FiuGZw9n4fAdrcTBqH4wZaGDOHpo%2BsP2PXwbDTS6xYc9SkycoB22u7gYNE4rqP%2B1CDWW3QKrJs1OTcZYU8hJC5eS3xVpYt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 23 Nov 2021 19:54:00 GMT
cache-control: max-age=1382400
x-hostname: wce005-node1.nexcess.net
cf-ray: 6abd68fbcd5f4c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 51029253918_229313a399_c.jpg
mgoblog.com/sites/default/files/styles/850xn/public/2021-11/ 77 KB
78 KB 40ms
39ms Image
image/jpeg 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/sites/default/files/styles/850xn/public/2021-11/51029253918_229313a399_c.jpg?itok=Mp9kcclS

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188a40d333a21785393b2a556370ca18f6edd3dd5ffa5b86281ceb7845e05158

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50468
cf-polished: origSize=79270
content-length: 78928
accept-ranges: bytes
last-modified: Tue, 09 Nov 2021 00:07:09 GMT
server: cloudflare
etag: "135a6-5d04fe3f5ab63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQeMyALgfLXdPMYgDO8yzgRMOPeWsMVUShfjUJs%2FCVCA%2Fj4cNSar6j6n6EL%2BxucddUUCD13hizPmNg7QareuKHF1%2BRs2vyZaqoVtpnzrGMnrmnLen5XfZQYCRFRvLJauVc1RUFQ65i7h"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 23 Nov 2021 17:00:24 GMT
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fbcd624c9e-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame CA5A 11 KB
5 KB 30ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 09 Nov 2021 20:41:10 GMT
expires: Tue, 23 Nov 2021 20:41:10 GMT
content-type: text/html; charset=UTF-8
etag: 4704609575283140419
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4891
x-xss-protection: 0
age: 37222
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/ 732 B
982 B 84ms
8ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3485707c2d30082b1f3723f9692ea0327c6034346c0271da892d73d5d2ce2f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Sep 2021 02:01:57 GMT
server: Akamai Image Manager
etag: "U3pl0/XCujlHacl+n45I4YfostqG/gKwMB9VmB+OaEg"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 732
expires: Wed, 10 Nov 2021 19:01:32 GMT

GET
H2 200 email-decode.min.js Show response
mgoblog.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:28:28 GMT
server: cloudflare
etag: W/"6185317c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reM7Q%2BVwzAo4Z4mSIgGhf5ZhFSfOdP9tASszywuX0E1ImcIdPoRQ7wc482UV9PIod0%2FVEA4QK5N8CgimLS%2FMNypwo0Tq%2FG2ny81OF1sbg2bJdP8fN3n%2F3HKce1JMSAAXGvTCp9y2Gkuc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6abd68fe1be44c9e-AMS
vary: Accept-Encoding
expires: Fri, 12 Nov 2021 07:01:32 GMT

GET
H2 200 jquery.min.js Show response
mgoblog.com/core/assets/vendor/jquery/ 87 KB
32 KB 40ms
38ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"15d84-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsH94zktT6xZbMSVr61Gy1zXrVFVmyJLGz39jdCHHRfgAwgDmMRy451I7BGbMsVJeJzWoJ5FqdTpq9vOUyFOCeVWaaP2Zlw%2BjxAdY4JPHLm%2FUDEBpXj5ucBT2G%2Bh6Qc56KKxkcSdD0E%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fe2bea4c9e-AMS
expires: Fri, 19 Nov 2021 19:41:08 GMT

GET
H2 200 jquery.once.min.js Show response
mgoblog.com/core/assets/vendor/jquery-once/ 908 B
803 B 37ms
35ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114932
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"38c-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oo73DOxUkwHDBGe9PV0%2F5WGq5t%2BjYL6QrWd3W4nqF%2BSC43okcnbHC7DaY5dqgJWA0i%2B9OVl6MtKCScJNq7nKhgYoUJz9SXawu8nvTQGIHkt33LS9huxwf9by4YrCuEdYA8BgPhzQ8kI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fe2bee4c9e-AMS
expires: Mon, 22 Nov 2021 23:06:00 GMT

GET
H2 200 drupalSettingsLoader.js Show response
mgoblog.com/core/misc/ 347 B
511 B 47ms
45ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/misc/drupalSettingsLoader.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acf6e6c9052449f71763158aa2eb5e0a89dee411fc365ad62c6aacd054b13b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545059
cf-polished: origSize=519
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"207-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf3H6YHCOtrXPRkPVcWPWlwYUzHcUJHEYONcnGQrJ2%2BauCU0W%2BHiTjsQDG%2FPPbp5Y%2BxO0sqa4PXVz%2BSZrZ91EesrX%2BS0Y7YKgS5kcpS0I%2FGfYb46TZLeeS9SbJAypzRuZUVqkPskP9IW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2bf24c9e-AMS
expires: Wed, 17 Nov 2021 23:37:13 GMT

GET
H2 200 drupal.js Show response
mgoblog.com/core/misc/ 5 KB
2 KB 40ms
38ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/misc/drupal.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c6d86a0598b9d7bb5976fb4d51bd5f952a9a94f1e140a8c04a8c4d1b416523

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576191
cf-polished: origSize=6312
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"18a8-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn74fA3OaeR%2FNmqFPoRO6g6ueJYz2voO9aSAnnynp4orzsVGe2MWXIjVzFVK1y4tiK19XjnQL4%2BAtjMoxu%2B1VMQuf1ac1plnNr3J8APWwcRjJHUnoDq8vS5ngaoI5HrnDVnP5ey2jcd3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fe2bf84c9e-AMS
expires: Wed, 17 Nov 2021 14:58:21 GMT

GET
H2 200 drupal.init.js Show response
mgoblog.com/core/misc/ 475 B
669 B 41ms
39ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/misc/drupal.init.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63acd693106a270f63ee76fb95839b3e920b1df3627aa5ec6c2b89b653ede031

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576191
cf-polished: origSize=727
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"2d7-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHRrXnLadvgs1zbXDcJizvrQqUnJLs4JH%2FFIRYMYceyqxR7fXaHXLBD5Q58RIdVNYLbK56ISU%2BhZtK1nTOvfJyAabiFK5k6xbWDnWYeYgdaoOMxgni%2FCxpMS3yCjmcBk6apzUhIdFpry"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd68fe2bfa4c9e-AMS
expires: Wed, 17 Nov 2021 14:58:21 GMT

GET
H2 200 google_analytics.js Show response
mgoblog.com/modules/contrib/google_analytics/js/ 3 KB
1 KB 50ms
47ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/google_analytics/js/google_analytics.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6f0609e0f4e9792fc7d85ca4f85bac17377d3851f3b61de7f637ac814e785f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23114
cf-polished: origSize=6531
cf-bgj: minify
last-modified: Thu, 04 Jun 2020 18:24:59 GMT
server: cloudflare
etag: W/"1983-5a746431bd4c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsyQAH3s91n%2BiZPWwZoDIRUiUqyx%2F5thAAsyO2gmbdDjvcLb5ZFTln8yW75BgQiQ00gxGWzAtbrCEkZD4OEGtr5OUYN9NacnEF%2BI%2FAZfSm9p2UiF1YzOb737etk03vWcR5LHw0vBKTHQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node2.nexcess.net
cf-ray: 6abd68fe2bfd4c9e-AMS
expires: Wed, 24 Nov 2021 00:36:18 GMT

GET
H2 200 serviceworker-load.js Show response
mgoblog.com/modules/contrib/pwa/js/ 493 B
587 B 49ms
47ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/pwa/js/serviceworker-load.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9a65135f0a698d2df2308a0e7a51c29b3dbd26b3835cd515b6fe3dac0ad5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
cf-polished: origSize=592
cf-bgj: minify
last-modified: Wed, 24 Feb 2021 21:25:21 GMT
server: cloudflare
etag: W/"250-5bc1bac18d240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bw3XEBciWfHWlAEdiBVghg6YaK5gqt1OLXooOFGqzsgqF2lAZq6zG8q43fRQANwhdYVI2Gtffehw%2BxmwO4f07mw9svVdmv3Tkv0U0b57QRGhimzLw967WiJC4YIfUJRmsD9Bz2IyGfvd"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c004c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 stickynav.js Show response
mgoblog.com/modules/contrib/stickynav/js/ 1 KB
810 B 35ms
33ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/stickynav/js/stickynav.js?v=1.x

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6150a014f0a0cb24dfd9ba38a600750c79499567528d929f3880d0226b38ca2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
cf-polished: origSize=1947
cf-bgj: minify
last-modified: Tue, 17 Jan 2017 16:26:32 GMT
server: cloudflare
etag: W/"79b-5464cc352de00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjt%2BzWgLGzus2EaDrOgC%2B9tFXcHSaRRye6GR7%2FWgQZ5SoaVTsFwd5jLEeU86pVNiA6uTN5jiPlBqacEhlmgq5z8hCwviG7UFBxCMflqDPsrQg7kpBeZ5IAHDqfVGo59BJZdqFg9Zu2lz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c044c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 progress.js Show response
mgoblog.com/core/misc/ 2 KB
1 KB 48ms
46ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/misc/progress.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

097e190f905b50aa8f3ea6f4dd3e738f277cc9e7c51afd4cbb095c0412178e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040166
cf-polished: origSize=2885
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"b45-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypgTOJJlCYFvhTyBea%2B4MUFxv%2Bgo6LJmFsyfBWDH54cqV%2F7u8RBtwxvVwVW1EksJNTfW%2FLBA6xixhIzmzW5nxppU%2B%2FCzaE2II2KPeXtOE8D2D%2FoaceEOzsIVzk%2FatLmYf8l1S6VC%2BETg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node2.nexcess.net
cf-ray: 6abd68fe2c094c9e-AMS
expires: Fri, 12 Nov 2021 06:05:26 GMT

GET
H2 200 responsive_image.ajax.js Show response
mgoblog.com/core/modules/responsive_image/js/ 140 B
448 B 40ms
39ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/modules/responsive_image/js/responsive_image.ajax.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46045b1fc8ffe6e7956d5702756c6f221b772ef2f55cc38a0ab4f82246088d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386424
cf-polished: origSize=328
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"148-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELjUdyZpLimRHTdl8pEGrF7JOXTbl3LerXS7t0ie%2FFsLO5A4h6ryo5fK0JsdnCM2btYd0tQWY%2FFQz7MbBxj1Tw4DmzKg%2FGzQeZ0YB5DtXJJgZ%2F2qsUNpIa36sJG9T4aqtzWkNm0I08eS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node3.nexcess.net
cf-ray: 6abd68fe2c0b4c9e-AMS
expires: Fri, 19 Nov 2021 19:41:08 GMT

GET
H2 200 ajax.js Show response
mgoblog.com/core/misc/ 16 KB
5 KB 71ms
70ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/misc/ajax.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e6c2852a2b9bf6e4c2fe1aa7324a8151d1f3e57fbbf91d4a4af78f75b79a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607367
cf-polished: origSize=20874
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"518a-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfyGW1DM3buFm58lhboMLDiUC3t1NYpALGITES3eVTauQFOzhQhPmRNDjTpijhd2AiyRWZ6CUv%2FW4D%2BZG%2FqzNm5iRQMpo2BnAxPdRmvpEXif0sIEaZgUUQ2MasqJmddLTBOZ0%2BESvCn7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c0d4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 ajax.js Show response
mgoblog.com/core/themes/stable/js/ 139 B
465 B 39ms
38ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/themes/stable/js/ajax.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

699b894b492ff5eb5b20d3c55dd2d61810fff7cf7722c98e8dd5998cef4da77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=297
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"129-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TJE07vxDl6K0Qxmz5elV4m7lgZdnCLre3xi6vI4UczX%2B1ugDNn9D8SsizoWcIFQ%2FY1jOEQg4J2Edvlazodv%2BNKa1MEysamQzuO5pLh8uLU4VVry%2FlVA5FNhB2tkwFeHXm9dW8fRGuNh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c0f4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 image-replace.js Show response
mgoblog.com/themes/mgoblog/js/ 349 B
536 B 37ms
36ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/js/image-replace.js?v=1.x

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ea4d6bb72cd78fc487a86a2ba279ef0c4674a2d624a8ef572e07db8b1331e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=525
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"20d-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmCdmMMQydrhyj%2BSS9Bnhhw8aBsrUsAzsVIwPIYuwOP8%2FuPxzG3LmR5MlcOd2KORiRv3jT71ELgOXcJ4a7OtDcdeRe0KRP3UGemuqU0m%2BjYDGlcGexC6HowmKcPi4wkrLOCaNjDcMpzC"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c104c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 global.js Show response
mgoblog.com/themes/mgoblog/js/ 2 KB
1 KB 36ms
36ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/js/global.js?v=1.3

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b7da4e010fabb7a045234373acca846cdca24219b62065f732a6d1873c99420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=3376
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"d30-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OzCcog3qTFCUKxCwd7FAUgmwWq9D4CEPgD4pKM%2FcijhdYLUhhCJoq2YX1HYMNTH6XFvZXU6tqUlbkMMCrqDFIEvGHkOg1%2FPTOJbATfkLbmwgRrG2NaF8R5HcaV9NfHlXUOrwcOdr37g"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c114c9e-AMS
expires: Wed, 17 Nov 2021 06:18:45 GMT

GET
H2 200 app-prompt.js Show response
mgoblog.com/themes/mgoblog/js/ 995 B
724 B 44ms
44ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/js/app-prompt.js?v=1.3

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c10ea2506ecf91f01f6f3e5f4fe6a68fb90bc3380571880df7b4912a9ed339ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=1611
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"64b-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWtMFnzz1KD4ptqAnXiaNFD5zyHG7ra6yagpqNm%2BTsw%2BIFmVZdBsdJ0TBByY65fjN3evbrtGj5lB%2FRz427sVp2YuQw%2FNnIyzjhCrTaG90JOQMWjBo4N3XwGclIpQo7Nj9%2F5%2FH%2FC7PiRM"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c124c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 breakpointsLoader.js Show response
mgoblog.com/modules/contrib/theme_breakpoints_js/js/ 1 KB
925 B 46ms
46ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/theme_breakpoints_js/js/breakpointsLoader.js?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907dd216d1a0a6dc5d1bd62166c5db67ccc09156bfd1f6dc4ff0db0326a5e17b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=2310
cf-bgj: minify
last-modified: Fri, 30 Apr 2021 18:02:31 GMT
server: cloudflare
etag: W/"906-5c1346a64bbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9LxYNBjlNdwbRZ5LKlQe1yFW9fj2a3Im%2B8tyqgc1g7v510t0tvDDrsGYdRWAYXCIUaZ4n5Ks25K%2Bj5olLGivdhSyp1gPIad2iKFdttlGu6fywfqwcnaG2uTTzwaZWkoBXWUj9P6qqI5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c134c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 responsive-menu.js Show response
mgoblog.com/themes/mgoblog/js/ 708 B
756 B 50ms
50ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/themes/mgoblog/js/responsive-menu.js?v=1.x

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb5210465d4f21bd46515f76d1dcf6333a2fce5b22cb584aa091aff4f87fb8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=2468
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"9a4-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhzNI7wJg%2FljmIABZTurMT6YEtfnZ6hqLgYxGWaui3jpVi8mi%2BhdFwB9ePGlTCGZlUv%2FxScRnzA%2FSV7e6QtQ1j2dPBBU3M03PfZhzNMGpkb0pE4ZFNWuzuhOeke7qQQUX%2F%2FaZ4VyKmUc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c144c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 statistics.js Show response
mgoblog.com/core/modules/statistics/ 204 B
469 B 51ms
50ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/modules/statistics/statistics.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

245e8877d33219e1dc65fb4d71476716545cdca2c9d3070519abde35653a43c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=401
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"191-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6xkBGDz2wJNXFcPXE6QxV4X13bwRW17wR%2FDWkGrJ69YW7Qq%2F5nAJk%2BfP%2BHfsTJlF52K7cpN2cgjix3kOAPxg0VoKe6S2f0sLa%2FxazIZmBQCqCzHcZZJIwOzWJo4Ugs0AnmAOdWTzXj9"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c154c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 jquery.form.min.js Show response
mgoblog.com/core/assets/vendor/jquery-form/ 17 KB
7 KB 42ms
41ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/assets/vendor/jquery-form/jquery.form.min.js?v=4.22

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612608
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"42d4-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5fxde2Bidt1qqLUWS%2FOO43XnG5t8P08Y3ZS%2Fn6kedA8L7sIEDFvhm69UA3pU%2BgOat9TylqPqk92YC%2FWRGkSqIMwHMfn2f2pUeX6xdW7z%2FYDGKkHYbriswNIxfa94wNPFx5pqnr2L3to"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c164c9e-AMS
expires: Wed, 17 Nov 2021 04:51:24 GMT

GET
H2 200 base.js Show response
mgoblog.com/core/modules/views/js/ 1 KB
922 B 42ms
41ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/modules/views/js/base.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9904e70ffda4b6e743bddbd993e8cb2447680cca2d0018145b4c29d48dc475

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
cf-polished: origSize=1915
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"77b-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WdGBl6Wb6cQn8KuGC4LMsSTP2Bt3r83ZrFJ48EZBGqUF46VgXELsRVEgO6XUn2rw1%2Bz0Us8QoLQRTytyxVNOD2KxC9we55n%2F3URjQT%2FQ99NruPit%2F2H5z0SXduCV1fpGK2F2Qc0qM5%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c174c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
H2 200 ajax_view.js Show response
mgoblog.com/core/modules/views/js/ 3 KB
2 KB 42ms
42ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/core/modules/views/js/ajax_view.js?v=8.9.19

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b9cee9628def9613279a5acba3506af5bc0e4a623082fe939a8310dfaed98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607365
cf-polished: origSize=4325
cf-bgj: minify
last-modified: Tue, 14 Sep 2021 22:08:18 GMT
server: cloudflare
etag: W/"10e5-5cbfbd1a47880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRDaTxHGZ6OGma%2F6f6te%2FdbkJLKP5OwvuOwpGm8%2BXdNT39KmJU84NhLutu8X2PBX4YUv6Mc73kYkZsjG%2Fory5eR44rl9P1KK3LFeLKUPRYqDk6IDhN35lYfrLnbtYqqvcT2ru7mlKz1e"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c1a4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:47 GMT

GET
H2 200 google_cse.js Show response
mgoblog.com/modules/contrib/google_cse/js/ 1 KB
972 B 36ms
36ms Script
text/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblog.com/modules/contrib/google_cse/js/google_cse.js?qzt7ar

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec3484a4d8cee9e3a25bbf0a928b448dd1ee37d383acbe6d3e0c40da5f4d6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607365
cf-polished: origSize=1882
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 00:07:52 GMT
server: cloudflare
etag: W/"75a-5cc8a4e22a600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u7AvpSHV9J8RNM%2BYjtPIaaDtCmEV89BN5PWfyMctn7BgLfusXf5vZU5sT2FMXOZw1CTDx92sOT3KHdXceeupIxirYyXlGg3%2BlBdsQXMPHfguQGAaXRsny1LE17kXHCy2EGeTzJxvlIs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1382400
x-hostname: wce005-node4.nexcess.net
cf-ray: 6abd68fe2c1b4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:47 GMT

GET
H/1.1 200
OK 186905-129106728116453.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 54ms
7ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/mgoblog/didna_config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 06:26:50 GMT
Server: Apache
ETag: "da32c0-930b-5d0694fa6fa47"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12789
Expires: Wed, 10 Nov 2021 07:29:55 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 177 KB
37 KB 386ms
189ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/mgoblog/didna_config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 690903bae11a2af6ea94866f53d1bf6c9cfd2777ba5596b034eb0769911e0108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Nov 2021 18:04:16 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2c2ee-17d00b8e401"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 bg-sidebar-block-header.svg
mgoblog.com/themes/mgoblog/images/ 1 KB
793 B 38ms
38ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/bg-sidebar-block-header.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d35e6c9b69a08635d2f1d59dd3067233a78f8b12d6cdf0842bd9987c105e3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607366
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"4d1-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puBYwBYQGXYOcSzsQGsBBVKr4tuJa1XzVNNXhk5noNWTE%2BX3GBtW63JC%2BsIxPTS51PEbaCCgfcDUy6Q0IJ8CQOiT4z%2BP80lu4ajTGOjKodgMEUef3o63MS1oecCt7g92RWKQZIlX4apt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68fe4c5d4c9e-AMS
expires: Wed, 17 Nov 2021 06:18:46 GMT

GET
BLOB 200
OK 1c4febfe-1ed4-4ecd-b9b1-c747d4e59c11
https://mgoblog.com/ 564 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mgoblog.com/1c4febfe-1ed4-4ecd-b9b1-c747d4e59c11
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 564
Content-Type: text/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1183019268&t=pageview&_s=1&dl=https%3A%2F%2Fmgoblog.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20mgoblog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=995874537&gjid=1735857973&cid=1133490413.1636527693&tid=UA-1674851-3&_gid=126717603.1636527693&_r=1&_slc=1&z=1057111140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021110801.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 15ms
14ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118396
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 85 B
101 B 32ms
15ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

dbcf46a83e31510775e2c6d4503aba604fe1c1b9ad585c5f1876b9104a4f5324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:32 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 334ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6443821882109054&plah=mgoblog.com&bust=31063682

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f18dfd43166392d53482502d316b91e27215abe16343b0dbc17110becf467d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 7939618294436661980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 07:01:32 GMT

GET
H2 200 Icon_Facebook.svg
mgoblog.com/themes/mgoblog/images/ 676 B
739 B 32ms
31ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/Icon_Facebook.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5cfacb3b4ea427e6d603c9c2b11b3d109795f58781ed8691f1c71ca05f362c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23112
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"2a4-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D18u9HT6U8EhDvlGgld4eIi1BMS52l%2FlQtD5uKpGYh8OHMbgS3zYRXqXxNzM49fijg5PscmNm6Nw48yAbV60D90YgrG651atlVGLi2dW5Biu7NNNwTvxt7frC2i8E6rKWkIPXmqAe1Yu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node2.nexcess.net
cf-ray: 6abd68ff6f8f4c9e-AMS
expires: Wed, 24 Nov 2021 00:36:19 GMT

GET
H2 200 Icon_Instagram.svg
mgoblog.com/themes/mgoblog/images/ 479 KB
351 KB 39ms
38ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/Icon_Instagram.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c84b265cade423a8f4233359400ace1df0a64f5faccf4b5ab81879ebc8262fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 599715
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"77dd8-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuXF3T2DuHBVMakhbmX%2Bgde8%2BQn879zqvtO8wiXBKvEMl6zHqURtwDWnv8hIIf7aodi3W8LnIatAxi6YotHiOsUqUoP8GWoZ5DA3GbKqmfQo%2BGL10lzeXzCUm1QJoT7QLj69f0aMu7R6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node1.nexcess.net
cf-ray: 6abd68ff6f954c9e-AMS
expires: Wed, 17 Nov 2021 08:26:17 GMT

GET
H2 200 Icon_Twitter.svg
mgoblog.com/themes/mgoblog/images/ 1 KB
885 B 33ms
32ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblog.com/themes/mgoblog/images/Icon_Twitter.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d934f6adb606df6ddacb370755f885481c0b16305411f53000be5be6354a7999

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/themes/mgoblog/css/components.css?qzt7ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607365
last-modified: Wed, 22 Sep 2021 00:06:25 GMT
server: cloudflare
etag: W/"4a6-5cc8a48f32240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0iJO5INBqFzxyIYE55gYldqfYqgGdIGTNWOPPuWWIOfhZ4TLRC5v3UIy1xipcFKZba9hU6zbUW4DyUeKkq7FG1aqo22kRVbPi7Ucp%2FZ9yFNzyraCUIRzDTXmxmn2G6JlEXRDJ6A6QqG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1382400
x-hostname: wce005-node5.nexcess.net
cf-ray: 6abd68ff6f984c9e-AMS
expires: Wed, 17 Nov 2021 06:18:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
42 KB 46ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6T7VWN

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/sites/default/files/google_tag/primary/google_tag.script.js?qzt7ar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9bd4128e822496937128e5ad4bdcf1014f675926e53d7d721a968caf5607ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42194
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Nov 2021 07:01:32 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame CED5 335 KB
46 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47115
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 05:51:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame CED5 209 KB
69 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70045
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 06:08:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame CED5 2 MB
516 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 527841
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame CED5 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame 7DF7 335 KB
46 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47115
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 05:51:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame 7DF7 209 KB
68 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70045
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 06:08:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 7DF7 2 MB
516 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 527841
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame 7DF7 8 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame D0FC 335 KB
46 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47115
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 05:51:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame D0FC 209 KB
68 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70045
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 06:08:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame D0FC 2 MB
516 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 527841
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame D0FC 8 KB
3 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame 9C0E 335 KB
46 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47115
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 05:51:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame 9C0E 209 KB
68 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70045
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 06:08:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 9C0E 2 MB
516 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 527841
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame 9C0E 8 KB
3 KB 66ms
63ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame C871 335 KB
46 KB 68ms
64ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47115
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 05:51:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame C871 209 KB
68 KB 82ms
76ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70045
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Nov 2022 06:08:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame C871 2 MB
516 KB 95ms
86ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 527841
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame C871 8 KB
3 KB 97ms
88ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
325 B 55ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
541 B 118ms
30ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186905
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: a4d3fc39b76cc98198baedcedba07eed77c41f289e81ab5fa721bfe2a6746301

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 07:01:32 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 10 Dec 2021 07:01:32 GMT

POST
H2 200 statistics.php Show response
mgoblog.com/core/modules/statistics/ 0
505 B 549ms
544ms XHR
text/html 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgoblog.com/core/modules/statistics/statistics.php
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://mgoblog.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liPUhhqbXqxu8%2FRsLe4KLpVMEROHYMbgYM4Cme5aYwvzouONTNhzSPCfatmAAnKbiss0vYS1mc%2B8tOp%2BmAMHtmCZjWy4EFuR6XLC%2FhDWnRImlIXbYedidJcbej0HYtC%2FhPq2KFaa4EDN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-hostname: wce005-node6.nexcess.net
cf-ray: 6abd690019784c9e-AMS

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CED5 15 KB
15 KB 15ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:18:33 GMT
x-content-type-options: nosniff
age: 441779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 04:18:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7DF7 15 KB
15 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:18:33 GMT
x-content-type-options: nosniff
age: 441779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 04:18:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D0FC 15 KB
15 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:18:33 GMT
x-content-type-options: nosniff
age: 441779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 04:18:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C0E 15 KB
15 KB 14ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:18:33 GMT
x-content-type-options: nosniff
age: 441779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 04:18:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C871 15 KB
15 KB 19ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:18:33 GMT
x-content-type-options: nosniff
age: 441779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 04:18:33 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CED5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
238 B

39ms
38ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8269127ed5a71fe4453ecdde15773c8b5f755a8df283e395a3f1514298382a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CED5 29 B
587 B 28ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:00 GMT
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7DF7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

39ms
38ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7032e5d1f7f40322b9127915b128179232122c70251337c1e5ba73be14b27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7DF7 29 B
89 B 308ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:00 GMT
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D0FC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

198ms
198ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ed87096c1c2b14a5924c310e98c7aea5b2831fc4b62d552ff20e25a78c6be03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D0FC 29 B
89 B 274ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:00 GMT
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
426 B 33ms
9ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fmgoblog.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:33 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://mgoblog.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Wed, 10 Nov 2021 07:01:33 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9C0E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

198ms
197ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f80c6ccd2454d0251dd06d2bc455783ae40baeb2d1c1efd27267811b7c2c497a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9C0E 29 B
89 B 175ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:00 GMT
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:00 GMT

GET
BLOB 200
OK b9100d27-8da5-4131-bf44-b049cad9428b Show response
https://mgoblog.com/ 197 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mgoblog.com/b9100d27-8da5-4131-bf44-b049cad9428b
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/mgoblog/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cd43dc68c1717f0fff875ff9cc42db5d94c04a3179d87f4b34a181a7968cb84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 201779
Content-Type: text/javascript

GET
H2 200 didna_prebid.js.gz Show response
storage.googleapis.com/didna-prod/latest/ 450 KB
135 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/mgoblog/didna_config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d1e67632e15525fd9b02d2502dc8c295c413fede875ca418bf51208ab4984e36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:14:44 GMT
content-encoding: gzip
age: 2809
x-guploader-uploadid: ADPycdsPsJNvGz7g8ZLOxsbX1sRPLVgx9OnmCrElVaG6zH6Y3ZnhtAGQegAJ85JyZ4anrQAJ-AvgkzXDOYFFN8jdRws
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138168
last-modified: Tue, 26 Oct 2021 13:54:05 GMT
server: UploadServer
etag: "4080c5942f9436fe4505e9d38b1383c5"
vary: Accept-Encoding
x-goog-hash: crc32c=iZrVxQ==, md5=QIDFlC+UNv5FBenTixODxQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1635256445229364
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=172800
x-goog-stored-content-length: 138168
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 12 Nov 2021 06:14:44 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 32ms
10ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6T7VWN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
content-encoding: gzip
etag: "4zy+3zXYb8Q7og5Af8HrBg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 17 Nov 2021 07:01:33 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame CED5 94 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:07 GMT

GET
H2 200 kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js Show response
www.google.com/js/th/ Frame CED5 35 KB
14 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 05:08:29 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame CED5 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:57 GMT

GET
DATA 200
OK truncated
/ Frame CED5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQfpphG_uti7SNTI27DLhQBtML6N9K6uFfsF6xomw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CED5 3 KB
3 KB 33ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQfpphG_uti7SNTI27DLhQBtML6N9K6uFfsF6xomw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

39a03c41019be6ab31b43465686c8c7bcc2e25ba542fc23db5e4ff43b34a11ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:45:52 GMT
x-content-type-options: nosniff
age: 8141
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3016
x-xss-protection: 0
server: fife
etag: "v164"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Oct 2021 11:21:39 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/GWbIicSNti8/ Frame CED5 42 KB
43 KB 46ms
18ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/GWbIicSNti8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWbIicSNti8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829ba3f4985c1ba834b096152b6f456e486ae2f4f15af23daea835e822646140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43308
x-xss-protection: 0
server: sffe
etag: "1625879129"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Nov 2021 09:01:33 GMT

POST
H2 200 Create Show response
waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7DF7 44 KB
21 KB 23ms
22ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a84bb8ebac42d14ad70c3f4adec9416db965b7bab2e0cb1469ca43befec4818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyBydTmf06EmN2pis9ljY6qe2XY0Rn8uK0k
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 21619
x-xss-protection: 0

GET
H2 200 remote.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 7DF7 94 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:07 GMT

GET
H2 200 kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js Show response
www.google.com/js/th/ Frame 7DF7 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 05:08:29 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 7DF7 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:57 GMT

GET
DATA 200
OK truncated
/ Frame 7DF7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQBCPNvN7ZUUtn3VTcXflCKR7EZ-wbyUKsljaag=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7DF7 5 KB
5 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQBCPNvN7ZUUtn3VTcXflCKR7EZ-wbyUKsljaag=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

abfbc3ab305d79e69ff0920c1d1b51a8692574fc6b2b6005993944f3922b5e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:09:34 GMT
x-content-type-options: nosniff
age: 13919
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5123
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Oct 2021 10:52:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/7F3O_WLSdlQ/ Frame 7DF7 62 KB
62 KB 317ms
16ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7F3O_WLSdlQ/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095878e900d735c7c317a1fd8a0b2c1dc1b7508d26c1174cddf1a7331466e59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63001
x-xss-protection: 0
server: sffe
etag: "1609470826"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Nov 2021 09:01:33 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame D0FC 94 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:07 GMT

GET
H2 200 kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js Show response
www.google.com/js/th/ Frame D0FC 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 05:08:29 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame D0FC 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:57 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 893ms
103ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 10 Nov 2021 07:01:34 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 7D78 178 KB
58 KB 788ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 19:14:10 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2c888-5cfd3192c4545"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=147296
accept-ranges: bytes
content-type: text/javascript
content-length: 58379
expires: Thu, 11 Nov 2021 23:56:30 GMT

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame ABA1 32 KB
10 KB 870ms
97ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

bd1ad32b9c7af02743811430a905944da6f769b55d381e623ba1bb2d068d2ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 17:42:04 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6189616c-7e48"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 11 Nov 2021 07:01:34 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame 230B 33 KB
10 KB 952ms
189ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

da94cb8971fd481b52eb5c4b4afa790332f6050737ad7e2f2869e7167ca69300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 17:42:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6189616d-822e"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 404 pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame AB31 0
0 1131ms
383ms Script
text/html 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 3 KB
2 KB 290ms
99ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fmgoblog.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 33811d3920ada1f3a8100fc7021b7b9dbecebb18b8e9440d7823ad4fa008bad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:33 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"a11-uQ3oUgGWZj11iBwiydED+lviszM"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ Frame D0FC 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQBCPNvN7ZUUtn3VTcXflCKR7EZ-wbyUKsljaag=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D0FC 5 KB
5 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQBCPNvN7ZUUtn3VTcXflCKR7EZ-wbyUKsljaag=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

abfbc3ab305d79e69ff0920c1d1b51a8692574fc6b2b6005993944f3922b5e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:09:34 GMT
x-content-type-options: nosniff
age: 13919
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5123
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Oct 2021 10:52:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/7F3O_WLSdlQ/ Frame D0FC 62 KB
62 KB 178ms
25ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7F3O_WLSdlQ/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095878e900d735c7c317a1fd8a0b2c1dc1b7508d26c1174cddf1a7331466e59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63001
x-xss-protection: 0
server: sffe
etag: "1609470826"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Nov 2021 09:01:33 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 9C0E 94 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:07 GMT

GET
H2 200 kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js Show response
www.google.com/js/th/ Frame 9C0E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 05:08:29 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 9C0E 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:57 GMT

GET
DATA 200
OK truncated
/ Frame 9C0E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQBCPNvN7ZUUtn3VTcXflCKR7EZ-wbyUKsljaag=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9C0E 5 KB
5 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQBCPNvN7ZUUtn3VTcXflCKR7EZ-wbyUKsljaag=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

abfbc3ab305d79e69ff0920c1d1b51a8692574fc6b2b6005993944f3922b5e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:09:34 GMT
x-content-type-options: nosniff
age: 13919
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5123
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Oct 2021 10:52:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Wv66JRknCs0/ Frame 9C0E 58 KB
58 KB 75ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Wv66JRknCs0/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2dcfeee444dfdae64606429e505a097f75cd2bafff13675244f9433c237bd4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:33 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59282
x-xss-protection: 0
server: sffe
etag: "1611110891"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Nov 2021 09:01:33 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 7D78 485 KB
149 KB 821ms
192ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ff38c9f9280745aa6232e9a58a960316eee5a9291fc2525626f42e31f35c31a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 17:27:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61895dea-794e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 11 Nov 2021 07:01:34 GMT

OPTIONS
H2 200 Create
waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 958ms
13ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 10 Nov 2021 07:01:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C871
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

64ms
63ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c36daff17decee6cc55b18090a2d45fc46d04a1cbe8de070613235b098ef6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C871 29 B
92 B 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:00 GMT
x-content-type-options: nosniff
age: 214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
406 B 16ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mgoblog.com&callback=_gfp_s_&client=ca-pub-6443821882109054

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6443821882109054&plah=mgoblog.com&bust=31063682

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

25df4e71c1ba7118993319e5f62d3ab84db7629efc616744791d6de935a26fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mgoblog.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mgoblog.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB30 135 KB
44 KB 446ms
445ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&h=600&slotname=5906251774&adk=2132498600&adf=424694094&pi=t.ma~as.5906251774&w=284&fwrn=4&fwrnh=100&lmt=1636527611&rafmt=1&psa=0&format=284x600&url=https%3A%2F%2Fmgoblog.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692640&bpp=5&bdt=805&idt=1747&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=5305611325941&frm=20&pv=2&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1036&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ciXTz0Y0B&p=https%3A//mgoblog.com&dtd=1764

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a4b341f48bc5d7de363f8876d99bf437891a73fb4ffa8d87713b7c3a42fdf1a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjmkt-cjfQCFVSVdwod0hgPLg&gqi=Tm6LYZzCG5nC3gPp-ZLoAQ&layout=/sadbundle/%24csp%253Der3%24/14542787635067781911/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COjmkt-cjfQCFVSVdwod0hgPLg&gqi=Tm6LYZzCG5nC3gPp-ZLoAQ&layout=/sadbundle/%24csp%253Der3%24/14542787635067781911/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Nov 2021 07:01:34 GMT
server: cafe
content-length: 44273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: private

GET
H2 200 remote.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame C871 94 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:07 GMT

GET
H2 200 kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js Show response
www.google.com/js/th/ Frame C871 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 05:08:29 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame C871 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:57 GMT

GET
DATA 200
OK truncated
/ Frame C871 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRNeuBDNvDf7JD8uLKKdqbZYuBv5KXvRs4_HOESQg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C871 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRNeuBDNvDf7JD8uLKKdqbZYuBv5KXvRs4_HOESQg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

906a861a9827873b650724fe0da3cee95c0cc80782945e8eee767d81f64e22ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 05:07:29 GMT
x-content-type-options: nosniff
age: 6845
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
server: fife
etag: "v23a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Oct 2021 11:17:36 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/MWIHxdsgIe4/ Frame C871 55 KB
55 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MWIHxdsgIe4/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MWIHxdsgIe4?start=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecea4d66f76405fa29138e166b2662ee8539923541af98e8ff7bc6ef48575350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56515
x-xss-protection: 0
server: sffe
etag: "1613333698"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Nov 2021 09:01:34 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C73 0
169 B 19ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&adk=1812271804&adf=3025194257&lmt=1636527611&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmgoblog.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692702&bpp=8&bdt=868&idt=1803&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=284x600&nras=1&correlator=5305611325941&frm=20&pv=1&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1810

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 10 Nov 2021 07:01:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: private

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 526ms
174ms Script
text/plain 52.74.177.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.177.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-177-52.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 565ms
224ms Script
application/javascript 44.227.231.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fmgoblog.com%2F&ref=
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.227.231.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-227-231-197.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 884fe66ed865d9d200e4154bc3127838befef1bdefce8d544c2834f874693261

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
server: nginx/1.18.0
content-length: 3252
content-type: application/javascript

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ 202 KB
37 KB 28ms
6ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by: Host: mgoblog.com
URL: blob:https://mgoblog.com/b9100d27-8da5-4131-bf44-b049cad9428b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 205d4039067e9b57d1c8ea2343b86082430d45c5f0e02d151c5d1f20ab53c699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:34 GMT
Content-Encoding: gzip
Age: 3407
X-Cache: HIT
Connection: keep-alive
Content-Length: 37079
x-amz-id-2: S1/1HU16hsHsEt+bGQQionlh03XL3wY1hxkvEcwEjkzaZqkfGGvAw5fLNHfKbZg8Ya1/AUHmz0w=
X-Served-By: cache-fra19179-FRA
Last-Modified: Wed, 10 Nov 2021 05:06:13 GMT
Server: AmazonS3
X-Timer: S1636527695.612173,VS0,VE0
ETag: "d62fe092e1aac0e77da012081ec4536a"
x-amz-request-id: XVTJ6QKFBW837FMS
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 21

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 174 KB
56 KB 7ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: mgoblog.com
URL: blob:https://mgoblog.com/b9100d27-8da5-4131-bf44-b049cad9428b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 19:58:31 GMT
server: Apache/2.2.15 (CentOS)
etag: "1520db4-2b82d-5c4d365f5b665"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=153415
accept-ranges: bytes
content-type: text/javascript
content-length: 56867
expires: Fri, 12 Nov 2021 01:38:29 GMT

GET
H2 200 rules-p-33ZHC8m4FZBrE.js Show response
rules.quantcount.com/ 3 B
439 B 39ms
8ms Script
application/javascript 2600:9000:211e:7000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-33ZHC8m4FZBrE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:50:06 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
age: 11750
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:46 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: MkYxy0mCtC8O6f0ZHJqiFh4mfLZ98BF9kZx4Lo-CMayd7qUXEGf40g==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
962 B 74ms
22ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
content-type: application/javascript
x-amz-request-id: txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2: txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified: Mon, 18 Oct 2021 08:01:51 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kf0U0W8yK0K5LdrmNWLsojcHpxT2fCBVqEehp2Fhtrkkod2e%2BNhHX%2FW1KjiDZmjXEFNpujdZZ14Enzir46WwhwMkpfrzVMnPJ3kINYXTVkBkEd9Q%2FCZ64L9gHC51i3wT88udAqztneV5JGBj"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1634544111259554
cache-control: public, max-age=1800
cf-ray: 6abd690c294a0c71-AMS
expires: Wed, 10 Nov 2021 07:31:34 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 130ms
85ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
237 B 422ms
248ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 164
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 144ms
126ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d79a9b7c39a97f00c5451713eced639f31fac2d9edeab75e233e30ac5a42962a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:34 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 115ea92b-b15f-41eb-be8a-312f0d898e59
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 119ms
73ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a5bea68a09f8962f288fb0e92890a175448463c2b10e70594d1f38a1625d449a

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
289 B 116ms
70ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d45d4400f1&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c8e5394d48611e5f6ea02d48fe650e60a422cff5c028e345fdaba0238c4545fa

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 166ms
93ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238878&zone_id=1178346&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fmgoblog.com%2F&tk_flint=pbjs_lite_v5.19.0&x_source.tid=1ffff00d-d570-47fd-950c-93f81ccadd0f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.7444575746069273
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c6f935ed16c785e5972f411b2cf4c66a0e3bbb2d33c3266ff09eea8a5a87945a

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 128ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aMMq3cbI4r6Qa2aKkv7mNO
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a39466e33893924d75838a8722cc9f7dea64bbd144bdec9f2803d6a2cbbef8ea

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
328 B 166ms
140ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=290223&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215c4cb63ae4e35%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmgoblog.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166f112c1fb7ec3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T07%3A01%3A32%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fef05d80d07270c203d91d89732ffeaee2894235536317398ac56aaf27b66672

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:34 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://mgoblog.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 07:01:34 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
742 B 122ms
69ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.19.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e389557cf1ed40d21e50d5389ea256ce4c6a4a9ad4de87754047e4088b2d0456

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
295 B 122ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aMMq3cbI4r6Qa2aKkv7mNO
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 9f03592b44b983925bb807dfdc0608ca6107d3fa4c7eeac0499aa3afd2cb3da5

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 98ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 106ms
75ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: b289061b6d317172ccc824de9e9d689ffb9abad00c76ca75e7f3880b7ecf1660

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 172ms
109ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238878&zone_id=1178346&size_id=2&rf=https%3A%2F%2Fmgoblog.com%2F&tk_flint=pbjs_lite_v5.19.0&x_source.tid=51b0922b-bb16-4841-b137-64fdf2995f4b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.6260034899947642
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 030b7b73b55bf5ec0d166fb8921889ac1f9302bc88698785c80b4e4380c7d773

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
741 B 134ms
89ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.19.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 1e746a4544a0fed677fbae00394ecb5be6906b9961cb59ee703d0cdb9ea7f95e

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
376 B 307ms
152ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 67
vary: origin, Accept-Encoding

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
329 B 143ms
127ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=290223&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223404650092fcd53%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmgoblog.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235f32e5dcdd0915%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T07%3A01%3A32%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9a7505e8d5e90d27e3637cc456d782141f15c5d736fdc4336d20eb336505690

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:34 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://mgoblog.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 07:01:34 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 199ms
185ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e9bdca69d547b036e25d347384d96cfa64ca359fd338de9bb0a86f915087498f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:34 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6b480574-cac8-49b9-938e-283b39b4878b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D0FC 4 KB
3 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9C0E 4 KB
2 KB 45ms
32ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CED5 4 KB
2 KB 38ms
32ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:34 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame CED5 0
39 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?6JXcpg
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWbIicSNti8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel;r=1340917412;source=gtm;rf=0;a=p-33ZHC8m4FZBrE;url=https%3A%2F%2Fmgoblog.com%2F;uht=2;fpan=1;fpa=P0-1087985140-1636527694858;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;ref=;d=...
pixel.quantserve.com/ 35 B
371 B 21ms
12ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1340917412;source=gtm;rf=0;a=p-33ZHC8m4FZBrE;url=https%3A%2F%2Fmgoblog.com%2F;uht=2;fpan=1;fpa=P0-1087985140-1636527694858;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;ref=;d=mgoblog.com;je=0;sr=1600x1200x24;dst=0;et=1636527694858;tzo=0;ogl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
261 B 256ms
256ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:35 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 173
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 171ms
170ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d08505f04ce8f7028b1e07c49b88ea79ef318bbde2fe61c7501524d610a84b4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bc22423d-b3b9-47e7-b4d1-adc87f1b0447
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
329 B 94ms
94ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=290223&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2243232e81d486a66%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmgoblog.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2244ec455e2bc939%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T07%3A01%3A32%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 20084174035d6917983c470f41799f8efb99ea5e30f5eef982e4d444cdc46bb5

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:34 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://mgoblog.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 07:01:34 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
741 B 112ms
112ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.19.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: ee7f1099198b0b301f5fd64fedfcf14b7c760eb1220fbbca9888dc91a3566d1e

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 89ms
87ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: eaa6bf93557d10eeb378f6cb2b072f3e28164319cb4f398d96d19b9c8cb2f4a2

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 88ms
85ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7444000fb&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d33ce5b2c350befdea504c9678f68f9325256db9a6d6604e23b9ce3e17147fda

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 91ms
90ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 255ms
255ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238878&zone_id=1178346&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmgoblog.com%2F&tk_flint=pbjs_lite_v5.19.0&x_source.tid=22ee0384-374a-419b-826c-8f2026778d34&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.7643676558649568
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f1451e2056a86387748aa56b4787f0e2cc84a66b1f0db00b8825feab432a22c5

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:35 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 101ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aMMq3cbI4r6Qa2aKkv7mNO
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: aec746c11e0ca08018685d050ea9292c49386fc185684297a414f172c25b8701

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 97ms
97ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aMMq3cbI4r6Qa2aKkv7mNO
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 3a8547d906ee34a8851f3c86569f0213fead9df11ee4159110ef8ec33b4c9c91

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
744 B 88ms
88ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.19.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 7691c8355876f35b0380fc1c37dc523c23ec86d73d43bcd77bb98cab082f55a5

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 89ms
89ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 97b17efeec3db41879c306b0a172ed6fbf99de98cf6fba86af897814278a767f

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 84ms
84ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7444000fb&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: bbadf415485196032b7c219dd4c951cd8fa20c6efc8ceb11abf8d30b7aba353b

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
329 B 337ms
337ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=290223&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22677f3eb0dca5a0b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmgoblog.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268672e88ccfbd2f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T07%3A01%3A32%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b2c16719ea97de487b0926f513f4de1cc1a2ebac5dad7eb44cfa9ac6551bef6b

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:35 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://mgoblog.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 07:01:35 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 89ms
89ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
236 B 149ms
148ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 65
vary: origin, Accept-Encoding

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 87ms
87ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238878&zone_id=1178346&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmgoblog.com%2F&tk_flint=pbjs_lite_v5.19.0&x_source.tid=f097932f-3122-48a2-856c-02ac8c2cb582&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.005191380700001691
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2b1f0103f733f4da4869cff4c1b30b7bdb705c096246d480be332e95c660e79f

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 153ms
153ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0547739fb0766620be101201435fcfa8b096c0d8e85349d8179f69e48ee16dd8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 88afb026-2579-4d5f-a833-2217955c33c4
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7DF7 4 KB
2 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:34 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 7DF7 0
37 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?vslbEw
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
www.youtube.com/ Frame D0FC 0
37 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?yI9K-g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 39ms
12ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmgoblog.com%2F&domain=mgoblog.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://mgoblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://mgoblog.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1435
date: Wed, 10 Nov 2021 07:01:34 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmgoblog.com%2F&domain=mgoblog.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=lEVKhnxTQWpETnV0dDE1UlJqSWRiRTNVRU9pdUxVTm00bmtEQlp1ZGhjWG41RlVtL3FTbG5JYjZsZER1Q0V4SlMyWFhCc1VrejBHWjdneTl5STRJREJCV05vTDZCSjlSaTJQRTZBaWVPOGgyLzJkbUdsMVUvck9uUkJ1SX...

353 B
605 B

47ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lEVKhnxTQWpETnV0dDE1UlJqSWRiRTNVRU9pdUxVTm00bmtEQlp1ZGhjWG41RlVtL3FTbG5JYjZsZER1Q0V4SlMyWFhCc1VrejBHWjdneTl5STRJREJCV05vTDZCSjlSaTJQRTZBaWVPOGgyLzJkbUdsMVUvck9uUkJ1SXpWR1hRMUt3VkxKZ0l3MEo5S0M3R0NGV29hektuWlR0YzhYWEgxZGZPTjVYcE9nV1dGMTE2cW5HYjJCdTlyNkx3QVc3WktDZWRJWGpUaFQrWHJUVzhnTXRTOStrdmJyWk1ZTWh6WnZ2R3ZNZXlhZklieEdvPXw&cppv=2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ffc4397534912ac0da6713364af5a51dd9766de920e99f48b21f8f6ccd4af36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 10 Nov 2021 07:01:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2177
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 10 Nov 2021 07:01:35 GMT
location: https://mug.criteo.com/sid?cpp=lEVKhnxTQWpETnV0dDE1UlJqSWRiRTNVRU9pdUxVTm00bmtEQlp1ZGhjWG41RlVtL3FTbG5JYjZsZER1Q0V4SlMyWFhCc1VrejBHWjdneTl5STRJREJCV05vTDZCSjlSaTJQRTZBaWVPOGgyLzJkbUdsMVUvck9uUkJ1SXpWR1hRMUt3VkxKZ0l3MEo5S0M3R0NGV29hektuWlR0YzhYWEgxZGZPTjVYcE9nV1dGMTE2cW5HYjJCdTlyNkx3QVc3WktDZWRJWGpUaFQrWHJUVzhnTXRTOStrdmJyWk1ZTWh6WnZ2R3ZNZXlhZklieEdvPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1808
content-length: 482
expires: 0

GET
H2

404

insync
thrtle.com/
Redirect Chain

https://px.britepool.com/new?partner_id=t
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=277cc471-3772-4e50-855d-4aca26d6ea3a

0
0

319ms
104ms

Image
text/html

52.0.73.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=277cc471-3772-4e50-855d-4aca26d6ea3a
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 52.0.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-73-248.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Server: nginx
Vary: negotiate,Accept-Encoding
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=277cc471-3772-4e50-855d-4aca26d6ea3a
Cache-Control: no-cache, no-store, private
Tcn: Choice
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
X-Request-Id: 9a368e730be059d2eef4555eb65a33bc
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/ 186 KB
59 KB 7ms
6ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Age: 380
X-Cache: HIT
Connection: keep-alive
Content-Length: 60321
x-amz-id-2: ZoXerbuYYEyLeqvhcUrZeSXtO8N0RGQB3gzc1l5I8Z1HhRkdN97pi25Z7zyxzxW3XiUU9y7qMm0=
X-Served-By: cache-fra19179-FRA
Last-Modified: Wed, 03 Nov 2021 21:01:25 GMT
Server: AmazonS3
X-Timer: S1636527695.158157,VS0,VE0
ETag: "f0344cfc0fab11fbf956bd005d2814f0"
x-amz-request-id: ZTNSH2ZB4V5E7856
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 140

GET
H2 204 generate_204
www.youtube.com/ Frame 9C0E 0
37 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?pzT7CA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Wv66JRknCs0?start=73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 317ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 317ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
27 KB 566ms
566ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4317953412673435&correlator=3471285353514784&output=ldjh&impl=fifs&eid=31063684&vrg=2021110801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=1005612%2Cmgoblog&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=auid%3Dleaderboard_2%26adLocation%3Datf&eri=1&cust_params=expID%3DencrptSig%26pub%3Dmgoblog.com%26path%3D%252F%26didna_version%3D4&cookie=ID%3Da66a8a72971e70cc-228790d539cb0097%3AT%3D1636527694%3ART%3D1636527694%3AS%3DALNI_MZIKDq_9pkL9QTxPm6S6e5E4TB91w&bc=31&abxe=1&lmt=1636527611&dt=1636527695258&dlt=1636527691834&idt=1144&frm=20&biw=1600&bih=1200&oid=2&adxs=267&adys=376&adks=3641394045&ucis=1&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmgoblog.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=741x11815&msz=741x0&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

02622348aaa567179d4c237c2419b60e06dd608364c243fda3642107b5e15b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27696
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5022 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 07:01:35 GMT
expires: Thu, 10 Nov 2022 07:01:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
246 B 244ms
243ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4317953412673435&correlator=783251124636178&output=ldjh&impl=fifs&eid=31063684&vrg=2021110801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=1005612%2Cmgoblog&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf&eri=1&cust_params=expID%3DencrptSig%26pub%3Dmgoblog.com%26path%3D%252F%26didna_version%3D4&cookie=ID%3Da66a8a72971e70cc-228790d539cb0097%3AT%3D1636527694%3ART%3D1636527694%3AS%3DALNI_MZIKDq_9pkL9QTxPm6S6e5E4TB91w&bc=31&abxe=1&lmt=1636527611&dt=1636527695278&dlt=1636527691834&idt=1144&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=16&adks=1783861547&ucis=2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmgoblog.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x292&msz=1280x32&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=true&fws=4&ohw=1280&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c95b0ccfcf875f35f279126425d9eb140bdf41ba56a0d3d653501062b5eb3e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C871 4 KB
2 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:35 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame C871 0
37 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?swmMug
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D0FC 28 B
342 B 21ms
21ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtUMmRlMUpId3JfSSjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527692949&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:35 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 61ms
36ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1983526
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx2d622f08ca7f4f779574b-00616d2a26
x-amz-id-2: tx2d622f08ca7f4f779574b-00616d2a26
last-modified: Mon, 18 Oct 2021 08:01:50 GMT
server: cloudflare
etag: W/"cae476c264f28e37aca638d685ba55b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bk1zGDmZmgzv%2BEX6XOScMcl1rLOsySgXyG4Djxr7aAmo8in7139B%2BprqablEkn8gYy6bvPkesMG29gFNWUAFX%2BM%2Fx1%2BKrEZcA2fjcdxI3k%2FA4mWo8uiuZkPAfUfyn3%2BEzYnJjpKLuUm2tSA8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1634544110326910
cf-ray: 6abd6910ab294154-AMS
access-control-allow-headers: Authorization

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame D0FC 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 10 Nov 2021 18:11:22 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame 9C0E 52 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 10 Nov 2021 18:11:22 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame CED5 52 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 10 Nov 2021 18:11:22 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9C0E 28 B
174 B 19ms
18ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtaZXJCTzZBMko0WSjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527692964&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:35 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 67ms
67ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 136ms
135ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

57e07ae19acf82ee28d8d5dedcb4f63fec1b0034141c3156f7fc418a2b26dd6c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1ee8049d-831e-4ac0-be12-77f39eb0a620
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 98ms
98ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aMMq3cbI4r6Qa2aKkv7mNO
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ce83adf6e0d49b16917f23ceb73ef7429020f4d2c6fef35d6793c68fa798461f

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 90ms
90ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238878&zone_id=1178346&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmgoblog.com%2F&tk_flint=pbjs_lite_v5.19.0&x_source.tid=5f134c3f-2b35-47b8-975d-a79f58a4a1d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13649860190995966
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 757fea1b0dbdeaf45a039097a2d87573933ebcf3bd99f0546821a962a2f3429b

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:35 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
371 B 165ms
165ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=290223&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2288796c302808d89%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmgoblog.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2289566ca5c764ca9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T07%3A01%3A32%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: df0e2be062ba7e4602b523fc85aff8845d8039cb4e4e204d2615cb118428fa85

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mgoblog.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 07:01:35 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 78ms
77ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5f7245f8faba0a92b4bf029f93e34205c0769ebe2ef15a73ed0f45b22cbf5e30

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
115 B 74ms
74ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7444000fb&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 61208eaf230342c70144a50695666492e1c140e33bb362bbc0ec3dbf1d14d0a2

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
742 B 76ms
76ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.19.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 12f118eea46b960c634aeed844c46e632f050c9e3ab864a6400aa6c0a80ec7b7

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
117 B 244ms
244ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:35 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 160
vary: origin, Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 418ms
418ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4317953412673435&correlator=3456901544670881&output=ldjh&impl=fifs&eid=31063684&vrg=2021110801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=1005612%2Cmgoblog&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=auid%3Dskyscraper_1%26adLocation%3Datf%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.53%26hb_adid%3D1210c49bcf6a453c%26hb_bidder%3Dappnexus&eri=1&cust_params=expID%3DencrptSig%26pub%3Dmgoblog.com%26path%3D%252F%26didna_version%3D4&cookie=ID%3Da66a8a72971e70cc-228790d539cb0097%3AT%3D1636527694%3ART%3D1636527694%3AS%3DALNI_MZIKDq_9pkL9QTxPm6S6e5E4TB91w&bc=31&abxe=1&lmt=1636527611&dt=1636527695490&dlt=1636527691834&idt=1144&frm=20&biw=1600&bih=1200&oid=2&adxs=1028&adys=421&adks=2020458416&ucis=3&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmgoblog.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x2021&msz=324x0&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

478a81a25c5a939a8994a92b0ac72e76cbf6fbf3eef82d72dbd10a8dfbc2e358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8171
x-xss-protection: 0
google-lineitem-id: 5169144638
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286882610
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
159 B 108ms
107ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aMMq3cbI4r6Qa2aKkv7mNO
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 193171f9d0ebab49b61fe90dbad4927af056ec22fe1dedc845a8bb4faf557cfd

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 16 KB
8 KB 184ms
183ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

06a86ab6dd52218086763cc21b8756aadccc36277e17c30fbf7e0223009bc998

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 420435a5-20f7-417d-8180-828175041cea
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 26 B
372 B 97ms
97ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=290223&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22103c138d7dbace25%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmgoblog.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221049e966db0fd2b8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22290223%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T07%3A01%3A32%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: daa111887e6c6292a5210eab4eaa13545341320b7c7bb894c7caac7d751cb0d3

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mgoblog.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 46
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 07:01:35 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 88ms
87ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238878&zone_id=1178346&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fmgoblog.com%2F&tk_flint=pbjs_lite_v5.19.0&x_source.tid=11f140dd-57ab-4155-83c0-c594894a75b8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.8076483783159714
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 035c573597dad7ca55b92f84e09b91e0ea703674f78fa074920679d09041f608

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:35 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
744 B 90ms
90ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.19.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 762eb7a8344dd1da033809fcef626f2264cce25c666e5b1dbc17ef9ea5723a81

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 10 Nov 2021 07:01:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mgoblog.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 75ms
74ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 32a4fa33149a088bf404579a55fc9636637e184e77a86fb40d73abd2b75683a1

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 76ms
76ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7444000fb&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 98b006bb1a40d3a6e9bf1fd8864a89de8762dacd667e970124870b76f702909e

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 196ms
195ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
117 B 245ms
245ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
date: Wed, 10 Nov 2021 07:01:35 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 162
vary: origin, Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 273ms
273ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4317953412673435&correlator=3038231976038412&output=ldjh&impl=fifs&eid=31063684&vrg=2021110801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=1005612%2Cmgoblog&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=auid%3Dskyscraper_2%26adLocation%3Datf%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.49%26hb_adid%3D124ee2eb0de3906d%26hb_bidder%3Dappnexus&eri=1&cust_params=expID%3DencrptSig%26pub%3Dmgoblog.com%26path%3D%252F%26didna_version%3D4&cookie=ID%3Da66a8a72971e70cc-228790d539cb0097%3AT%3D1636527694%3ART%3D1636527694%3AS%3DALNI_MZIKDq_9pkL9QTxPm6S6e5E4TB91w&bc=31&abxe=1&lmt=1636527611&dt=1636527695511&dlt=1636527691834&idt=1144&frm=20&biw=1600&bih=1200&oid=2&adxs=1028&adys=922&adks=2020458417&ucis=4&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmgoblog.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x2021&msz=324x0&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

77e4057787bae368d1dd15649cbf34545b5f9787ec7c9bb83846ad8e95496989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7941
x-xss-protection: 0
google-lineitem-id: 5685368090
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349037767
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 50ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 947
date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame 7DF7 52 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 10 Nov 2021 18:11:22 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 507ms
167ms Script
application/javascript 54.187.25.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fmgoblog.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-25-111.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 04:16:12 GMT
server: nginx/1.18.0
etag: W/"1635480972.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Wed, 10 Nov 2021 19:01:35 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 499ms
166ms Script
application/javascript 52.25.225.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fmgoblog.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.225.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-225-148.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 04:14:40 GMT
server: nginx/1.18.0
etag: W/"1635480880.0-26098-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Wed, 10 Nov 2021 19:01:35 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&adnxs_id=1374527662504782850

43 B
565 B

431ms
177ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&adnxs_id=1374527662504782850
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:35 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:35 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: df5734a9-fc45-4ad3-8c4c-80b228283ceb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&adnxs_id=1374527662504782850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://ids.ad.gt/api/v1/t_match?tdid=0cc474ab-2678-4f47-a800-b7b7f6ca73c5&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

43 B
569 B

553ms
321ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=0cc474ab-2678-4f47-a800-b7b7f6ca73c5&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:35 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=0cc474ab-2678-4f47-a800-b7b7f6ca73c5&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://ids.ad.gt/api/v1/pbm_match?pbm=FF6EA0D7-0AD1-43B7-B27B-49213BFC2EDE&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

43 B
573 B

372ms
178ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=FF6EA0D7-0AD1-43B7-B27B-49213BFC2EDE&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:35 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=FF6EA0D7-0AD1-43B7-B27B-49213BFC2EDE&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
date: Wed, 10 Nov 2021 07:01:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://ids.ad.gt/api/v1/g_match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&google_gid=CAESEHj07i_F0bh6LtoUSAupKFk&google_cver=1&google_ula=450542624,0

43 B
571 B

562ms
322ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&google_gid=CAESEHj07i_F0bh6LtoUSAupKFk&google_cver=1&google_ula=450542624,0
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:35 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&google_gid=CAESEHj07i_F0bh6LtoUSAupKFk&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2I2YjlmMzEtM2ZkOS00NzJmLWEwM2MtY2E2NGVkNDY5ZWU5

170 B
188 B

33ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2I2YjlmMzEtM2ZkOS00NzJmLWEwM2MtY2E2NGVkNDY5ZWU5

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2I2YjlmMzEtM2ZkOS00NzJmLWEwM2MtY2E2NGVkNDY5ZWU5
date: Wed, 10 Nov 2021 07:01:35 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://token.rubiconproject.com/token?pid=50242&puid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&gdpr=0

0
214 B

32ms
8ms

Image
text/plain

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&gdpr=0
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&gdpr=0
date: Wed, 10 Nov 2021 07:01:35 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
238 B 41ms
15ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Dcb6b9f31-3fd9-472f-a03c-ca64ed469ee9
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 10 Nov 2021 07:01:35 GMT
via: 1.1 varnish
server: nginx
x-timer: S1636527696.608961,VS0,VE9
x-served-by: cache-fra19136-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
https://ids.ad.gt/api/v1/ppnt_match?uid=MHZPFqUNzTA4&ev=1&pid=562316&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9

43 B
467 B

333ms
322ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=MHZPFqUNzTA4&ev=1&pid=562316&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:35 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://ids.ad.gt/api/v1/ppnt_match?uid=MHZPFqUNzTA4&ev=1&pid=562316&id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-857fc6c844-v9c7k
expires: -1

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame C871 52 KB
15 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 10 Nov 2021 18:11:22 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/ Frame 46C4 15 KB
5 KB 52ms
12ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6ddab9c33b155f78e6d9b58a7023de31383ff3a27679c8ca47d452c76218b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 3730
date: Sun, 07 Nov 2021 10:00:10 GMT
expires: Mon, 07 Nov 2022 10:00:10 GMT
last-modified: Fri, 28 May 2021 10:00:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 248485
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 684C 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjIeHTm6LYeiHHNSq3gPSsbzwAumbmIZjpfvVtukN2tkeEAEgxKuXBGCV-vCBjAegAZSytP8DyAEJqQLkM-6wOnKzPqgDAcgDSKoEwwFP0IIGNCG_7hkSacBwf061apQJZtZJbPQHi-fb1t4aAkzF-9rkmVD3vwoX_LEIFuF8MdEo2wbwOeglNC_rgx1fFwdSqyvldkc4PexZRDzsJ75A4xRg_WNoYRZux_ZcYaqFztbgNmbo4DGqep3I7s8euVrGPoEzVNwIeohhBwzPcAcQuAmaSJc_28X9WFocMC36aK_egmso6_tjzPZPjF5vBtYFHAqic0vprh7ebjD6sYlIqfDDha3cdH2PvyvSac64hc3ABJ-CoLvUA6AGLoAH1M1LqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQg88D0ggJCIDhgBAQARhfgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTY0NDM4MjE4ODIxMDkwNTQYAA&sigh=B2B__708c80&uach_m=[UACH]&template_id=419

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&h=600&slotname=5906251774&adk=2132498600&adf=424694094&pi=t.ma~as.5906251774&w=284&fwrn=4&fwrnh=100&lmt=1636527611&rafmt=1&psa=0&format=284x600&url=https%3A%2F%2Fmgoblog.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692640&bpp=5&bdt=805&idt=1747&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=5305611325941&frm=20&pv=2&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1036&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ciXTz0Y0B&p=https%3A//mgoblog.com&dtd=1764
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 10 Nov 2021 07:01:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 684C 19 KB
8 KB 44ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&h=600&slotname=5906251774&adk=2132498600&adf=424694094&pi=t.ma~as.5906251774&w=284&fwrn=4&fwrnh=100&lmt=1636527611&rafmt=1&psa=0&format=284x600&url=https%3A%2F%2Fmgoblog.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692640&bpp=5&bdt=805&idt=1747&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=5305611325941&frm=20&pv=2&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1036&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ciXTz0Y0B&p=https%3A//mgoblog.com&dtd=1764

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:59:48 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 684C 2 KB
1 KB 48ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:37:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 684C 121 KB
38 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 684C 15 KB
6 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:35:17 GMT

POST
H2 200 GenerateIT Show response
waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7DF7 98 B
189 B 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d426e37c5eb97dbdafe0d1860f32aacc66c8464d83f86cc4f34cbf9a1262e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyBydTmf06EmN2pis9ljY6qe2XY0Rn8uK0k
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 10 Nov 2021 07:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H2 200 GenerateIT
waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://waa-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 10 Nov 2021 07:01:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8276 143 B
222 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6443821882109054&output=html&h=600&slotname=5906251774&adk=2132498600&adf=424694094&pi=t.ma~as.5906251774&w=284&fwrn=4&fwrnh=100&lmt=1636527611&rafmt=1&psa=0&format=284x600&url=https%3A%2F%2Fmgoblog.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636527692640&bpp=5&bdt=805&idt=1747&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=5305611325941&frm=20&pv=2&ga_vid=1133490413.1636527693&ga_sid=1636527694&ga_hid=1183019268&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1036&ady=1772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063682%2C31060047&oid=2&pvsid=4317953412673435&pem=143&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6ciXTz0Y0B&p=https%3A//mgoblog.com&dtd=1764

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 10 Nov 2021 06:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 46C4 9 KB
3 KB 307ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 10 Nov 2021 21:11:57 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 46C4 26 KB
10 KB 307ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Nov 2021 00:06:00 GMT

GET
H2 200 a4adc093272fefb18716d862658db974.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/ Frame 46C4 67 KB
18 KB 308ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/a4adc093272fefb18716d862658db974.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfdd65ae9ec36659ee977dfeb7f5c126539df8f634bad11e53a23406144e2ee0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 248486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17881
x-xss-protection: 0
last-modified: Fri, 28 May 2021 10:00:47 GMT
server: sffe
date: Sun, 07 Nov 2021 10:00:10 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Nov 2022 10:00:10 GMT

GET
DATA 200
OK truncated
/ Frame 684C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 871c8bb43d125c55399bccb846741d6b536043e79931fd2b6dabc8da5993129b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8276
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
158 B

52ms
52ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 10 Nov 2021 07:01:35 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 10 Nov 2021 07:01:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 10 Nov 2021 07:01:35 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44ED 0
0 42ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCQ9pAMLRp8_NshtgmAkMrptNmE_Vh61q0dgrglq0-GT8BivG-zTeZA4aC9PdThycofsyzr9cAQJXyvg-vuKxg8cT7htRfNBZl2A1ZJkjC3I79dQjMJCLCXQy_g4NJV7UM0RJKR_rwe_swqrTF_yH0-72Nz0StR9c1ncyc4f3EpEx1uqjq5S0sT3Dky1JM3dSZCQVS8DQQ27KFW0og9HDiYKkhijTGkKzV-L2clR27Mk5Wd6B3BU4FJyz7Mdd_rRXHO7eG7t0tnWdaQgvaKXNouCpAm51HNtIKI3m2W04YLEnh6ln43Z6lI_245M6pH3E&sig=Cg0ArKJSzIpGyoZKyU67EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK placement.js Show response
content.predictinteractive.com/embeds/ Frame 44ED 4 KB
2 KB 398ms
94ms Script
text/javascript 3.221.83.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.predictinteractive.com/embeds/placement.js?z=fppde0
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.83.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-83-174.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e8cfa9d00307acc88b9fa7774a5afc0ca94e56514dcd9d038e85f1605e32fc94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 20:09:36 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1656

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44ED 121 KB
37 KB 317ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 container.html Show response
65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C0B 6 KB
3 KB 311ms
10ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 07:01:35 GMT
expires: Thu, 10 Nov 2022 07:01:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9442 0
0 41ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4G33W8HNHR19jWWaVDsNqO1cx9ZLFuo3q5kVmxgfAVhdjwvPcJhhVMCLO4k7glFl4aQ15AanJeA08ERg1JPz3aYC-wHOBGBtA6Ul1H-PrOSu2c8dcel--iM4SED9rrGDdrvz9Nqqprmw84esWgK0pWqPMv-xpmToW3zsBQqAG3WnmtxXJ0GqVXwZ_qJcqJFvaRQ2g7aSTnWfIOqlUQl7FO-I75ri_LbYuqw3YRFQMT1nldwvsu9aizfStX0K_zgRRt912zmDHQo4-ZUm6xogasFE3YmlIHIYbUcWqnxiGepPX&sig=Cg0ArKJSzBsZK3-x5B7bEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 9442 26 KB
9 KB 32ms
11ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37756
x-jsd-version: 1.12.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8871
etag: W/"682b-PM7TIXX2mG/XvjIIwb9PtOhKkw4"
x-served-by: cache-fra19145-FRA
x-jsd-version-type: version
date: Wed, 10 Nov 2021 07:01:35 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9442 121 KB
37 KB 217ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9442 9 KB
5 KB 124ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:55:49 GMT

GET
H/1.1 200
OK tfav_adl_359.js Show response
j.adlooxtracking.com/ads/js/ Frame 9442 59 KB
59 KB 67ms
28ms Script
application/javascript 37.187.27.147
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_359.js
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.27.147 , France, ASN16276 (OVH, FR),
Reverse DNS: js12.adlooxtracking.com
Software: nginx/1.15.8 /
Resource Hash: 4ee507ed20d99392cc42068423d333225aaee5143bb079bb3c920cc63c505de2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:36 GMT
Last-Modified: Tue, 06 Jul 2021 09:09:42 GMT
Server: nginx/1.15.8
ETag: "60e41dd6-ecd3"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60627

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/221/ Frame 9442 85 KB
29 KB 66ms
14ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/221/trk.js
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 09:57:21 GMT
Server: AkamaiNetStorage
ETag: "f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29240
Expires: Thu, 10 Nov 2022 07:01:36 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 9442 0
805 B 29ms
9ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fmgoblog.com%252F&e=wqT_3QLcC_BM3AUAAAMA1gAFAQjO3K2MBhCTxqKx15WO02kYgtiujIa004kTKjYJC9ejcD0K5z8Rh-EjYkok4T8ZAAAAYLgeC0Ahh-EjYkok4T8pC9cJJBAxAAAAgAEtqDD3_vMHOJtAQNEUSAJQkbjgiAFYqoNgYABoqtl5eLHZBYABAYoBA1VTRJIFBsCYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClAF1ZignYScsIDM0AQI0LCAxNjM2NTI3Njk0KTsBHChpJywgNDQ3Nzc0OUYdAChnJywgMTIwNTEzMEoeAABjATsYMjQyMjMzN0Y8ADByJywgMjg2NzkyNzIxNh8A8LaSAuEEIVFIRGo4Z2pCb0owVUVKRzQ0SWdCR0FBZ3FvTmdNQUU0QUVBQVNORVVVUGYtOHdkWUFHRFNCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQXFnQkFyQUJBTGtCTEk0V1JCX2g0el9CQWZkMmFEMC1DdWNfeVFFQUFBQUFBQUR3UDlrQkI3WktzRGljNnpfZ0FiV21rUUwxQWRhRE16LVlBZ0NnQWdLMUFnQUFBQUM5QWcBOfCLRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF4Y0kzWjdGSEJBR0dBRXRZSkNZT0RJSFpHVm1ZWFZzZEtJREZ3aVQ2TVVjRUFvWUFTMEFBSUFfTWdkMWJtdHViM2R1dWdNSlJsSkJNVG8xTmpnMzRBUHZMSUFFanRtSkJJZ0VvTGlhQjVBRUFaZ0VBc0VFQUEBkAEBCERKQgEHDQEYMkFRQThRUQ0OcEFBQUlJRkh3anZwQ1VRQlJnQklnTkZWVklwQjdaDfxQOHhleFN1Ui1GNnRELUlCYmNzcVFVAToEQUEhKAg3RUYBCgkBCERCQh1bAHkuKAAAOTIoAABaFSi4UEFfNEFYQXNnVHdCZTNHM3dYNEJZcjdGSUlHQTBWVlVvZ0dCSkFHQVpnR0FLRUcJaAEBJENvQmdTeUJpUUoBDg0BAFINCAEBAFoBBQ0BAGgNCFBBQUFDNEJnby6aAsUBIVRSNjdkQWo2ZQIoS3FEWUNBQUtBQXgBLw0BfDZDVVpTUVRFNk5UWTROMER2TEVrSHRrcXdPSnpyUDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YSEhnQWdnRWZDTy1rSlJBRkdBRWkF-QBpHWA0ekY3Rks1SDRYcTBQNGs10PDXOEQ4LtgChMoB4ALP9T7qAhRodHRwczovL21nb2Jsb2cuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7QD4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjEzNi4yNDMuMTk4Ljg3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjI2NDEjRlJBMTo1Njg32gQCCAHgBAHwBJG44IgBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5s2AUB4AUB8AX3EPoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBsoJ2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi9BkAAyAex2QXSBw0JEToBOAjaBwYJJzDgBwDqBwIIAPAH1P0C&s=652b6c3671fee78fcb8ffb0e0f69ff8f4f46bcbc

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:36 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7a902bf7-f584-414d-8fdb-d99f2c023538
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 9442 68 B
345 B 67ms
24ms Image
image/png 18.157.213.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4L2FwcG5leHVzOjE2MHg2MDA=&v=5&s=v31fk4adq40&id=eyJwcmViaWQiOnsiYWRJZCI6IjEyMTBjNDliY2Y2YTQ1M2MiLCJjcG0iOjAuNTM1NjgsInMiOiJza3lzY3JhcGVyXzEiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmFwcG5leHVzOzI4Njc5MjcyMSJ9&sb=undefined&cb=1644808&h=mgoblog.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEwyRndjRzVsZUhWek9qRTJNSGcyTURBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiMTYweDYwMCJdfX0sIndyIjowfQ==
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.213.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-213-64.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:36 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 46C4 3 KB
717 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/a4adc093272fefb18716d862658db974.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 06:00:21 GMT
server: ESF
date: Wed, 10 Nov 2021 07:01:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 e3730f7e70292475d7e6e78882f73cd1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/media/ Frame 46C4 110 KB
110 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/media/e3730f7e70292475d7e6e78882f73cd1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b49bb64f034cfcbf6eb6182c6e201ee1e7cbd6e77665c8d989c29e9dd5ed19a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 178587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112928
x-xss-protection: 0
last-modified: Fri, 28 May 2021 10:00:47 GMT
server: sffe
date: Mon, 08 Nov 2021 05:25:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 05:25:09 GMT

GET
H2 200 16d961a097c617daa5fef20ebfdee022.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/media/ Frame 46C4 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/media/16d961a097c617daa5fef20ebfdee022.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14542787635067781911/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6c0258818b93ad77e037d2f8b645e07477f88ac3731b969cb356e6837962ce9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 525668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1150
x-xss-protection: 0
last-modified: Fri, 28 May 2021 10:00:47 GMT
server: sffe
date: Thu, 04 Nov 2021 05:00:28 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 05:00:28 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 46C4 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:00 GMT
x-content-type-options: nosniff
age: 91776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:00 GMT

GET
DATA 200
OK truncated
/ Frame 46C4 416 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4a901fb799310aa3a61e668748d57c9791fe17a4e2bb2efc33bcd9f74e832b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 512ms
172ms Script
text/plain 35.84.44.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=6f39598fc1b38096083ec8f07b1c304b&url=https%3A%2F%2Fmgoblog.com%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.44.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-44-29.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Nov 2021 07:01:36 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: fOEd22cg+/0YOkieS6ChUe01wo4GloMx52Jrufh66Psg4TFrqcr6ZyhPMY8n8TyOX8go4wkoSQ/QFO2r8qautQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 10 Nov 2021 07:01:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 Nov 2021 08:01:20 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 Nov 2021 07:57:31 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm...
https://ids.ad.gt/api/v1/openx?openx_id=db7780e8-58be-4156-ae53-8f8de0e19edd&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...

43 B
483 B

178ms
177ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=db7780e8-58be-4156-ae53-8f8de0e19edd&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:36 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ids.ad.gt/api/v1/openx?openx_id=db7780e8-58be-4156-ae53-8f8de0e19edd&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
652 B 177ms
177ms Image
image/gif 44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=cb6b9f31-3fd9-472f-a03c-ca64ed469ee9&halo_id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 19:01:36 GMT

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 46C4 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 9442 41 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:55:49 GMT

GET
H2 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
89 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b433ec255d5055741b20f80f1da4defbe1396e640e69b52a6c4faa8c1f6ac95a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90559
x-xss-protection: 0
pragma: public
x-fb-debug: 3dr4LSDQETF0uC/0pq2DvWS6OWupAMIGi2UNxT1aPd9dcKtcesKlqiqw6+H62Ut172D1pg3iW99mwaq5cl3KYw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 10 Nov 2021 07:01:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 B25656232.301181284;dc_ver=81.235;sz=160x600;u_sd=1;gdpr=0;nel=1;af-campaign-id=0;af-creative-id=286792721;country=DE;source=APP;dc_adk=3381720768;ord=ytgoil;click=https%3A%2F%2Ffra1-ib.adnxs.com%2... Show response
ad.doubleclick.net/ddm/adj/N246801.273391APPNEXUS/ Frame 9442 387 KB
47 KB 101ms
77ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N246801.273391APPNEXUS/B25656232.301181284;dc_ver=81.235;sz=160x600;u_sd=1;gdpr=0;nel=1;af-campaign-id=0;af-creative-id=286792721;country=DE;source=APP;dc_adk=3381720768;ord=ytgoil;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FC9ejcD0K5z-H4SNiSiThPwAAAGC4HgtAh-EjYkok4T8L16NwPQrnPxOjKHatOKZpAqyLYaBNExNObothAAAAAHf__AAbIAAAUQoAAAIAAAARHBgRqgEYAAAAAABVU0QAVVNEAKAAWAKqbAAAAAABAQUCAAAAALwAqR_aMgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TR67dAjBoJ0UEJG44IgBGKqDYCAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0DvLEkHtkqwOJzrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAggEfCO-kJRAFGAEiA0VVUikHtkqwOJzrPzF7FK5H4Xq0P4kBAAAAAAAA8D8.%2Fcca%3DMjY0MSNGUkExOjU2ODc%3D%2Fbn%3D93361%2Fclickenc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fmgoblog.com%2F$0;xdt=0;crlt=KV'cBW-19L;gcsr=m;sttr=107;prcl=s

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

6a611a24848e3e0d249db1d540287760490e98a43ee3eedc90bd03a36c29051d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK igloo.php Show response
content.predictinteractive.com/l/n/ 89 KB
26 KB 200ms
200ms Script
application/javascript 3.221.83.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.predictinteractive.com/l/n/igloo.php?dom=mgoblog.com&rand=28484749771149877000&url=https%3A%2F%2Fmgoblog.com%2F&href=https%3A%2F%2Fmgoblog.com%2F&z=fppde0&que_id=0
Requested by: Host: content.predictinteractive.com
URL: https://content.predictinteractive.com/embeds/placement.js?z=fppde0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.83.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-83-174.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c97e97973115f83b998950a28cd7e4c9a6702c0b5af616051350264d43a8bffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:36 GMT
Content-Encoding: gzip
PREDICT-Served-By: ip-172-31-33-121
Server: Apache
Cache-Control: no-cache, must-revalidate
PREDICT-Env: local
Content-Type: application/javascript
PREDICT-Cached-Response: yes
Server-Timing: hit
Memcached-Exp: Wed, 10 Nov 2021 07:02:48 GMT
Connection: keep-alive
Content-Length: 26064
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 44ED 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e11c6b827a932282fbc602e3c30a11afd41d4438656500cef42fad45a5650531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44ED 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHipCnxMReLRUzKCx1vHmBd8jlgPUSbNiIubhKECudSoecRZ7-lZeIUPQXy8mFZiweRv3Fq82HO6CGshbVyva48C63E0yiR3O-ls_SPX9kFaYtW2M6RJoJHLGDB6Qz5ZFaFuwYnsBaNSMqhieAvzQu-5bKUhY15XEKHBu4eb220PTJH5f11uDlQgErlMRGKjQJUL_C5FOaiEgIeMMO6jgQVS5iB0iDdM3jqfmVsHo6fvryNijJlzc9DAAoaJRyU_TZVSheHzIRLAoVtfOBhWDHpTZixchntGEkTyYFdwS0k7Z7DQU&sig=Cg0ArKJSzPRAtcVv6Bu7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 28ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fmgoblog.com%2F&rl=&if=false&ts=1636527696320&cd[partner_id]=251&cd[tagger_id]=6f39598fc1b38096083ec8f07b1c304b&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636527696319.423559683&it=1636527696154&coo=false&tm=1&rqm=GET

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 472B 0
44 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiq4pi5ATAB&v=APEucNVI2QgbU30BuzG_cXAT979De3nuXQ4K-q2tTzHkq46QaP8NLFECvXSv0tjw3pNfk8CnT0qjYwaeo4B4TzXln8qcBXyhMg

Requested by

Host: 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
URL: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 10 Nov 2021 07:01:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 5C0B 19 KB
8 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:58:07 GMT

GET
H2 200 5512541394813707909
s0.2mdn.net/simgad/ Frame 5C0B 28 KB
28 KB 65ms
9ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5512541394813707909

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb8e6c2e38b5d0e7f188471f2f8b3c4edf44a5cc91d3960579fcf8b761f6a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:19:53 GMT
x-content-type-options: nosniff
age: 56503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28333
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 12:11:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Nov 2022 15:19:53 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 5C0B 6 KB
3 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:15:48 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C0B 0
571 B 94ms
52ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7Mjg6h1-dba3edM_M_9nGUhZ8xpAuzYA8Glf_YSx9FpsmoQxOpRKxC8BViqZrd6T8dp5y4QUNVLp_lqmudymOpJNSAYgxJawsEZ7HJ-zri3QkB35rUTCAQQ788GvQy1Ww0-EG3spPpgawr6vhGpRn2J0CUZ_erDwenGNrPi3f8PI3Edg_BZcYzCKEAcaR2y4DyyZm8bAf0ic2jzEa2D5CRkVITujZv5qm3EPA1qkMf8RBgixEJwLVSRJLWq1eCFX8tOBqOgIYAqBDCQL_2IstV-dk1pbfNO5kdu1LtjO76tZbscDdKmXuJPw7-nPz332apSnAHYgJgq7pM1eYeLpW0RssVrBJFLSyQR3kTCXw2U_fW9v4cCWOka9E8LpcTTi-fscdq-5B4LR0qPNYADJbT3WtXXg3SL5bRCYfONxZw6Oww0cLEQ8ag88BtWKjmXnqL2xQ1mJ_5xsxTa2AaSAlbQl8AzZF5J1G3ujJRHyprtLbZ9tXjmTJOcOLFtB8E1Yday9zfpGDp7j9ieYxTPhyFmGk7xKMS-AEshs_NCSyrCwp0t6aF8LRS6JxCF0HcN7DWxXaKORjWCFEuLO3sKpOMpFU23O--mbMQbtVUWNOVy5YOHt_QxiKXd0VH0dRb31FCpWTGrloWPs_eqGRUYvWe9CL3xz59bPH6dFlSdJ-ZMQLNYCL-e-tC5AfQew90_tK13FdeRbKx0O5mD3Y1GUZRbUdX5Kp9EiSnQ7jGt5ccwYEYoyazuvJ4AObRs0--79ogxiedv_5ZIbEEGFyxtG0DlP4c0HOmUI-spc60mDjBihg5pdc-CBJiY63DoWET0Uc2CiG5msGrHMdx8qDwcm1FSyy6XQ-N_8Z2RoK9LDV-oPiTWYnSsVzcxi80jzamyUtWqI2MXHQQeyJmpW7rYE71oSpH68F__mlg4Ujh_em6FmApgIKoRur1PtGR9rQLxb7TW0zfNbh0d6fTtjZbZz_fjKcXuoHlfT4rFA3V_V8oUIeCz9YysPtVGAB1H2eME5W45NPUU_hdL6YaruO-KPsPpz8JgKe0omJE-AQHCquZ9BEySD2v-oVo487AWHHK_viiPDeOSCags37w6r5AoAmb0vTwz3LONxmEDv7yUcmUq0qeGU&sai=AMfl-YQf6vrtsYeuG3XYLgeTSCnWDtokrEg1VuoioICOvBDaDQgK18okDchI2Y2bvjjA7D0jbN-oRF-tWTNnzFxPkdBzuiob7hu68pcodKypZvGr9sBOHgKnM9XBpIcW5ZRQZ6AalNzQHWXPQwWItQTFKJCMID77vlkxbcmWKIRR_mKjlCuAsYFDCe5R2krH8bN3qo8HHP-5PTIA4e8n3VeBSsWFoWDIcwiHVIM_eBWJFtsYO-k6-gRGPQwuXfcMDcBYfmbfnUzVy5Ad7l9cR_yuCWGGIbGqlZE3g1E7G5iAsRVk&sig=Cg0ArKJSzIYZZyb1mopiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20211108.60915&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 10 Nov 2021 07:01:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C0B 41 KB
15 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C0B 42 B
173 B 41ms
39ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzTrsJH8v1LloEYOf1IkltvBhP9LENSpVgxocyBUU_i-F0yu1SUS882ZQsmkzv6WDiIip782EW5XrGNVd5oypkqqwRxft1XX2XrwCORqdASWBVA4Y

Requested by

Host: 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
URL: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 5C0B 2 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
URL: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:37:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C0B 121 KB
37 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
URL: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 5C0B 15 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
URL: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:35:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5C0B 0
0 15ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDCGgFoJnM6cU_puBKzqAGICRR3zA6UloTaexpbn0Ze0zO0jtf2TCTCREg1Q6J2yN8G1FY
Requested by: Host: 65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
URL: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9442 169 KB
59 KB 327ms
6ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Nov 2021 00:41:16 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 9442 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:52:56 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9442 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A462 52 KB
17 KB 37ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8219&pub_id=1242660
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 08 Nov 2021 04:31:53 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 10 Nov 2021 07:01:36 GMT
Age: 8978
X-Served-By: cache-lga21924-LGA, cache-fra19157-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 62058
X-Timer: S1636527697.591933,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 9442 0
805 B 85ms
85ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fmgoblog.com%2F&e=wqT_3QLiDfBM4gYAAAMA1gAFAQjO3K2MBhCTxqKx15WO02kYgtiujIa004kTKjYJC9ejcD0K5z8Rh-EjYkok4T8ZAAAAYLgeC0Ahh-EjYkok4T8pC9cJJBAxAAAAgAEtqDD3_vMHOJtAQNEUSAJQkbjgiAFYqoNgYABoqtl5eLHZBYABAYoBA1VTRJIFBsCYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClAF1ZignYScsIDM0AQI0LCAxNjM2NTI3Njk0KTsBHChpJywgNDQ3Nzc0OUYdAChnJywgMTIwNTEzMEoeAABjATsYMjQyMjMzN0Y8ADByJywgMjg2NzkyNzIxNh8A8LaSAuEEIVFIRGo4Z2pCb0owVUVKRzQ0SWdCR0FBZ3FvTmdNQUU0QUVBQVNORVVVUGYtOHdkWUFHRFNCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQXFnQkFyQUJBTGtCTEk0V1JCX2g0el9CQWZkMmFEMC1DdWNfeVFFQUFBQUFBQUR3UDlrQkI3WktzRGljNnpfZ0FiV21rUUwxQWRhRE16LVlBZ0NnQWdLMUFnQUFBQUM5QWcBOfCLRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF4Y0kzWjdGSEJBR0dBRXRZSkNZT0RJSFpHVm1ZWFZzZEtJREZ3aVQ2TVVjRUFvWUFTMEFBSUFfTWdkMWJtdHViM2R1dWdNSlJsSkJNVG8xTmpnMzRBUHZMSUFFanRtSkJJZ0VvTGlhQjVBRUFaZ0VBc0VFQUEBkAEBCERKQgEHDQEYMkFRQThRUQ0OcEFBQUlJRkh3anZwQ1VRQlJnQklnTkZWVklwQjdaDfxQOHhleFN1Ui1GNnRELUlCYmNzcVFVAToEQUEhKAg3RUYBCgkBCERCQh1bAHkuKAAAOTIoAABaFSi4UEFfNEFYQXNnVHdCZTNHM3dYNEJZcjdGSUlHQTBWVlVvZ0dCSkFHQVpnR0FLRUcJaAEBJENvQmdTeUJpUUoBDg0BAFINCAEBAFoBBQ0BAGgNCFBBQUFDNEJnby6aAsUBIVRSNjdkQWo2ZQIoS3FEWUNBQUtBQXgBLw0BfDZDVVpTUVRFNk5UWTROMER2TEVrSHRrcXdPSnpyUDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YSEhnQWdnRWZDTy1rSlJBRkdBRWkF-QBpHWA0ekY3Rks1SDRYcTBQNGs10PCQOEQ4LtgChMoB4ALP9T7qAhRodHRwczovL21nb2Jsb2cuY29tL_ICEAoGQURWX0lEEgYzNDM0MzTyAhIKBkNQR19JRBIIMTIwNTEzMDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCEFEVl9DT0RFEgDyAgwKCENQRxUPEAsKB0NQFQ4QEAoFSU8BgAAHjUwA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wmgEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtAPgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTM2LjI0My4xOTguODeoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMjY0MSNGUkExOjU2ODfaBAIIAeAEAfAEkbjgiAGIBQGYBQCgBf______AQUYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAF9xD6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0AbKCdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vQZAAMgHsdkF0gcNFXUBOAjaBwYJJzDgBwDqBwIIAPAH1P0C&s=c1862574375770964b96dc5367fe150d47261f7d&bdref=https%3A%2F%2Fmgoblog.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fmgoblog.com%2F,https%3A%2F%2Fmgoblog.com%2F&

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:36 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e06b9026-4ede-4fc6-9eda-698e33c5670b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C0B 0
23 B 75ms
61ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 5C0B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48afeeed97b2af3a855874059d931d733657589a3b627e0928b56e28fbfa984c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 44EC 22 KB
8 KB 21ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 599046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 didna_util_v3.15.1.min.js.gz Show response
storage.googleapis.com/didna-prod/ Frame A102 138 KB
40 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-prod/didna_util_v3.15.1.min.js.gz
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 84b033a67692828cb38e0db56d21576fe177652c1d5ccfe61010bcee970e23c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:21:55 GMT
content-encoding: gzip
age: 2381
x-guploader-uploadid: ADPycduw0F478KiJT06l04aBRzwtgmWEZqwwuXEL_lsnYxt90BRZwM1k4xfshsT8CpbyyTppMwGXQb4Ur1AJsmJq3gU
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40731
x-goog-meta-
last-modified: Tue, 02 Mar 2021 20:17:06 GMT
server: UploadServer
etag: "eaac5e21a5582a046aa91b36bb66ba59"
vary: Accept-Encoding
x-goog-hash: crc32c=Pb7pFg==, md5=6qxeIaVYKgRqqRs2u2a6WQ==
x-goog-generation: 1614716226183502
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 40731
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 11 Nov 2021 06:21:55 GMT

GET
H/1.1 200
OK main.min.js Show response
w1.predictinteractive.com/widgets/trivia_widget/min/ Frame 44ED 122 KB
21 KB 423ms
382ms Script
text/javascript 13.35.253.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.predictinteractive.com/widgets/trivia_widget/min/main.min.js?{%22dom%22:%22mgoblog.com%22,%22loc%22:{%22loc_name%22:%22%22,%22loc%22:{%22city%22:[],%22DMA%22:[],%22state%22:[],%22zipcode%22:[]}},%22remn%22:false,%22targ%22:%22_blank%22,%22cat%22:%22%22,%22subd%22:null,%22p_id%22:%222617%22,%22type%22:%22trivia_standard%22,%22z%22:%22fppde0%22,%22size_id%22:1,%22url%22:%22https://mgoblog.com/content/2021-22-hoops-preview-wings%22,%22pr_id%22:%2296%22,%22pl_link_target%22:%22_blank%22,%22pl_click_through%22:%221%22,%22group%22:%22college_football%22,%22category%22:null,%22pr_style_id%22:%221%22,%22floor%22:null,%22on_load_length%22:null,%22vision%22:%22is_visible%22,%22interaction%22:%22yes%22,%22show_passbacks%22:%22default%22,%22send_dwell%22:%22default%22,%22no_rotate%22:%22no%22,%22event%22:{%22p%22:%222617%22,%22w%22:%22trivia_standard%22,%22z%22:%22fppde0%22,%22igloo_id%22:0},%22wide%22:false,%22style%22:%22standard%22}
Requested by: Host: content.predictinteractive.com
URL: https://content.predictinteractive.com/l/n/igloo.php?dom=mgoblog.com&rand=28484749771149877000&url=https%3A%2F%2Fmgoblog.com%2F&href=https%3A%2F%2Fmgoblog.com%2F&z=fppde0&que_id=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-60.fra6.r.cloudfront.net
Software: Apache /
Resource Hash: d3030a9b9a7fd86f735b9716708663b09894300706b60e74a19c0adb4819c4b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Sep 2021 19:54:30 GMT
Server: Apache
X-Amz-Cf-Pop: FRA6-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: text/javascript
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: 8dmuasgUZC3yUuVvr0cdn5W5NQ699nVuwIJdCyp_3yVGllI0noT3Iw==

GET
DATA 200
OK truncated
/ Frame 9442 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22da4265da81f38c4607e7d3326c17a6d1a462746e612f8b2579c3b14cd33dd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CED5 28 B
197 B 20ms
20ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GWbIicSNti8
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgstbm4zZjhockVaYyjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527693016&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A462 0
733 B 6ms
6ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8219&pub_id=1242660&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8219&pub_id=1242660

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:36 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1704676c-58c7-47e7-a4fb-bbcc69e860f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B28B 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 599046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 9442 0
823 B 12ms
6ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmgoblog.com%2F&e=wqT_3QLcC_BM3AUAAAMA1gAFAQjO3K2MBhCTxqKx15WO02kYgtiujIa004kTKjYJC9ejcD0K5z8Rh-EjYkok4T8ZAAAAYLgeC0Ahh-EjYkok4T8pC9cJJBAxAAAAgAEtqDD3_vMHOJtAQNEUSAJQkbjgiAFYqoNgYABoqtl5eLHZBYABAYoBA1VTRJIFBsCYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClAF1ZignYScsIDM0AQI0LCAxNjM2NTI3Njk0KTsBHChpJywgNDQ3Nzc0OUYdAChnJywgMTIwNTEzMEoeAABjATsYMjQyMjMzN0Y8ADByJywgMjg2NzkyNzIxNh8A8LaSAuEEIVFIRGo4Z2pCb0owVUVKRzQ0SWdCR0FBZ3FvTmdNQUU0QUVBQVNORVVVUGYtOHdkWUFHRFNCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQXFnQkFyQUJBTGtCTEk0V1JCX2g0el9CQWZkMmFEMC1DdWNfeVFFQUFBQUFBQUR3UDlrQkI3WktzRGljNnpfZ0FiV21rUUwxQWRhRE16LVlBZ0NnQWdLMUFnQUFBQUM5QWcBOfCLRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF4Y0kzWjdGSEJBR0dBRXRZSkNZT0RJSFpHVm1ZWFZzZEtJREZ3aVQ2TVVjRUFvWUFTMEFBSUFfTWdkMWJtdHViM2R1dWdNSlJsSkJNVG8xTmpnMzRBUHZMSUFFanRtSkJJZ0VvTGlhQjVBRUFaZ0VBc0VFQUEBkAEBCERKQgEHDQEYMkFRQThRUQ0OcEFBQUlJRkh3anZwQ1VRQlJnQklnTkZWVklwQjdaDfxQOHhleFN1Ui1GNnRELUlCYmNzcVFVAToEQUEhKAg3RUYBCgkBCERCQh1bAHkuKAAAOTIoAABaFSi4UEFfNEFYQXNnVHdCZTNHM3dYNEJZcjdGSUlHQTBWVlVvZ0dCSkFHQVpnR0FLRUcJaAEBJENvQmdTeUJpUUoBDg0BAFINCAEBAFoBBQ0BAGgNCFBBQUFDNEJnby6aAsUBIVRSNjdkQWo2ZQIoS3FEWUNBQUtBQXgBLw0BfDZDVVpTUVRFNk5UWTROMER2TEVrSHRrcXdPSnpyUDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YSEhnQWdnRWZDTy1rSlJBRkdBRWkF-QBpHWA0ekY3Rks1SDRYcTBQNGs10PDXOEQ4LtgChMoB4ALP9T7qAhRodHRwczovL21nb2Jsb2cuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7QD4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjEzNi4yNDMuMTk4Ljg3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjI2NDEjRlJBMTo1Njg32gQCCAHgBAHwBJG44IgBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5s2AUB4AUB8AX3EPoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBsoJ2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi9BkAAyAex2QXSBw0JEToBOAjaBwYJJzDgBwDqBwIIAPAH1P0C&s=652b6c3671fee78fcb8ffb0e0f69ff8f4f46bcbc&type=nv&nvt=5&jm=1003&px=1098&py=389&bw=160&bh=600&sid=3173564651941359870&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=16580471&sw=1600&sh=1200&pw=1600&ph=12817&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:36 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1389a27b-e219-42b8-84bc-ec1dc5cff1c3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK prebid.js Show response
content.predictinteractive.com/ Frame A102 308 KB
95 KB 103ms
103ms Script
text/javascript 3.221.83.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.predictinteractive.com/prebid.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/didna_util_v3.15.1.min.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.83.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-83-174.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7af38d50a32aeae2254fc10206044bfa2ed47f83377be3a30c9f02ab2be4e064

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 20:04:06 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=3600
transfer-encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ Frame A102 202 KB
37 KB 6ms
6ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/didna_util_v3.15.1.min.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 205d4039067e9b57d1c8ea2343b86082430d45c5f0e02d151c5d1f20ab53c699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:36 GMT
Content-Encoding: gzip
Age: 3409
X-Cache: HIT
Connection: keep-alive
Content-Length: 37079
x-amz-id-2: S1/1HU16hsHsEt+bGQQionlh03XL3wY1hxkvEcwEjkzaZqkfGGvAw5fLNHfKbZg8Ya1/AUHmz0w=
X-Served-By: cache-fra19179-FRA
Last-Modified: Wed, 10 Nov 2021 05:06:13 GMT
Server: AmazonS3
X-Timer: S1636527697.860735,VS0,VE0
ETag: "d62fe092e1aac0e77da012081ec4536a"
x-amz-request-id: XVTJ6QKFBW837FMS
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 22

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A102 79 KB
26 KB 17ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/didna_util_v3.15.1.min.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cb51374cb16f2a927333f7fc0cca6f9dcd8ea0355439f5f90252e32de463c996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1039 / 386 of 1000 / last-modified: 1636499218"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26966
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 9442 4 KB
2 KB 62ms
34ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&client=airfrance&campagne=359&banniere=0&visite_id=52515879640&seq=0&timezone=0&js=tfav_adl_359.js&date_regen=2021-07-06%2009%3A09%3A37&plat=12&tagid=812&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1242660&id2=0&id3=286792721&id4=160x600&id5=16580471&id6=343434&id7=8219&id8=12051309&id9=1374527662504782850&id10=4477749&id11=%24ADLOOX_WEBSITE&id14=custom_70_2&id20=3821775&p_d=0.353&d5=605&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=google_ads_iframe_%2F1005612%2Fmgoblog_5%40https%3A%2F%2Fmgoblog.com%2F&iframe=3&fake=000000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Fmgoblog.com%2F&ao=https%3A%2F%2Fmgoblog.com&nb_cpu=8&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.25
Resource Hash: d80823fad4d9c6118f67bd199f7954389e2b02cac09f5a11ec7b744f041e1e0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
access-control-allow-origin: https://mgoblog.com
x-powered-by: PHP/7.4.25
route: ads-prod-ffcd4c54-b6hwl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 9442 4 KB
1 KB 4726ms
4706ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&client=airfrance&campagne=359&banniere=0&visite_id=17972750643&seq=0&timezone=0&js=tfav_adl_359.js&date_regen=2021-07-06%2009%3A09%3A37&plat=12&tagid=812&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1242660&id2=0&id3=286792721&id4=160x600&id5=16580471&id6=343434&id7=8219&id8=12051309&id9=1374527662504782850&id10=4477749&id11=%24ADLOOX_WEBSITE&id14=custom_70_2&id20=3821775&p_d=0.362&d5=605&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=google_ads_iframe_%2F1005612%2Fmgoblog_5%40https%3A%2F%2Fmgoblog.com%2F&iframe=3&fake=000000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Fmgoblog.com%2F&ao=https%3A%2F%2Fmgoblog.com&nb_cpu=8&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.25
Resource Hash: d80823fad4d9c6118f67bd199f7954389e2b02cac09f5a11ec7b744f041e1e0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:41 GMT
content-encoding: gzip
access-control-allow-origin: https://mgoblog.com
x-powered-by: PHP/7.4.25
route: ads-prod-ffcd4c54-b7bv8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7DF7 28 B
174 B 24ms
22ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=523
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgstR1c1THRIbDZoZyjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527693070&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame 44EC 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 21:24:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9442 121 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/ Frame 8C24 95 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f5262be8007f7f1cece10385675ac62113a37366a9c5440fa32fa42b539a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 7592
date: Wed, 10 Nov 2021 07:01:36 GMT
expires: Thu, 11 Nov 2021 07:01:36 GMT
cache-control: public, max-age=86400
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9442 0
23 B 53ms
53ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjqD4Kvj9Y0n15BhAvpeiDN5SIsRxOZQHrOypFY2kfAg4RGWLyTeHQW8yAWAgqo8d1SoGUG9z-B5PrD5rNBCIRFxKHYPjZqfb7JJWnXoZ8FUC6u27EPzzyC4mtgX68oYdDjCuZmo_73NVqJCk&sig=Cg0ArKJSzFI_QW2DkxmQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=416&cbvp=1&cstd=410&cisv=r20211108.11282&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET img;adv=11272209693943;ec=11272230929715;adv.a=5109792;c.a=25656232;s.a=2259545;p.a=301181284;a.a=494199072;cache=2530032951;
ad.atdmt.com/i/ Frame 9442 0
0

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame B28B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 21:24:40 GMT

GET
H3 200 pubads_impl_2021110801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A102 344 KB
116 KB 38ms
38ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063691

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118396
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:36 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/ Frame A102 186 KB
59 KB 7ms
6ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:47 GMT
Content-Encoding: gzip
Age: 392
X-Cache: HIT
Connection: keep-alive
Content-Length: 60321
x-amz-id-2: ZoXerbuYYEyLeqvhcUrZeSXtO8N0RGQB3gzc1l5I8Z1HhRkdN97pi25Z7zyxzxW3XiUU9y7qMm0=
X-Served-By: cache-fra19179-FRA
Last-Modified: Wed, 03 Nov 2021 21:01:25 GMT
Server: AmazonS3
X-Timer: S1636527707.279489,VS0,VE0
ETag: "f0344cfc0fab11fbf956bd005d2814f0"
x-amz-request-id: ZTNSH2ZB4V5E7856
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 146

POST
H/1.1 204
No Content / Show response
yeti.predictinteractive.com/ 0
142 B 410ms
100ms XHR
text/plain 54.85.167.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeti.predictinteractive.com/
Requested by: Host: content.predictinteractive.com
URL: https://content.predictinteractive.com/l/n/igloo.php?dom=mgoblog.com&rand=28484749771149877000&url=https%3A%2F%2Fmgoblog.com%2F&href=https%3A%2F%2Fmgoblog.com%2F&z=fppde0&que_id=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.167.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-167-1.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 10 Nov 2021 07:01:55 GMT
Server: nginx/1.14.1
Connection: keep-alive

OPTIONS id
api.britepool.com/v1/britepool/ Frame 0
0

POST id
api.britepool.com/v1/britepool/ 0
0

POST
H/1.1 200 725.json Show response
id5-sync.com/g/v2/ 213 B
529 B 33ms
8ms XHR
application/json 51.89.21.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p13.id5-sync.com

Software

Resource Hash

b6c8e816b5c81eb1391ed171664b2acf9fa88a83613d00a429722b49ec5855f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://mgoblog.com
Date: Wed, 10 Nov 2021 07:01:47 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
335 B 104ms
41ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ca277925c930177901d064c6de8acca5195d184a9d67a45bf5844472eb5ce0aa

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache
x-server: 10.45.20.188
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ 0
211 B 506ms
164ms XHR
text/plain 34.210.245.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.245.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-245-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mgoblog.com
pragma: no-cache
date: Wed, 10 Nov 2021 07:01:55 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
659 B 32ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 692b53f8f6ba69a8f9effe08053e30157f05d0fbd4442ebb587b82f473b6b053

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 07:01:55 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgoblog.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Fri, 10 Dec 2021 07:01:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fmgoblog.com%2F&rl=&if=false&ts=1636527715387&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%7C%20mgoblog%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636527696319.423559683&it=1636527696154&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 10 Nov 2021 07:01:55 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159745
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkY2RUEwRDctMEFEMS00M0I3LUIyN0ItNDkyMTNCRkMyRURF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE_5nX16aya36BKU-p11ZPg&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
160 B

25ms
25ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Wed, 10 Nov 2021 07:01:56 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:380
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 9442 0
823 B 27ms
16ms Ping
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmgoblog.com%2F&e=wqT_3QLcC_BM3AUAAAMA1gAFAQjO3K2MBhCTxqKx15WO02kYgtiujIa004kTKjYJC9ejcD0K5z8Rh-EjYkok4T8ZAAAAYLgeC0Ahh-EjYkok4T8pC9cJJBAxAAAAgAEtqDD3_vMHOJtAQNEUSAJQkbjgiAFYqoNgYABoqtl5eLHZBYABAYoBA1VTRJIFBsCYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClAF1ZignYScsIDM0AQI0LCAxNjM2NTI3Njk0KTsBHChpJywgNDQ3Nzc0OUYdAChnJywgMTIwNTEzMEoeAABjATsYMjQyMjMzN0Y8ADByJywgMjg2NzkyNzIxNh8A8LaSAuEEIVFIRGo4Z2pCb0owVUVKRzQ0SWdCR0FBZ3FvTmdNQUU0QUVBQVNORVVVUGYtOHdkWUFHRFNCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQXFnQkFyQUJBTGtCTEk0V1JCX2g0el9CQWZkMmFEMC1DdWNfeVFFQUFBQUFBQUR3UDlrQkI3WktzRGljNnpfZ0FiV21rUUwxQWRhRE16LVlBZ0NnQWdLMUFnQUFBQUM5QWcBOfCLRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF4Y0kzWjdGSEJBR0dBRXRZSkNZT0RJSFpHVm1ZWFZzZEtJREZ3aVQ2TVVjRUFvWUFTMEFBSUFfTWdkMWJtdHViM2R1dWdNSlJsSkJNVG8xTmpnMzRBUHZMSUFFanRtSkJJZ0VvTGlhQjVBRUFaZ0VBc0VFQUEBkAEBCERKQgEHDQEYMkFRQThRUQ0OcEFBQUlJRkh3anZwQ1VRQlJnQklnTkZWVklwQjdaDfxQOHhleFN1Ui1GNnRELUlCYmNzcVFVAToEQUEhKAg3RUYBCgkBCERCQh1bAHkuKAAAOTIoAABaFSi4UEFfNEFYQXNnVHdCZTNHM3dYNEJZcjdGSUlHQTBWVlVvZ0dCSkFHQVpnR0FLRUcJaAEBJENvQmdTeUJpUUoBDg0BAFINCAEBAFoBBQ0BAGgNCFBBQUFDNEJnby6aAsUBIVRSNjdkQWo2ZQIoS3FEWUNBQUtBQXgBLw0BfDZDVVpTUVRFNk5UWTROMER2TEVrSHRrcXdPSnpyUDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YSEhnQWdnRWZDTy1rSlJBRkdBRWkF-QBpHWA0ekY3Rks1SDRYcTBQNGs10PDXOEQ4LtgChMoB4ALP9T7qAhRodHRwczovL21nb2Jsb2cuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7QD4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjEzNi4yNDMuMTk4Ljg3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjI2NDEjRlJBMTo1Njg32gQCCAHgBAHwBJG44IgBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5s2AUB4AUB8AX3EPoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBsoJ2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi9BkAAyAex2QXSBw0JEToBOAjaBwYJJzDgBwDqBwIIAPAH1P0C&s=652b6c3671fee78fcb8ffb0e0f69ff8f4f46bcbc&type=pv&jm=1003|1030&px=1098&py=389&bw=160&bh=600&sf=1&sid=3173564651941359870&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=16580471&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:55 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cf08cd38-ddf9-456f-933c-786378f18e38
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mgoblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C0B 42 B
497 B 51ms
30ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0qJ81arAGOgmnsocC96LiRYCvfJZYkd7OHmoO5SV1wjSvHXeR4uU9AVTfqGMROxtC4RqMnP1jhhbDBpb20kXyjj1wJ0vBNXym8m89plAfAy4IRFoVqw&sai=AMfl-YQfW45EV4NoU-lXo60p-C3b0q_FYGchEZ5wetTFxQUIzGEC7ucRMR-3n5P5dBMrClccPOUad1RFs4gfdPFKtuW73BzcuiRgCN2o2m5IKFdwZ6NNot_5_8Tgu-1R&sig=Cg0ArKJSzBBP8LADj_qOEAE&cid=CAASPeRoUjJGKqfyv37qMkCIAnGT_YUKJK0DDREjhY2v_a-n0ypNXFeWPP2n-wO8srVjGmEevhepyaq8y_Ev45M&id=lidar2&mcvt=18737&p=328,267,422,995&mtos=0,18737,18737,18737,18737&tos=0,18737,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3641394045&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636527695856&rpt=815&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C871 28 B
197 B 25ms
25ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MWIHxdsgIe4?start=83
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtBdTJCNzRYM2FtVSjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527693757&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:55 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9C0E 28 B
174 B 28ms
27ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Wv66JRknCs0?start=73
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtaZXJCTzZBMko0WSjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527693202&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:55 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D0FC 28 B
174 B 25ms
25ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7F3O_WLSdlQ?start=997
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtUMmRlMUpId3JfSSjM3K2MBg%3D%3D
X-YouTube-Ad-Signals: dt=1636527693103&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 10 Nov 2021 07:01:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:55 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A462 0
733 B 274ms
11ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8219&pub_id=1242660&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8219&pub_id=1242660

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:55 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 81de13d9-eb7d-482a-8da4-5486f5d8c9d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 main.css
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/ Frame 8C24 51 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6251b5a7a501df646d682bb4202e5b98f913ff7426b745dc7729eb0443d3b284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5948
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:58 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8C24 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:17:46 GMT

GET
H/1.1 200
OK ADventori-2.0.0.js Show response
adventori.com/lp/enabler/ Frame 8C24 76 KB
17 KB 80ms
29ms Script
application/javascript 5.135.141.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adventori.com/lp/enabler/ADventori-2.0.0.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.141.80 , France, ASN16276 (OVH, FR),
Reverse DNS: hap2.adventori.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: fb1c8d5207f4618e58bca629a48fc126942807b51d86c92bac671c6c3130682d

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 14:35:06 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Content-Length: 16881
Expires: Wed, 10 Nov 2021 07:06:55 GMT

GET
H2 200 engine.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/ Frame 8C24 11 KB
3 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/engine.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0aac31347d948e03fdfca09cd82337cc8b8ad63ed35358c8345339d934169bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2762
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:52 GMT

GET
H2 200 af_init_meta.js Show response
s0.2mdn.net/creatives/assets/4296910/ Frame 8C24 10 KB
3 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4296910/af_init_meta.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

009913b0e54e74d00d2cfbe8e08d72cbe9dabab6ba69b37a0907fd73a4428175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3113
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:15:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:12:21 GMT

GET
H2 200 icon-try-again.png
image.predictinteractive.com/01/trivia/icons/2017/06/ Frame 2CDD 315 B
705 B 73ms
9ms Image
image/png 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/01/trivia/icons/2017/06/icon-try-again.png
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d25d2b55e63d93587ef650b6bc519b18ba7db6344fb38f9d886bf0098718557a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:01:20 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Mon, 30 Aug 2021 15:01:20 GMT
server: Apache
age: 6192035
x-cache: Hit from cloudfront
content-type: image/png
image-processing-time: 0.088
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
content-length: 315
returned-filename: icon-try-again.png
x-amz-cf-id: -XXFSmYY5Ebhn0kGgruUnNQG_YtHRWzKFV4tUurdXXLOZiJZu6JBPw==
expires: Tue, 30 Aug 2022 15:01:20 GMT

GET
H2 200 1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v13/ Frame 2CDD 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v13/1YwB1sO8YE1Lyjf12WNiUA.woff2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 13:27:49 GMT
x-content-type-options: nosniff
age: 581646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23216
x-xss-protection: 0
last-modified: Thu, 09 Feb 2017 19:14:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 03 Nov 2022 13:27:49 GMT

GET
H2 200 EsvMC5un3kjyUhB9ZEPPwg.woff2
fonts.gstatic.com/s/lato/v13/ Frame 2CDD 22 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v13/EsvMC5un3kjyUhB9ZEPPwg.woff2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e7f42d15a1efa09afcc586ac1d79d9008fa7339ece9c40dbc0cbc5aedcf075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:05:22 GMT
x-content-type-options: nosniff
age: 46593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23012
x-xss-protection: 0
last-modified: Thu, 09 Feb 2017 19:14:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 18:05:22 GMT

GET
H2 200 icon-shuffle.png
image.predictinteractive.com/01/trivia/icons/2017/06/ Frame 2CDD 1 KB
1 KB 72ms
10ms Image
image/png 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/01/trivia/icons/2017/06/icon-shuffle.png
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d18811561130273f524c3f5faffb2d534d1f0ba69d8b0ff0fdddfdf557ba637d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:01:20 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Mon, 30 Aug 2021 15:01:20 GMT
server: Apache
age: 6192035
x-cache: Hit from cloudfront
content-type: image/png
image-processing-time: 0.070
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
content-length: 1044
returned-filename: icon-shuffle.png
x-amz-cf-id: 0TZ49uGn9TtumSh2FAhtvpm5vG6sfRMCrVjqt19nUch_LY1qGiKJbQ==
expires: Tue, 30 Aug 2022 15:01:20 GMT

GET
H2 200 H2DMvhDLycM56KNuAtbJYA.woff2
fonts.gstatic.com/s/lato/v13/ Frame 2CDD 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v13/H2DMvhDLycM56KNuAtbJYA.woff2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a03cdb40941ed9bb87178d34076aa70d7c8a21c2645d9a71e7edb02f94a4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Origin: https://mgoblog.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 21:19:48 GMT
x-content-type-options: nosniff
age: 466927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22656
x-xss-protection: 0
last-modified: Thu, 09 Feb 2017 19:14:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 21:19:48 GMT

GET
H/1.1 200
OK index.php Show response
prod-tw-api.predictinteractive.com/ Frame 44ED 11 KB
3 KB 431ms
122ms XHR
application/json 34.232.180.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-tw-api.predictinteractive.com/index.php?group=college_football
Requested by: Host: w1.predictinteractive.com
URL: https://w1.predictinteractive.com/widgets/trivia_widget/min/main.min.js?{%22dom%22:%22mgoblog.com%22,%22loc%22:{%22loc_name%22:%22%22,%22loc%22:{%22city%22:[],%22DMA%22:[],%22state%22:[],%22zipcode%22:[]}},%22remn%22:false,%22targ%22:%22_blank%22,%22cat%22:%22%22,%22subd%22:null,%22p_id%22:%222617%22,%22type%22:%22trivia_standard%22,%22z%22:%22fppde0%22,%22size_id%22:1,%22url%22:%22https://mgoblog.com/content/2021-22-hoops-preview-wings%22,%22pr_id%22:%2296%22,%22pl_link_target%22:%22_blank%22,%22pl_click_through%22:%221%22,%22group%22:%22college_football%22,%22category%22:null,%22pr_style_id%22:%221%22,%22floor%22:null,%22on_load_length%22:null,%22vision%22:%22is_visible%22,%22interaction%22:%22yes%22,%22show_passbacks%22:%22default%22,%22send_dwell%22:%22default%22,%22no_rotate%22:%22no%22,%22event%22:{%22p%22:%222617%22,%22w%22:%22trivia_standard%22,%22z%22:%22fppde0%22,%22igloo_id%22:0},%22wide%22:false,%22style%22:%22standard%22}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.180.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-180-222.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1a6e13a3675e2ae3ccc9d9436c5ee7cc5d8279260bd597ab5d7f8167d0ee5d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type, Accept
Content-Length: 2236

GET
H2 200 college_football_01.jpg
image.predictinteractive.com/college_football/ Frame 2CDD 2 KB
2 KB 9ms
9ms Image
image/jpeg 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/college_football/college_football_01.jpg?quality=90&width=70
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 73219af4f921d15bcb4da59cbaa50f821124de1c6ef167fde2ecc08f13cf94ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:58:21 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 13:58:21 GMT
server: Apache
age: 1357415
x-cache: Hit from cloudfront
content-type: image/jpeg
image-processing-time: 0.058
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
content-length: 2130
returned-filename: college_football_01.jpg
x-amz-cf-id: cHP54aRlPb2fQ7jDHgKjvQIs3H5ib7WhvW6vXYX_7xRbHqybTHxG8g==
expires: Tue, 25 Oct 2022 13:58:21 GMT

GET
H2 200 college_football_11.jpg
image.predictinteractive.com/college_football/ Frame 2CDD 10 KB
11 KB 10ms
9ms Image
image/jpeg 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/college_football/college_football_11.jpg?width=300
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 7ff1fe3cf52bcd212457128a4402e9bb5c569496bc4f5126c19ad6a7685e4f8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 23:55:04 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Sun, 17 Oct 2021 23:55:04 GMT
server: Apache
age: 2012812
x-cache: Hit from cloudfront
content-type: image/jpeg
image-processing-time: 0.081
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: G3JPISAJx2T6SYIbeUIjATgKOl9PPl2Bh1TWf4q5zaq_6TLOWlXVpA==
returned-filename: college_football_11.jpg
expires: Mon, 17 Oct 2022 23:55:04 GMT

GET
H2 200 icon-check-mark-blue.svg
image.predictinteractive.com/01/trivia/icons/2017/06/ Frame 2CDD 453 B
827 B 11ms
8ms Image
image/svg+xml 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/01/trivia/icons/2017/06/icon-check-mark-blue.svg
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: cf0bd7d81a508f639e527b684ace5ff3c665862c384d82d96efea9b698389cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:01:20 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Mon, 30 Aug 2021 15:01:20 GMT
server: Apache
age: 6192036
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
content-length: 453
returned-filename: icon-check-mark-blue.svg
x-amz-cf-id: -Ok_wnu6MEGrt4ULvB7_GgaMjt8xeh0g04Aa42fIZLl4TrHcmyc-gg==
expires: Tue, 30 Aug 2022 15:01:20 GMT

GET
H2 200 icon-check-mark.svg
image.predictinteractive.com/01/trivia/icons/2017/06/ Frame 2CDD 942 B
1 KB 13ms
11ms Image
image/svg+xml 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/01/trivia/icons/2017/06/icon-check-mark.svg
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e49b00aa6353c93ac3513a1633b85ad6ba388372c918ac121e2e1e3ab988570c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:01:20 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Mon, 30 Aug 2021 15:01:20 GMT
server: Apache
age: 6192036
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
content-length: 942
returned-filename: icon-check-mark.svg
x-amz-cf-id: FVSrVaoXIStlwbqS9pbReNSsu2RIRxyfFqdEr9rACoz3c05qE5E3rQ==
expires: Tue, 30 Aug 2022 15:01:20 GMT

GET
H2 200 icon-incorrect.svg
image.predictinteractive.com/01/trivia/icons/2017/06/ Frame 2CDD 812 B
1 KB 11ms
9ms Image
image/svg+xml 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/01/trivia/icons/2017/06/icon-incorrect.svg
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ddc0a8630e33b6cc54a5b934f343036a404335e26e074bc9168be9bbfeab0135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:15:47 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 05:15:47 GMT
server: Apache
age: 5967968
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
content-length: 812
returned-filename: icon-incorrect.svg
x-amz-cf-id: vSlIZ7Nu3PPWClaazVityu5QkqbZ3njPbLFH0JLkyM0cpLF6HHbbTg==
expires: Fri, 02 Sep 2022 05:15:47 GMT

GET
H2 200 Logo_Emblem_Predict.svg
image.predictinteractive.com/ Frame 2CDD 6 KB
3 KB 11ms
10ms Image
image/svg+xml 2600:9000:214f:1c00:1e:8f08:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.predictinteractive.com/Logo_Emblem_Predict.svg
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1c00:1e:8f08:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2e8cdff40bcc0c3bc01bf2bc6ffc90483e768ee6f47e3141ef5876bb1f39fcaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 15:01:20 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 15:01:20 GMT
server: Apache
age: 6192036
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 6KUlLKbmP5Xvt1G8jVYSR7l2bFWwwolAth1LH3fq1VT0X7bNMmW0og==
returned-filename: Logo_Emblem_Predict.svg
expires: Tue, 30 Aug 2022 15:01:20 GMT

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/3653/ 5 KB
2 KB 301ms
101ms Fetch
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/3653/?ver=1.1&pageId=1633204162&winbidder=

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

b4d15523a78e62e3d52f25dd92beef975bb2d791dd91f14f30bd79252a45f3b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
etag: W/"12ad-83i7gWcwxed0S6lKwBPRhbwBSdQ"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5B78 368 KB
123 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/didna_util_v3.15.1.min.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125099
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:01:56 GMT

GET
H2 200 Excellence_In_Motion_Regular_V5.woff2
s0.2mdn.net/creatives/assets/4296925/ Frame 8C24 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4296925/Excellence_In_Motion_Regular_V5.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c2d79c60490444a0dd3a4101e3b1fc00053ed804ecf7be2706d0dd5c7f27dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:57:16 GMT
x-content-type-options: nosniff
age: 280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14708
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:35:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:12:16 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9442 0
23 B 43ms
42ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjqD4Kvj9Y0n15BhAvpeiDN5SIsRxOZQHrOypFY2kfAg4RGWLyTeHQW8yAWAgqo8d1SoGUG9z-B5PrD5rNBCIRFxKHYPjZqfb7JJWnXoZ8FUC6u27EPzzyC4mtgX68oYdDjCuZmo_73NVqJCk&sig=Cg0ArKJSzFI_QW2DkxmQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=19915&vt=11&dtpt=19499&dett=3&cstd=410&cisv=r20211108.11282&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9442 0
0 41ms
40ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz9nqQFu8w6b61fxfpXyi75Mw0oDTSc_5EhDFwZm5hFFrdQNZfPJXMe1qrrswZ0IXuCGNEL9Lgh22LEh91e99YX23Yv3JCv_lEGYKwNfjE0XRl6XChH0aNn8zkYCh_7BuYq7TCjn4n6yPGrPEEzkCG9-FrtJDeRf6ZhNFXqblw7ljyxxDOiKI_BtiU4nT-n7NYCTPIYRMZV-JCizs3VbkexTfHtFFIORUirpqzHp17ooz096IBUM8bwgiL69kLfRZpgrDENUuTgH5_mcPBihYFoyqneqlpNdhZ4Bls3qPRZhM_9pE&sig=Cg0ArKJSzHw36u2Rn_LaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 10 Nov 2021 07:01:56 GMT

GET
H2 200 tagv_50153_13.js Show response
tk.airfrance.fr/50153/ Frame 8C24 13 KB
5 KB 72ms
18ms Script
application/javascript 13.37.59.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.airfrance.fr/50153/tagv_50153_13.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4296910/af_init_meta.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.37.59.66 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-59-66.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: da49a1404ff461f3ef235a31261fe19ed1e9a3155f1650652e96afb90744a8e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:13:28 GMT
server: nginx
etag: W/"5e441618-32d9"
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"
cache-control: public, max-age=86400
content-type: application/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8C24 7 KB
5 KB 19ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23556d80a86017592ce6f8377d0553a90fe89f9c7ec30d0f191780958cac7480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5281
x-xss-protection: 0

GET
H2 200 background-blue1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/ Frame 8C24 5 KB
5 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/background-blue1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff9808aadd4c3c76ae0c64914851c4d20888dcade59d15a2e7cce9a8ac7bc3cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:53 GMT
x-content-type-options: nosniff
age: 57003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5302
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:53 GMT

GET
H2 200 shadow.png
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/ Frame 8C24 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa665863bb2c2f7d98668c0c178fe2ab8f7f94b1e89ee6052d0c825a01d1588b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:54 GMT
x-content-type-options: nosniff
age: 57002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:54 GMT

GET
H2 200 background-blue.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/ Frame 8C24 9 KB
9 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/background-blue.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea2a869048e73584c948011665a62e714144b2f0dd36c8fdf2b887497aaa5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:53 GMT
x-content-type-options: nosniff
age: 57003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9127
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:53 GMT

GET
H2 200 Excellence_In_Motion_Bold_V5.woff2
s0.2mdn.net/creatives/assets/4296925/ Frame 8C24 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4296925/Excellence_In_Motion_Bold_V5.woff2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba58700889d4a90393e2ee9aa0112a663ef60055740ee7fa781af5e69675811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:02 GMT
x-content-type-options: nosniff
age: 234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15220
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:35:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:02 GMT

GET
H2 200 Excellence_In_Motion_Medium_V5.woff2
s0.2mdn.net/creatives/assets/4296925/ Frame 8C24 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4296925/Excellence_In_Motion_Medium_V5.woff2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5f97ae791beef344e61320d5015965207e6c7e3e171d606ddf48e2bdd718f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:02 GMT
x-content-type-options: nosniff
age: 234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14568
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:35:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:13:02 GMT

GET
H2 200 origin1.png
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/ Frame 8C24 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/origin1.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc5032196a4f167a485d72c323f33d7ab3cba0a65d924d11e79db4445eb6a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:55 GMT
x-content-type-options: nosniff
age: 57001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1739
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:55 GMT

GET
H2 200 madame-valise.png
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/ Frame 8C24 43 KB
43 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/madame-valise.png

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04229993c9ded71cd72d1ac688b3e1490bef2a769c20651f6e39cd53fbaa4b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:55 GMT
x-content-type-options: nosniff
age: 57001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43905
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:55 GMT

GET
H2 200 LFW-160x600.jpg
s0.2mdn.net/creatives/assets/4122813/ Frame 8C24 34 KB
34 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4122813/LFW-160x600.jpg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc7b0362031a5b6602c7dc8c7f1d49a9549e728c146607f4e27ae0f65723f798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:55:00 GMT
x-content-type-options: nosniff
age: 416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35005
x-xss-protection: 0
last-modified: Tue, 11 May 2021 08:28:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:10:00 GMT

GET
H2 200 PUJ-160x600.jpg
s0.2mdn.net/creatives/assets/4122813/ Frame 8C24 48 KB
48 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4122813/PUJ-160x600.jpg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5bb730d23333162e5d53fb8d65019c52305fff7a101e401cc38ffa3cc2e85a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:51:43 GMT
x-content-type-options: nosniff
age: 613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49318
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 09:46:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:06:43 GMT

GET
H2 200 MIA-160x600.jpg
s0.2mdn.net/creatives/assets/4122813/ Frame 8C24 48 KB
49 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4122813/MIA-160x600.jpg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d22f5c17e02c64ef55db2abd49286cf2e5e810234d80c495835b4f71ba11817f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:55:00 GMT
x-content-type-options: nosniff
age: 416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49565
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 09:37:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:10:00 GMT

GET
H2 200 logo-airfrance_protect-white.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/ Frame 8C24 5 KB
2 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/img/logo-airfrance_protect-white.svg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c22b2f7a1ba76ba4a6d4f37d435f2c89c29461ef89f05c01de25f4b212b051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61754092/20211105080755518/160x600/index.html?e=69&leftOffset=0&topOffset=0&c=ZctGyeJGM8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2183
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:07:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 15:11:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C24 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 10 Nov 2021 07:01:56 GMT

GET
DATA 200
OK truncated
/ Frame 5B78 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5B78 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bridge3.488.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EF9C 580 KB
190 KB 308ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194718
date: Fri, 05 Nov 2021 21:20:07 GMT
expires: Sat, 05 Nov 2022 21:20:07 GMT
last-modified: Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 380509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5B78 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 07:01:56 GMT

GET
DATA 200
OK truncated
/ Frame 5B78 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c953247aa1084d9b0776174e20b795a235c93f9dcf7c9d34fded56de81146509

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view.js Show response
tk.airfrance.fr/v/ Frame 8C24 55 B
340 B 16ms
16ms Script
application/javascript 13.37.59.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.airfrance.fr/v/view.js?esvid=A50153&esvcb=etvcb&wiz_medium=DSP&wiz_source=APP&wiz_campaign=286792721&wiz_content=DE_Structural%2F%2FPROSPECTING&wiz_term=0&esvvid=7f9f60f6618b6e64&esvc=0&esvisc=1&esvf=1&esvsf=0&esvrsl=1600x1200&esvwinrsl=1660x1100&esvaddim=160x600&esvadlt=0x0&esvadrb=0x0&esvadz=10000&esvview=0&esvfocus=1&esvviewts=0&esvpub=https%3A%2F%2Fmgoblog.com%2F&esvads=https%3A%2F%2Fs0.2mdn.net%2Fads%2Frichmedia%2Fstudio%2Fpv2%2F61754092%2F20211105080755518%2F160x600%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3DZctGyeJGM8%26t%3D1%26renderingType%3D2&esvr=0.6942364837775106&esvlv=1&esvtv=1&esvts=1636527716635&esvtid=13
Requested by: Host: tk.airfrance.fr
URL: https://tk.airfrance.fr/50153/tagv_50153_13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.37.59.66 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-59-66.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: bca6e1b693d88b862bb7ed8b8f66e8e3a89c4195dbc16fb93a3b3d18797f29a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
server: nginx
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"

GET
H2 206 video.mp4
storage.googleapis.com/didna-files/utility/ Frame 5B78 88 KB
89 KB 141ms
141ms Media
video/mp4 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-files/utility/video.mp4
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 17aeefb583cf275080123496259609e8041b6474032932e8436f1451093de6e3

Request headers

Referer: https://mgoblog.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
x-guploader-uploadid: ADPycdt-XUdxiz07ubSxwlIzDg358j2NIvL3IwvPqgpt2fpX8bCIwzhcDHCzhsOWkkiqHoFMLJHBNKJG_sY3udkRoD0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 90292
Content-Range: bytes 0-90291/90292
last-modified: Wed, 03 Jul 2019 16:53:41 GMT
server: UploadServer
etag: "888a518a26f108e98795c0d3e7dbaadc"
x-goog-hash: crc32c=JL9c0g==, md5=iIpRiibxCOmHlcDT59uq3A==
x-goog-generation: 1562172821988838
cache-control: max-age=31536000
x-goog-stored-content-length: 90292
accept-ranges: bytes
content-type: video/mp4
expires: Thu, 10 Nov 2022 07:01:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9442 42 B
108 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAaCoAq9w37LhES-aSe4iNwoD3Yh6-TpgGQBaRI43u4uwzb-rXCKHJ6q3iNwYtHxG8qljj9EKjVdR5ZzbvGLoMmZsoUQVcG6M&sig=Cg0ArKJSzJHY9-LJO_rgEAE&id=lidar2&mcvt=1060&p=0,0,600,160&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=3381720768&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636527695914&rpt=19694&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5B78 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5B78 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5B78 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5B78 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5B78 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6000 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:15:21 GMT

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 41E3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 14ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmgoblog.com%2F&domain=mgoblog.com&bundle=QceMXF9JTUFMQ1kyU3Y3Q1NDVTBUV2VMZEs4TmFtNk5oenZGa2hXellUWGVUR1huNmElMkZvMEx3OEdrZ0pZRURGZ1Z4Wk9QdXU0USUyQjUlMkZuakVJS2ZXbXRZJTJCJTJGV3cwb1d1aUw5dEFvaG82UE5kdU5uTzFxTlNDbGx5NUk3UE5GajV5NE1pJTJGMg&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://mgoblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://mgoblog.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2424
date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 0EC3 133 KB
36 KB 50ms
12ms Script
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 0E9TW50X2JVZXK663QV1
etag: fc2e1be4d234471752ea2ebee7e63d1e
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Wed, 10 Nov 2021 07:01:56 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: UzU31zwTE-rwPi-pwOd-bPUBLy58PkHgdMqu_s8JHrZ52b_zc6DsTw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0EC3 79 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df04b6518951f79fc4d35ff827dbd4d324dce48a8622ab4995edcd1786d070a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1039 / 602 of 1000 / last-modified: 1636499161"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27057
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:56 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7D78
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmgoblog.com%2F&domain=mgoblog.com&bundle=QceMXF9JTUFMQ1kyU3Y3Q1NDVTBUV2VMZEs4TmFtNk5oenZGa2hXellUWGVUR1huNmElMkZvMEx3OEdrZ0pZRURGZ...
https://mug.criteo.com/sid?cpp=CpKBnXx4bGpVbnRwdURaUTNJQzluSXh1UTRTMmlvS3VpZ29yUzBEbXdieVdnbDNOUzlYYkpaMlhWSnluOEllVVcvcm1Gam9mWjNhZUEwQ0JsSnBjZGF1N3dNVThaVFhWUmlXVlZVVXk1ZnFxZUFpTFBRUGY3MDRWSnVJeT...

348 B
603 B

17ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CpKBnXx4bGpVbnRwdURaUTNJQzluSXh1UTRTMmlvS3VpZ29yUzBEbXdieVdnbDNOUzlYYkpaMlhWSnluOEllVVcvcm1Gam9mWjNhZUEwQ0JsSnBjZGF1N3dNVThaVFhWUmlXVlZVVXk1ZnFxZUFpTFBRUGY3MDRWSnVJeTBmTGcyb0FJVXBST1l2dFllTzBXL1JsUDRCZlA5OUtITDlhWFlTTHpFSkxRTkVQK0ovQ3lqTEhXanZSWE15c3REcGJMandSZ0xKV1JyT3gvVUYvaTFiajJxZUtkaUlnV293a3NRMU0vVGhObjBxb2JCdEYzSVV6Y05nMnVoUG10YTR6NTRlYUFVfA&cppv=2

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cf90b6476f9be10a327f956507466371eb571cb66932e7a27ad78c0d11f4c3be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 10 Nov 2021 07:01:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2434
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 10 Nov 2021 07:01:56 GMT
location: https://mug.criteo.com/sid?cpp=CpKBnXx4bGpVbnRwdURaUTNJQzluSXh1UTRTMmlvS3VpZ29yUzBEbXdieVdnbDNOUzlYYkpaMlhWSnluOEllVVcvcm1Gam9mWjNhZUEwQ0JsSnBjZGF1N3dNVThaVFhWUmlXVlZVVXk1ZnFxZUFpTFBRUGY3MDRWSnVJeTBmTGcyb0FJVXBST1l2dFllTzBXL1JsUDRCZlA5OUtITDlhWFlTTHpFSkxRTkVQK0ovQ3lqTEhXanZSWE15c3REcGJMandSZ0xKV1JyT3gvVUYvaTFiajJxZUtkaUlnV293a3NRMU0vVGhObjBxb2JCdEYzSVV6Y05nMnVoUG10YTR6NTRlYUFVfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1740
content-length: 509
expires: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 16ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 996
date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0EC3 346 KB
116 KB 19ms
18ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:56 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0EC3 0
300 B 101ms
101ms XHR
text/plain 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmgoblog.com%2F&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://mgoblog.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: TCpv0Pw6i95dBxyvbYotnqJV9pRzXeSbjKxGUAEsnu5-lcAZehcmYQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 0EC3 23 B
489 B 111ms
111ms XHR
text/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmgoblog.com%2F&pid=SmL5jgmCo9DT3&cb=0&ws=0x0&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22dea8-%2F90814396%2Fmgoblog_728x90_stickybottom_HB%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F90814396%2Fmgoblog_728x90_stickybottom_HB%22%7D%5D&schain=1.0%2C1!nextmillennium.io%2C15318%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 8K93MFWTGZ3XENGC6WZP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://mgoblog.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UR0xOloiXHyePqFjUfLTninJGOiiebPyAsbhtNdA1TS4HHwaAL4bxA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0EC3 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 23:59:48 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 25329
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: EohSMOgho9N7x1NRC13yBuL4jH5fcCMbfQBZYulowWhh02Uf0wUWNA==

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44EC 0
58 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BODkGT26LYZjEFNSbgQf6gKQ4AAAAADgB4AQC&bg=!EhGlEVXNAAYDGbPvAxk7ACkAdvg8WuaCbBpSU78OwsV2jv5s9jrcSSCD02yztrReuWoLbawBJq6EawIAAAU-UgAAADpoAQeZAwyjjySM-pFGRleZ_erJSKI5Nl04uD79MVUxpYaQTgucmd-mfq334hXmoV62mbTnshj0Yk2VY2qqhX597O7ek83uQ4MyFwk-HuxeIleW6Hmx-Ej_fnR53l19iofndWJtUoU8FjvgJOJXglom0Nt5os-HcKGWAmPQJNtw8zEeSr5nUzcrCx6oNblLEuGzJPKnP5DaW06Or8krfXKVSqnpq-DKXmMQVqn2XSF9wlNgH7EY3Ul2-y9RhTMz9MZ-IxUm1gfByhmtkgt5NHNbXncyU8Fff29-a1C2XE9PNEVw7i8siEDGAg18LbVuj2ZsN4iTrasXpSm6CZUedsF2Cp46ojpK901QmHjvt1wgq4Y4vzsHZSPq7i90INnQMFXolYWbuHSX_PLW-CPoUy8o8Iax7HVqSw_gEYjHfrIkZ45QcQhG2uMoHFcvXGDvx-hZJriHNwbBDtSeHOVrAYuL4QcWeEjEjeElphNf3Yk-xMJRKEM5qvF57Q9gZOzZL1G527JeOyokD3B1ST9C4UyZmJbvjYyzOPytsYQ3SH6Qym-ytPJ7DNxmuFM4A85OtfTlLtJd4JSwF43zbGDIrljq5sYoJqUGjS61GXKoCGQJbF-Dv0CfnZ9zt6VBBIv_kwVF8RvWJ18MKfGl0vTFjQwGFFm1kU4hrKyK7pCxTUpdhi9xvCHqwPHAXNcUgEPTWUEBakwT8pgL4K1TqAjNk0X9uQoFuDtwWGL9kTTPMTzMjSwzBtVQMwyE9PuwSXrC_cU_hRl_VYQooLm1mmrvF14RPH-UJ5mfjl5oLkmff5z0w741w_YQcODytx6FeS7g1wrD-pDbq8FJyZy0uYGiAYtVgnWcllzynCszBOImP21kq0kKQQGJTVfkZo2tB-j4P7XGojHLTbDky_f6EBh_HWdp4gt6XER4zl4La_0OQRK54fTLuSRvyk3LmVwT7dyy0Eo-bKtkdu90JjfaZ_8tK4BuDm4z5fUPA4QPNQvAFF8dN3x2Gh4QOLs_6EX5TJ7BWHDXirSjw0_hEYrLpcThP0r4K5s

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5B78 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B78 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B28B 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgVMoUG6LYdz_E-vG7_UPofmrcAAAAAA4AeAEAg&bg=!ODulO3_NAAYDGbPvAxk7ACkAdvg8WmdEyTu4g06eQczBwmc5YQWNJIn86DUQ8tr1lXuywYA4M3z67gIAAATUUgAAADloAQcKAIgeKaSHqzkLgYHu2SpL3TqS5CCvYNRL6AoGZFs_CLvPrD0paUfgCI6865DKw75QWB8UNYIIso9ruuihOHrFIyCRc0CK9sclChjzWA2iCu986UuvikKZJ5jSJiWsb_VYJbUauDP88AcqPUNiwyIGzUHoyJucMbO3y3pD-y3M9oiTaZ3JyiTD69KkmQKyFC6VRbqcYpThPlU_-uLrgsdLjzFS_xcjdeXsD1-8lXIVteQLtPVBEEZlBTzy0o7d31OyXZSxoMxi-phMyzR4bSVGH0Gw-Wl4X6nJX9RY1_wQPvJyjusNLPdqz_fzbQU7oQ-rSNoupjlHjQ5dmPs8sx22I_qcksOhgvHSP5fczX4xAo8NdU0DxVzNE7CP5kzgll9yra3f1WI5l_1q8yO35Hgxbv6cXfDi9YGznm982AFkxvgWGLS0bPCN81F-h9D38eIJbdhUSeligNebziydwH62APcioBhydExOfTNmGnj72-LifvM7SbFX5AJCF2u4fyjH8AFEH-a09RXYGOyBYbFzcDBJwQOU3orRQu1brfNhgzWX_lu--wcnOLsXJFRaZbR1JY7yU31s4ztiGHL0acV8UijroLutdRSin0lVVwlNs-IBmKcQbaKS5byM3vpGucNpx2prBRAQxtx3fzIs98ufWScKe-M8l3VrMLjcJLlihceA6pxXxJzIr04FANFRkVddEKsbussW-DzaJDcb8OxHP3liohEZl7nD8pGdU_IfUfoO2DtVPp5Rgz_7pUnmx3akAUz9jVkdvzvclSlkl9efJzn65uli_0MKacvZCAcVMKi_4tT0KB7qANNJNzc92nh9FLlxCtV_rl3D_-9L68UeNftBkZm-h4OVIRZOWV6bJE8c9_JjM9rKYT0pzm3qhciBCdzg3CAvfme4htmflD3FyCYEUv3q6cyxWtn2xVvensCqnRJ4LTg4JrnOR6eCIMpNLo5acTuP0QM1uz_OhIDNfD5Fj9pdgD9R5eJeAcDDDvvYsHfls-nqEIlrzeJMyL_KfS9f_tdJ7Mi7aNVb_JRw6eo-9CWymcSLIxSicMFQ179wB9U0rT2lfGruTdLXZOtDiKDXzmEaQStzAyMmm4Cj

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 video.mp4
storage.googleapis.com/didna-files/utility/ Frame 5B78 64 KB
0 122ms
122ms Media
video/mp4 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-files/utility/video.mp4
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://mgoblog.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 10 Nov 2021 07:01:56 GMT
x-guploader-uploadid: ADPycdvQHyDxYE-sa1Q0hGGVZ97QWDvMcj7z2GlKtWd2v0G-zCPhBlF48iAwS-uOSRzPjcf_zKer5UfH7cm5DZeqyM0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 90292
Content-Range: bytes 0-90291/90292
last-modified: Wed, 03 Jul 2019 16:53:41 GMT
server: UploadServer
etag: "888a518a26f108e98795c0d3e7dbaadc"
x-goog-hash: crc32c=JL9c0g==, md5=iIpRiibxCOmHlcDT59uq3A==
x-goog-generation: 1562172821988838
cache-control: max-age=31536000
x-goog-stored-content-length: 90292
accept-ranges: bytes
content-type: video/mp4
expires: Thu, 10 Nov 2022 07:01:56 GMT

OPTIONS
H/1.1 204
No Content statistics
report2.hb.brainlyads.com/ Frame 0
0 287ms
92ms Preflight 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://mgoblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 10 Nov 2021 07:01:57 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics
report2.hb.brainlyads.com/ Frame 230B 0
0 94ms
93ms Fetch 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 10 Nov 2021 07:01:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0EC3 107 B
165 B 30ms
12ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0EC3 107 B
165 B 31ms
11ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0EC3 54 KB
17 KB 253ms
248ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=850662783110836&correlator=4478987781507553&output=ldjh&impl=fifs&eid=31063405%2C31063676%2C44754276&vrg=2021110401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=90814396%2Cmgoblog_728x90_stickybottom_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=refresh%3D0%26url%3Dhttps%253A%252F%252Fmgoblog.com%252F%26referrerCategory%3DDirect%26testStatus%3DExperiment2%26fp_pb%3D0.10%26nm_id%3D431c7b61%26hb_pb%3D0.00%26orig_hb_pb%3D0.00%26amznbid%3D2%26amznp%3D2&eri=1&cookie=ID%3Da66a8a72971e70cc%3AT%3D1636527694%3AS%3DALNI_MZXai-rVOKbHDaQ3PAAdc4HPrBkLw&cdm=mgoblog.com&bc=31&abxe=1&lmt=1636527717&dt=1636527717015&dlt=1636527716272&idt=624&ea=0&frm=23&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3928450669&ucis=8kd0by904n2b&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fmgoblog.com%2F&top=https%3A%2F%2Fmgoblog.com%2F&vis=1&dmc=8&scr_x=0&scr_y=1&psz=0x0&msz=0x0&ga_vid=1133490413.1636527693&ga_sid=1636527717&ga_hid=1113812024&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4022069a5ded14d585b2934beeea5df3743e70bc48c3974c2188ed4c9384b587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17085
x-xss-protection: 0
google-lineitem-id: 5645624057
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138280992363
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0EC3 12 KB
9 KB 28ms
17ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288ce62e2fbcee65af0fb8a6d163db546617298e6637e2701a2a3058a76c46bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9220
x-xss-protection: 0

GET
H2 200 container.html Show response
e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C48 6 KB
3 KB 33ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 07:01:57 GMT
expires: Thu, 10 Nov 2022 07:01:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EC3 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EF9C 25 KB
7 KB 425ms
406ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F170737076%2FIBV%2Fpredictinteractive.com%2Fmgoblog.com&description_url=https%3A%2F%2Fmgoblog.com&env=vp&correlator=740167652797034&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&max_ad_duration=30000&unviewed_position_start=1&vpa=auto&vpmute=1&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3847762016&sdk_apis=2%2C8&sid=357254C5-414D-4FB7-9F4A-C63BBAFC6DDF&nel=0&eid=44748808&url=https%3A%2F%2Fmgoblog.com%2F&dt=1636527717170&cookie=ID%3Da66a8a72971e70cc%3AT%3D1636527694%3AS%3DALNI_MZXai-rVOKbHDaQ3PAAdc4HPrBkLw&scor=2599645522539185&ged=ve4_td1_tt0_pd1_la1000_er1860.1028.2010.1328_vi1.0.1201.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f1c6048fcc59901d0d6b0f681b66eadf89387c8422758d1ebac9fa3f4f893a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6518
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6E24 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 10 Nov 2021 06:49:57 GMT
expires: Thu, 10 Nov 2022 06:49:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A4B7 783 B
960 B 17ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5f1c6517f6eb508f1d52da988364f278eae57571f4b099d6dad48f30ecc07ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0/2r5PrKe0iKLAIH0EoJlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 10 Nov 2021 07:01:57 GMT
date: Wed, 10 Nov 2021 07:01:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-0/2r5PrKe0iKLAIH0EoJlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 104ms
103ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 10 Nov 2021 07:01:57 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E24 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 29ms
29ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211108&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

953357d79c9fcc25abda522ca296145987f143833c7162b3569b30fcbc7d6659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9309
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4B7 0
0 59ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=850662783110836&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C48D 0
0 72ms
72ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf42OlpFYcuAykdRzytfxvB9gmMPs9D7rDqEaEvudiN8EB9cazaYUn06fCmD66bFn9swIGWzvA6PFUg-fxM1DDzli_wvW4U_areAEpE1R9ncnvD5Lm191GJVMcVtf-FAd_1GwZd5f2v5p2OyoqRkSi61xVrwXH5HbThr_6p8UVEqyA5HKpsI6cd8-YsS7z2jlq32O-Skv88qVGrTKXAHEiQ3Q7nGTqUZLoBgH9HIcpLWKAZE1lFEWDX9yhKxMPHs3aYiJR-SwAN_tqvH7uIzuHmyxmAaw43txE2ZH5U5-nyImzaMEMH3JeJkKc0z_OaLvE0SNkosP1MEPN&sig=Cg0ArKJSzLpz0ohTJMPuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C48D 79 KB
26 KB 20ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

df04b6518951f79fc4d35ff827dbd4d324dce48a8622ab4995edcd1786d070a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1039 / 672 of 1000 / last-modified: 1636499161"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27057
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C48D 121 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 509ab2424579cc51165cfc0f9b53c82fe12612c3569f00c74ac6a5b6f1f58594

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9E91 12 KB
5 KB 12ms
11ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 10 Nov 2021 06:49:57 GMT
expires: Thu, 10 Nov 2022 06:49:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24C6 783 B
737 B 20ms
19ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83edbca201b6fd4ea3cffcf94c7b1cdef8c6ab2be9e8273adfede65a605f3aed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CAoq6bvuPEYqQPlPl9//TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 10 Nov 2021 07:01:57 GMT
date: Wed, 10 Nov 2021 07:01:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CAoq6bvuPEYqQPlPl9//TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C48D 346 KB
116 KB 23ms
22ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24C6 0
0 92ms
92ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211108&jk=4317953412673435&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E91 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C48D 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C48D 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mgoblog.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C48D 17 KB
10 KB 277ms
277ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=509588380383778&correlator=1580464073579774&output=ldjh&impl=fifs&eid=31063213%2C21068030%2C44748553&vrg=2021110401&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=90814396%2Cmgoblog_728x90_stickybottom_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2%26fp_pb%3D0.10%26hb_pb%3D0.00%26nm_id%3D431c7b61%26orig_hb_pb%3D0.00%26referrercategory%3DDirect%26refresh%3D0%26teststatus%3DExperiment2%26url%3Dhttps%253A%252F%252Fmgoblog.com%252F%26in2w_key%3D58%26in2w_key2%3Dnope%26in2w_key3%3Dadx65%26in2w_key4%3D--28gz%26in2w_key5%3Doptimization%26in2w_key6%3D--2qgz%26in2w_key7%3D65%26in2w_key8%3D58%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1&eri=4&cookie=ID%3Da66a8a72971e70cc%3AT%3D1636527694%3AS%3DALNI_MZXai-rVOKbHDaQ3PAAdc4HPrBkLw&cdm=mgoblog.com&bc=31&abxe=1&dt=1636527717487&dlt=1636527717296&idt=160&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1111&adks=1712902168&ucis=9j94unbmfk6g&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fmgoblog.com&loc=https%3A%2F%2Fmgoblog.com%2F&top=mgoblog.com&vis=1&dmc=8&scr_x=0&scr_y=1&psz=0x0&msz=728x0&ga_vid=1133490413.1636527693&ga_sid=1636527717&ga_hid=439654564&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b7eb5e29d5437eac782dc830031d481fc96b30a7e325c6bcab22c6a1eea40e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9895
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblog.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6F0E 6 KB
3 KB 30ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 07:01:57 GMT
expires: Thu, 10 Nov 2022 07:01:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C48D 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBYqMJ7Q1VMT3AvOSCcc_KQ_KNQC97sO-LxhpOUbZv_BJX-FPd_O9kL8fdUKMFeUye33jTP82Z_0ozfyC5hAVuadQVgE0qhtIXiQZqXeJA5xc-Uh8x2ifrqLQOKt7TOh2gRZx0ZMehbPJvjs6t-rOL--cqdnzpEfnheX96YCGOlSFpsQ2MBYjZOHwHtaNWtsM0jJSRbVf1fpKDJshu43UJ9co-lH4xMKRyTaEm6C9NUdAKqH5pTqItvaAZg3ZCt5As1tpUwcIFmUnKKmiZqKMCXEVUl11L2KdF35ap2cNMGnDsQtHnPMI8jWZsXE-PJ48FOfQw8UuA9F7zEJI&sig=Cg0ArKJSzFmQI_8sNia7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
DATA 200
OK truncated
/ Frame C48D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cd825f5d45ab682b2a56f15713b72f30fa94fbb15352c9405d1da3b1d8baad9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9442 42 B
108 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvgHhPGo_7UoCmLWJ_ElPwQpI0-BotmkJ2het_0r0w83EWrXGKfY_42aDwhj0iWklc6EXvUtSPDmmmYDQFCIsgOMje1cIqXZFgMsHhXqeZWKgaQ0lx&sig=Cg0ArKJSzCpCOmPyUad5EAE&id=lidar2&mcvt=1087&p=389,1098,989,1258&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2020458416&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636527695914&rpt=20521&isd=0&lsd=1&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C48D 12 KB
9 KB 21ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b9a7a518058f840160ae48b2aac0af21654717c1171749a2a5a89151b3ab4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9220
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EC3 0
56 B 43ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=850662783110836&bg=!e3ileDzNAAYDGbPvAxk7ACkAdvg8WuYa0FmEKJ4CvLxKlLs-9fG8PZFiZcBAa7ThZbcT_gPqi2zhlgIAAAE0UgAAABtoAQcKADBk5IjA_uVfDKQE3YtUSQdBlPBAheFnO8dHQegiLwucfPb7q97SklC8V0grg1Fm6H6ZAsf9XhTgFpPoZFFU5SLK_wc3odxG0sedxEkYmp-unrBwRexaieU_DSf4Twk-7RroxQDT60ov_vxirPeQ9Ydd5NMfqrK05TU-tnpVlEgFPoz8PQFNaYKpj1dVOl-aldoJBEJ2em1k0HMZnU_nwyKR4T9I3gTcgocbfQeGNCMrEgudqlyrC0zjJFY_jlo_BPTf5ueW6nr6XFAoNxVilVZZzXlyZ9v_Bl5da2JhcrbycLnnsPKNqqgrv-Tadkoh4l8-EIaZe_-1Ov-A4-wJR88NMkOnOL4zuOEgGP32PAhuyFYdt2kpJbLD-fUMEdICK9MFqWcAbh-PGODlCHUNzY1GD3o7Tn2IeE4LhwE3sjVUyCOVEoWNQFMBhm4UqR5v5nAzBLQjZ0SwjMvMUGIO2Mi_-pXsZfCOPcw4Uv4PwKM6WGkMTfIhRxVx9MTlAR_8cOLa95161oGpQD80zEDCzYV0BldNKiH_jZNfEJD4jaMc3yXXSwQ43v5bMrQa-A1Q2oEamwGqYCodfhBMXR60xFdmcBV0ojdYqhozRZ9D35_bGevZXNj1BUZiqXbh7CcwVkdk4kLLeCgV98zmR2RkUl6php9gnUhqKyHig1VqcFIQ_T-ajdWIY4D1GQZa9UJqFR0qxcuCNqNchTGEpaNaDF23m_Ux-yiudmR_efKNKnsChvF4OwNRDFB5VeOZgsb7w4NpbRF1-2TaNVoqW0f6LV6Kdth6QUx-x2qLJd8HBBeJ_o-pWoMe9bP4Uh6bXSdXfLw_BjnpmhCdd50_ST8COQf95Pqy17N6dM_o6tkJrL4jjR9GPMVRU9_pt0K5F3fVO0U2_WLO_HFwv46Ox_sM-H1X80n_BBtSTbqDXA_j7PZ0HwgvTiP0MIpCfJqGbkK40g53jEy1_XyyzA4hjD2arlqkdc_c2RMkLPLTCf6kNE7t6QThIbjbMcem5NY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C48D 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame EF9C 28 KB
15 KB 102ms
44ms XHR
text/xml 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CgqBc8F119xLDbMghYbq8DmtparXDlB2SuiEd0cq4zlK2kellLwTCVhKqT80lcv5A5s2DlxcL_o7bPCLqwrt3dsbBNAg&cry=1&dbm_d=AKAmf-BAeeb6e5aI4nttjUBzK1DPe00e4xpXn98kAFZBdmr5GJWkWVkZ32VnB7DDZeopweyKfMMcLwq8Y7jwbK-ap4QPS4qXD9qmB1YmaX99OVmIsoD5dJmA0uKdEepzjmqW1RQfm2ryUCLIQmLgtqo1JoLKs1B78o4IgjuVhUFWdVDt3zNMnhnt-xw6uWxpPyMUtB4cZLHTKFJxQ3qhJ7wfGU4zy9hPLsCBZJ1mCYZ9oZp4-ofOLpHSErCnlt8snQqmXrZeBdKW_f1hwQfKkO2WCwdosAQJe4M8CV3iFp6F68b8Z1PpjyL1QFS1-wTw4yWh5JhUJ3PiVVyESF-bJljKF_vLQvMqi8Zfr-GaHALT2JYT0n27wadEIe62vLYNp2mRMH7Rwcw_YF9Uco9vor6NOQ2g0KWeg6gUx79yxjurl-xDGVARt2--jZr00-kVy1DeedzJrUNNmoAPqIE9KQsRHNYXJzUSZtj24ArBbTMW0FVL_1lFD8y9g06RFfPiVv2U8wg66kSgrrrED2l7PufyDpi5lkm8lR_kmpDAGmhFU85UpGFXsGcY3kmqHr1o4Fhqyx6nQBJHprVDTU5sWbge61MZWa4UcCa5hZiOCpyhKUOKnp1s2TumsB6153dHdDblFdwj4ZFEFDbFJm7IccW2vJCMdJuZ983I5SLyOrJdMUB6gcqJx6DhnREkoXsxCniKF-J4xr43tkVhzD_eRZZBgjt1QQL_I2AuFhL6_YFEQH0l1-iTuEOHtNl2r0bYPyPob_nAfRXuRFdLLKotcJppwyVkW77VypNbKTZUin39akXnri2a7fcZ33IjumoEj-3rvdx5_-owp9i3fs9i-vy3UdnIIR03Yr8iGAa32_Vtx8IhHqmsPj4wlpEysuTViFPZ9KkuI57Ck4N3RyPIn0Kuw4tSCP6JrlO2X44Eq6GLFBg-JxX5pEOddwA5q07PXA50S5Wq9pkxj8YJEnUhWl-AeW0JaqWv91X3l17oAyZIPvV2lg_Iw1sAgmn8tIEe0l9W9ZdBElKTTE87FzqNR0dQMwQGrj5qQjVDfI_M0GRhIU1qamqruI0ORD8mJI-z4h4lDSNNN1Y5CzHs3fhwxJuCCGXvQQeFvxDu0yEzYM1RDjzlVnADpzWLOpw0AxkR_iy5SOEcuHqq994TFXt64FgY4GxcWD04RM3hd1KEPdn1ttiLZ7Q-TOGk-db8B0nhfwwtzZF86_MQNfGDrTA9A0G__aiTj5w1M42yD_v1u_XGTldezjPd0mAJG49BoJ0STdeL-kpVioqMBba6tAvhXUunvGmjNilb2H1vD44V6Qf5D43QVJKlUnIjhYITGS5YUJuFSUlZPeRm17fFeviIcoapU3R9YwFHuWuGuZA37Z6ZJsSBs5niWFc6I78DdPEBu8LtuYKLsnmj5chdLCuG7s6F-hdNjzLCjL0DcJCJOnZsfKS96FCgDrcZHBvUZ6-Vg3TJveYO_wvUhwJ4605nN2W1t_9qIOwOPcABiAAb8BMJbPKd4cF6Nv4mskaOUTwlLh3dJcooN7I7MOZZT9cIZ4ryYC_zxoBWbP7k0ODVQQnHdwVURwxGTAssw1rH06r5-AWkCQcj15A4nOnSZecw1uhPxfy-xMdz48ZSiSsX8kQlC7UNYxYM7Ge7OkjsIJUr9cvDArYN7P6fjvLpCciZsjwKVzR2-s51viqwMOu_KgEvRN7knCsFp5gdT31Qk4v88_7uFvn4L2d-oZaiPTc1TDMeQZZNPZ7xbeugSciB0WpAgby1mQNyWkAX060J5xDcfUr-HerZdl3XRLjC8gOu3D3PiXUsIgj4uLjzWWjdAb_oTRxaOm2mLzpyRLFGpPmGk3vm0cLVqr95gfQRkOL7RKAAPYSZoYNXqZxQaIwGfP7Vs-plzZVLaKrU6KC6YhlARO1KgKNFgh7t6-0HZa82VP7EPlMT6p6cw9s1ktMgEyvTlOCxWvxWcsDMfxnWyEACtUIauWcu6oVHH6YmhPTlLuGXi9myW9SurU0BC5Y8kvJFdI3qV9IMGfzu8jVeWDfh_ZxO1L1eceVPPPQMMLV3dsTWJyHwbP5FpcUJwls4wffQcS-NzmMhae8Unqz3kbpSiGYEdDBn9FGqQqU4ZamMYsZ3MehPld92i5yHX3PieJat4fMZkhafH7mUCpi0OZWIPHLMLVH6Wu7hgNJby2NWsholHxIl38_IlYtpUPy_l6-tVNxkhIBsisdfdD6u7NUe3tt6pkEQkv_fhKA91eB4pftza8BfO1ixiqsREwr5g2rr97DRS5PBRijBSFy6TIx7_M8Ogb-y-AhARomWmqFWRxtnIElXrq001K6OprJ7uw2vUXYKLNecj_QA91fFkyBnUxhkY9BoRa99v1JBLVautImRLTGU0bxB10ov6K0ok5n0on_vMKhe5gFg6hdU21DrZrFZuvtv137cYvu23DfiR79v_LJ2dFoZKxQymhS-SxOMzt65gcc5JBEAIaTG2L1MDY-KsD4zi0ytCw_HKW9LXykQaehuvDMQ-5Wc_PGZp0istdwi4FSCZ76aMmgYzliu8uFu6aMpR5mdEknL2XWfFWzMN68ebioas4UHiUvPiZNSrr5SV8dVy-66wLY2F_iZOMR9h5q5YVFLtjxIpDE3Xg0j0aKYK-lAVcmq_2CStht7f1I6Cze21j4GfK7vA4I_tx0nEBkibwSgiwUgjkMlobQFIlY2wEqI0Ku4lXt_eMRKJoEEwUloplgssvvcuYJB9l1ZQzQn_Dsr-qfiZj4aUcPnQTAJPdyPXisIqN9eQ82l_zMyO6OVOm_L6UAhuOl4kSwBS6OZA-IDK6GpDrk5YT_pSCZUcLXp8Wqcg55SRkJDShr-Wn1zrkJ8EHOgQqfpp9nHAUZAMqMwcDXZ0NlnIYwoB-702UoZiLAqK61dykCbnAYyyC52d7W5Lz7axrn92uw1DmPyLjh2YsCkqin85hWNn3o4Tk0GLyjkY3BUyucqpF5y0bNRGmUpjZ7_roB52qiLBnggbgQg2PNa3jFQ-luIvK5BAFK6wSDBix54Kd810jEonetVgk-XtFjdhxxL4QlcgHbIea6e&cid=CAASEuRoDFqhnKzGrh5c8hkGA06YfQ&vpa=auto&vpmute=1&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3847762016&sdk_apis=2%2C8&sid=357254C5-414D-4FB7-9F4A-C63BBAFC6DDF&nel=0&eid=44748808&url=https%3A%2F%2Fmgoblog.com%2F&dt=1636527717629&ged=ve4_td2_tt1_pd2_la2000_er1860.1028.2010.1328_vi1.0.1201.1600_vp0_ts1_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

cafe /

Resource Hash

0ac9d31dc3b81bcdca9f1ce07d3e4419308f59e098c4df52803f742819aaa936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14521
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5FCC 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 10 Nov 2021 06:49:57 GMT
expires: Thu, 10 Nov 2022 06:49:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA58 783 B
738 B 18ms
15ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed1aea2e9fba51d361f9a57e9a3d4575a3d985139c01259e31512bc7a45bc885

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M2D7OMn2e0CEEgMizH+uEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 10 Nov 2021 07:01:57 GMT
date: Wed, 10 Nov 2021 07:01:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-M2D7OMn2e0CEEgMizH+uEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FCC 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA58 0
0 59ms
59ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=509588380383778&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame EF9C 0
54 B 140ms
45ms Ping
image/gif 2a00:1450:400f:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvt6ck4c&c=5305611325941&slotId=2652805662970.5&qqid=CLzkguqcjfQCFZC3ewodlxwGNw&gqid=ZW6LYfa9Dqm7gAfQsoDoAQ&fb=ima_html5-lima&sdkv=h.3.488.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44748808&vmfc=15&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EF9C 42 B
140 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame EF9C 0
0 33ms
32ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C-qYkZW6LYfydEJDv7gOXuZi4A-eur_Zl1teg-_AO2MawxIUcEAEgnIzEI2CVgoCArAegAemB3dgCyAEFqQI-YQYZ7G-zPqgDAZgEAKoE5gFP0EeH-6YymPComskzlQRLTHN-taQMMDK_WTWt87aMfYKe-EY0-S7eb02qkY7IU6FN8fJaYCVhAOFC9U-t7rIlc3BUqTulBcQIbz4ufHZsaW_sDvgMK8IomVQjIMaLbcOTua0ZqMN8lfJxQEDeCMFu2zPpuV_3LpwsNUtIIW42GbBfdyy8-VWg5HpxNKsqRu-ELIxD-8GZ3yYKoe76dyG8Q5JxjxpOjU4JOi7uYOjDs1xU-S06B_jAU-ATcCmFs-vs9VzRXlFKiWAC5noG8SRdsFLIC2Bq_6qn7G1GELpOYSlt-bf0nMAEyJv_6eQD4AQDiAWl8OX6NpIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH__2ipwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChClwQ4YxI2uugHSCAkIgOGAEBABGB2ACgPICwGwE7mImA3IE-Giud4D0BMA2BMKiBRC2BQB0BUBgBcBshceChwIABIUcHViLTM1NjUzODU0ODM3NjE2ODEY3IoV&sigh=R_pr-xGgr2U&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLMuexdDOWyrFZpyo3M5DiLxXGqvkY_jxK-MnpZ8SR50AWbBq0W2cV2nJpydaZBnP1eOu_8JZoDhA&vt=10&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjAwNjAwNjQ2NDlAuQMKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyNTk3MDgyCTE2MTM1NzY0NkBwUjMI4gcQDyUAAPBBKAE6CzM5MDgyNTY2OC0xQgRHREJNUABaEHBRc1RZaGUwaHV4NVM3eXEYAQ..
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 44ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211108&jk=4317953412673435&bg=!ycqlyo7NAAYDGbPvAxk7ACkAdvg8Woi5NQPFdDV0z1Amo4htMA2S0tdZ4edSlcwedXwzbQDl-jWIbgIAAAEHUgAAACloAQcKAPblLkjS8vYPeHsc44HWhZ9hcYbbdi5GUNcei-h4ltQ6RYTzRZaH16IOgPTT6WHCvQQrjD238RQI3vxXg2Hmk52v_G6bwASwg7YoyF5Q09KiA105PeiCqHUPWWxxKDEQ-Ct91gOCSLEQI7lP07eywCr-54XMUcZs37jDgrTYyB-a6YWXCUtMnMuuTycXcXEOucZosxJe2OyHafXkBPBgN-IyaLAug056v320l-V0UeoIQIUtRB9HWmiL3krZsGPb_h6pgYaqbbDiBI4fIep_mmfmNaQmrckbpJc_YODwTYTgGIdjfCmPFO6JpyM7HozSjXIlF5diTJSZAqHKeCiZofe4zJJbWOGpth-2tF6ihVqYovmBeL8pZc5khNShDyvqLL6khrcLKYvsOJQsE0NEHxavygDwVhWG2_-M9p_WdF809rHYz0CdlqlqzX7nSm34QyktTMYnBokNwQkyyHgXMPm6cS-HqxFv3LiF6YsEJs-p-JMIU1h7nYw6MDgl4ngc985ZeG24DWFOJCJfaPSYnVlaLLk0J7ehENcik-nF8WHMNINRvo0wl8eiuK-F9VciNpK4rShmSNLAWOi4EQCxP_oDfF8eO52Q6DH34FKDTKei6fMXk7DJfyDB7gMUko9GaqT1T1J7S7aApOdxiA6qBREQKPPGf35O2ZUNvEy7fmie7E6csle1V5qFLmiGIkqi-V3lXJTAtlFqIcNEpXmSqv4jMNQPtaG2y9noM7YrdrTdQIQVrTVnqMoZaUIanygCTkS_a7OeCFHquMDkhKxO7ShRhaWcVOQEMtt6PTs5GPGhlxyL-_KQ7P36lmQe3TgKxvRQP6ksSwz0b66xx6jUgyc-vlUfXiJ-U0eIyIcZ7uu6LzfMe9o1Sr-cd73NYlFU01rdYBm6JOq--cMBrz0dNoEXfdsTtZywZNwnv9fuUYzGe5zIOOxhHlE_mPp9og6Yyc6533wnbYT3UmzKsTUmAUlolyld_r4Sxne8IN8pAPJc4SxGzV0vmtmGWFhl97okgEv4uO5Rvys3qKsvUqA5Zq9TvdTC6qHJvocP-PvjOshAkTzeh8MvjQ7XO8RdE5tnwdtI_GqAGZgwIAhNrl-aSBXltG3_7bMVQQ7252vvv39rN9qQD_Hfcsaasoix3nFy4uLsPorRDdcofGHOn6RQ19up3dBR1hTiLKYZISmdj4W0FVvO8LH0MOOBeePjCRT41mxmrUHcObmextqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CF21 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 07:01:57 GMT
expires: Thu, 10 Nov 2022 07:01:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 csi
csi.gstatic.com/ Frame 5B78 0
327 B 72ms
45ms Ping
image/gif 2a00:1450:400f:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvt6cjqp&c=5305611325941&slotId=2652805662970.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

54
r1---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5B78
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/acao,ctier,expire,id,ip,ipbits,ita...

4 MB
4 MB

284ms
8ms

Media
video/mp4

2a00:1450:4001:4c::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CF186E6DE07321A9F759822507125D7CAD6C616.074086BD4DF329E0EAADCFFEA01F39BFF9272E97/key/cms1/cms_redirect/yes/mh/2x/mip/2a01:4f8:212:78e:31::1/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1636526814/mv/u/mvi/1/pl/54?cpn=pQsTYhe0hux5S7yq&file=file.mp4

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:4c::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1d3ac286158c86a72511230065aeb26ef223e3455e2602f8ae3c96f4150bc952

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 07:01:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Nov 2021 17:52:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-4464164/4464165
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4464165
Expires: Wed, 10 Nov 2021 07:01:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/356550c25212fa95/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1668063717/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CF186E6DE07321A9F759822507125D7CAD6C616.074086BD4DF329E0EAADCFFEA01F39BFF9272E97/key/cms1/cms_redirect/yes/mh/2x/mip/2a01:4f8:212:78e:31::1/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1636526814/mv/u/mvi/1/pl/54?cpn=pQsTYhe0hux5S7yq&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA16 624 B
344 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNWldQ1f_BAFE-sb7jfH8i2MDBlYtr71VcIJH88YIAFz2S_F7hRyJDiC3atNhHanlzetbXv7gePXXVXrN4v5ZR1Ko2AV35z3N7hBZ3V7gv-30KqKtc8A6m055icFgdNkUoYBLtTXdTeJR0lDxAU4Ag_Ztqw8J_rcFLfEU3LPLQNZ5-TjfZA

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 10 Nov 2021 07:01:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CF21 25 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgT7A7OD0CHT8RV2GL-E8Hq6x3mnkpEKeiIh_vXj5d-LjNum0zrlVt1rM1XYg2D-3sYygm3YtkT2JuvUDgHvOjJ93KfgWHcgjOJcJXO8Y7b56SBY3_Rv8oMSnonblqNW60T4BlKoRaSbO_-YLVUQPx6-KxDQ&cry=1&dbm_d=AKAmf-DyPRCHv14oIddMHOXjFo_LnMapC2esgZWL_b_XPK_5n6lkPvWsYKt1Uh_6pEilgALixI6ZbZ9CH_oFuDJve0ATAVTUTmWZV8feVFZNTMzdfRxpv5gnhfkqcyPjfK0esRMpZtw4QOBthzItgE1VrRkaODhbqJ625MZzlCmjGffUir9s4Lje8AveAagWmfrdozJRi-jIuubienF1YrZoUbycWDiHhnSjQprJmhIclaBOgAN3NSsrCR0VpXniPtpoo4jubL1-l5rmoi30vE5av9gN1FT3xrUVRxrcDuqi4wgiRqPG6ntooyoIhSAXWXmUm4IaiQ7tcljZttu4Ad9rXkRb0HXB-PgEfaCsd1YfQeWTXPf3mdlmibDqed0Tf61rZHzkD0P1GQoSdgCrPgb6_Ma6ALJwRsaPNfxYxhcYOHK6Pu_1qtLpG-TD_seEzSyG2ap8QobOcUxOdCgMcMe0eNsat7qk4s8qGB2CRFSukXbw11ps70cQXknD7lxTfLSM0PSak1jhg6hy_UdPSTd76t6yEKnXTghvDQ7iYg4D7yCojFeZKsOer6gYfZkiF3VkBZvykJhkhtfOiCGdd3vErzr2LYgvD6dqdvnr81Lk2qTy9o7lI3_g86KqVZU_hkOvHlc4E3XIgO9LpAxZssUIBD-e4JiL041ruOVWLhvcZ-nYJKIJsNvBJq1DmE1MxIrCty_QN1G9CxNtJdCTvKopubL2CZZ-MSlhrX40oVm1cmR5eLn0Kvu-VsJpPQfvjtJGDn0igj6YreGpCStd2LJ4BLZ5gCwrV18y9GjQjGkITPYu_UtMtuDRNDal73wXBnpLbhhM0f4r2e92AHjIwYQJLaJIiMeZHLc0tOpjB40iwvpJ8d39uW53UDo6d9CiZ9ICV8r5SF58OpmY2ClLelTcnm5id3vAuk5mT2eDhtZUdiODPf2KZuN0l7OuoVs9q-BZM7NZbvflqcISXSO7JCL3iHWTyP4w6tuIW2xmXl8sMacH5aBj4mM1fTcIFnI-CNN7cNzw4GI1lbFbtB8diI7L0NeUtUermDcUumTnk2peEfsj-DVBvSZWCdDUHuFNdPo6tzVAPzcCYYo_4QIahrHwSF0k-A0ODZOW7sDLQiaGjiJ6-HtSgQBp4w3kSv9BjXCwH6HYXZbGttdNs4wthP816MGNLFj8LOfvndBYFCJGmhgE4lvHl6qqtNvoD6t3GEE4A2EFQvtM1OLsgnwA0BhSI-f1NTDEGE5VUlRWEqyhYF-WlQ70j4SHrfsE4HKICQ1xvEk3le3pjdf1RMRd49V3QbVZf0loilij7mFmnOqNiqYWEkZud-VG5i5oZLubshnA8BwLmEU2FosoKrGnTKT73dqOZhrn_TrwOQwYIxASIrcKOdXLn98SBAvn4XdYQ9nBb0ZD1Yrz_R9FoFak69JROtwsH2XeO0cplcXYEW-21wIi7IymRSCF7RwSxEw8OhKL9SkOO5SesXToTkfw4W3RWyZc72JUs61lNLA1rDccE-6cB8_J20xonuu4aafgmDb8CEbh0XBbV2xe3AhYQOc1nfKt3C_x7b4Sq5GqKjyH4qECwiK0W20l9m_COvDQBpx8Qc8iIkQkj9e9MAdHvvmYF-eYw6K1se6beraXUwh7bYCzYIDBD6S1x73SxRKLr4-LSOhoUpoJ-xfE28oKTlBTtPU94QURU1No-qzjLqG5qIgYSXUzNUg4IDfcv5HTJ0yyL6EYL8ckCxqtIQvaORL1CvOVeQp9FZgfXs39jO7fhV7xtxmtAdZmDg5o0FlXHplTLFbv6BrY3FN9VptlJAG4CDvAOJcA1xrNs_likWoLD-v9lmw7RoWl3qX3SYKaV5be2vyWF-pR08l5SvZcDdmG8xzOfa88jnvpo7xxqVfahH2x5LkPDYTt_3rczCFB8ERq6TTRHdrVVnIM2dBJP9cDtBioJVAg563tc_kJbrQrJzfNOvq4IomYgVqiuQE2FgbDkKchIZpiDeVSif2SiS8l0q_8b89RNxJ9fhZKemZBlhmd3_7lqnWyMmlx7WeY7R0cdoeSSMN7FVjRB6dtacdrKw7toKlnmeXCfuT0PSJ_ikWzIDxMK41VoDmuK8uylvUDCYesEPhmx0AieNAjy8NhTlSszCX4ZZ99aWwBgUmXofiiYWjhCP5zhdFPo-uHb0-51BMg71VaOw0TcTI-2GpTze0BG7czY2BGdvkfJtbnHNCjZeLlWG0x18gPS0K-eCaWO1BwImlDad4LnllVfUID0nQuBO-l40EL6xomrjpV5kHkRqojop6j3nivvNDf3kjEyGpi1wNSMqrfLXydDzF6uVtLrWZ7VStnmXFMd2ouxv22zE7sXRSPonSnRmw2UiFk3bPuWKDIphpbfZGHMCsjOIu8rTlIjOnfVptG4FoLBDB3f_fnxAnGUwYbqk6cBIxiP-bOutWDVxAtecXuoO5RhoQA0bjfuUgGvHkiYri3uRto4-dafe9-CtRG31FYfC4j6wG0CignVQkVDAipkWOgilANG-apygq-H1Z-WBgWAy-W_ikDw55nJAX2fZmH89NORsZt-evO1drMpQBjdOP-OOcjlvX1eqtt-KgcE9dWCqmT5AI3TGMynsWFDkFY93S6aE94VwzSOKX0mrMH93C01gzdmlczDEA_xDwNxehWedO2sWkAUSoxi5VHcLsGRGtYaCqmeXmXCDRPIQzCDpwLszCSQDjTuw3BiwKndymFx7Ajhg_Wzigd7WtP3991V8AYZwyhFFq2zQYg-WpmV_UY8EQz7rfW53Y146he4S8sWvWLhn9mN7VlUmpksJm2PAigrmQNeWbiZJj2eQGPCBYXz9ztYbIaQUWOQcHjDoJRcpxGC3Y1iGG8tsw9iGOMSyQyiH43vtcMEBnTnlOlMjmh05kxgJ1BHM2goaUr3DspvYSEB2CZru57aDEE0FfDFhzjSVWBlM0wYIiWA1ye8I735Yxjbr1pfQ&cid=CAASEuRoieyRq7F2nvPXmKOULCrPMg&rfl=4%2Chttps%253A%252F%252Fmgoblog.com%242%2C%2C%2Chttps%253A%252F%252Fmgoblog.com%252F%240

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

229b175b326330411826053888dc77f213c184afa155543ebe30723b1101d666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14954
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF21 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNJu-wveN8i5RNo3FquqNx2NEYeWC-p9I3e8227U4lmcjxElfCIleB8R2N0yQ4iDBeEXrlVol06ykYJEcndDtxiruaj7edOR6D6vQLpfQe5enXYbc

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CF21 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:55:49 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/787359/56365210/ Frame CF21 46 KB
13 KB 149ms
63ms Script
application/javascript 34.253.169.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/787359/56365210/skeleton.js
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.169.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8fe21a5d27d5e3e373a08a0c78a6f2ddb18f80e8e24a769ed5b8c03a011c3e34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
content-encoding: gzip
x-server-name: app12.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame CF21 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:37:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF21 121 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame CF21 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:35:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CF21 0
0 15ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfXBiRZmqx9slRKU6ViIsNzOuyjrFhgswoThugSJPfutXFnPtQDQcBT2wknCKF7Vnq0lzReJCbfYLuZx1zQcycv4J2dQ
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CA16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1&C=1

43 B
1014 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNWldQ1f_BAFE-sb7jfH8i2MDBlYtr71VcIJH88YIAFz2S_F7hRyJDiC3atNhHanlzetbXv7gePXXVXrN4v5ZR1Ko2AV35z3N7hBZ3V7gv-30KqKtc8A6m055icFgdNkUoYBLtTXdTeJR0lDxAU4Ag_Ztqw8J_rcFLfEU3LPLQNZ5-TjfZA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Nov 2021 07:01:58 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 10 Nov 2021 07:01:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CA16
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYtuZpUuSJ4SZPV8rJ9M3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1

43 B
894 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNWldQ1f_BAFE-sb7jfH8i2MDBlYtr71VcIJH88YIAFz2S_F7hRyJDiC3atNhHanlzetbXv7gePXXVXrN4v5ZR1Ko2AV35z3N7hBZ3V7gv-30KqKtc8A6m055icFgdNkUoYBLtTXdTeJR0lDxAU4Ag_Ztqw8J_rcFLfEU3LPLQNZ5-TjfZA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Nov 2021 07:01:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDKRYuQ7qq36iR6ErydhnyQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CA16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMD992MVKS4DhwtnKgRHprM&google_cver=1

43 B
1006 B

128ms
127ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMD992MVKS4DhwtnKgRHprM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNWldQ1f_BAFE-sb7jfH8i2MDBlYtr71VcIJH88YIAFz2S_F7hRyJDiC3atNhHanlzetbXv7gePXXVXrN4v5ZR1Ko2AV35z3N7hBZ3V7gv-30KqKtc8A6m055icFgdNkUoYBLtTXdTeJR0lDxAU4Ag_Ztqw8J_rcFLfEU3LPLQNZ5-TjfZA

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:58 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d7b10619-2c5a-415b-ae56-dee8dc4769b2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMD992MVKS4DhwtnKgRHprM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA16
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3NDUyNzY2MjUwNDc4Mjg1MA%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3NDUyNzY2MjUwNDc4Mjg1MA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:57 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f589d22a-1689-41f6-901d-6269b6634088
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3NDUyNzY2MjUwNDc4Mjg1MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame CF21 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgT7A7OD0CHT8RV2GL-E8Hq6x3mnkpEKeiIh_vXj5d-LjNum0zrlVt1rM1XYg2D-3sYygm3YtkT2JuvUDgHvOjJ93KfgWHcgjOJcJXO8Y7b56SBY3_Rv8oMSnonblqNW60T4BlKoRaSbO_-YLVUQPx6-KxDQ&cry=1&dbm_d=AKAmf-DyPRCHv14oIddMHOXjFo_LnMapC2esgZWL_b_XPK_5n6lkPvWsYKt1Uh_6pEilgALixI6ZbZ9CH_oFuDJve0ATAVTUTmWZV8feVFZNTMzdfRxpv5gnhfkqcyPjfK0esRMpZtw4QOBthzItgE1VrRkaODhbqJ625MZzlCmjGffUir9s4Lje8AveAagWmfrdozJRi-jIuubienF1YrZoUbycWDiHhnSjQprJmhIclaBOgAN3NSsrCR0VpXniPtpoo4jubL1-l5rmoi30vE5av9gN1FT3xrUVRxrcDuqi4wgiRqPG6ntooyoIhSAXWXmUm4IaiQ7tcljZttu4Ad9rXkRb0HXB-PgEfaCsd1YfQeWTXPf3mdlmibDqed0Tf61rZHzkD0P1GQoSdgCrPgb6_Ma6ALJwRsaPNfxYxhcYOHK6Pu_1qtLpG-TD_seEzSyG2ap8QobOcUxOdCgMcMe0eNsat7qk4s8qGB2CRFSukXbw11ps70cQXknD7lxTfLSM0PSak1jhg6hy_UdPSTd76t6yEKnXTghvDQ7iYg4D7yCojFeZKsOer6gYfZkiF3VkBZvykJhkhtfOiCGdd3vErzr2LYgvD6dqdvnr81Lk2qTy9o7lI3_g86KqVZU_hkOvHlc4E3XIgO9LpAxZssUIBD-e4JiL041ruOVWLhvcZ-nYJKIJsNvBJq1DmE1MxIrCty_QN1G9CxNtJdCTvKopubL2CZZ-MSlhrX40oVm1cmR5eLn0Kvu-VsJpPQfvjtJGDn0igj6YreGpCStd2LJ4BLZ5gCwrV18y9GjQjGkITPYu_UtMtuDRNDal73wXBnpLbhhM0f4r2e92AHjIwYQJLaJIiMeZHLc0tOpjB40iwvpJ8d39uW53UDo6d9CiZ9ICV8r5SF58OpmY2ClLelTcnm5id3vAuk5mT2eDhtZUdiODPf2KZuN0l7OuoVs9q-BZM7NZbvflqcISXSO7JCL3iHWTyP4w6tuIW2xmXl8sMacH5aBj4mM1fTcIFnI-CNN7cNzw4GI1lbFbtB8diI7L0NeUtUermDcUumTnk2peEfsj-DVBvSZWCdDUHuFNdPo6tzVAPzcCYYo_4QIahrHwSF0k-A0ODZOW7sDLQiaGjiJ6-HtSgQBp4w3kSv9BjXCwH6HYXZbGttdNs4wthP816MGNLFj8LOfvndBYFCJGmhgE4lvHl6qqtNvoD6t3GEE4A2EFQvtM1OLsgnwA0BhSI-f1NTDEGE5VUlRWEqyhYF-WlQ70j4SHrfsE4HKICQ1xvEk3le3pjdf1RMRd49V3QbVZf0loilij7mFmnOqNiqYWEkZud-VG5i5oZLubshnA8BwLmEU2FosoKrGnTKT73dqOZhrn_TrwOQwYIxASIrcKOdXLn98SBAvn4XdYQ9nBb0ZD1Yrz_R9FoFak69JROtwsH2XeO0cplcXYEW-21wIi7IymRSCF7RwSxEw8OhKL9SkOO5SesXToTkfw4W3RWyZc72JUs61lNLA1rDccE-6cB8_J20xonuu4aafgmDb8CEbh0XBbV2xe3AhYQOc1nfKt3C_x7b4Sq5GqKjyH4qECwiK0W20l9m_COvDQBpx8Qc8iIkQkj9e9MAdHvvmYF-eYw6K1se6beraXUwh7bYCzYIDBD6S1x73SxRKLr4-LSOhoUpoJ-xfE28oKTlBTtPU94QURU1No-qzjLqG5qIgYSXUzNUg4IDfcv5HTJ0yyL6EYL8ckCxqtIQvaORL1CvOVeQp9FZgfXs39jO7fhV7xtxmtAdZmDg5o0FlXHplTLFbv6BrY3FN9VptlJAG4CDvAOJcA1xrNs_likWoLD-v9lmw7RoWl3qX3SYKaV5be2vyWF-pR08l5SvZcDdmG8xzOfa88jnvpo7xxqVfahH2x5LkPDYTt_3rczCFB8ERq6TTRHdrVVnIM2dBJP9cDtBioJVAg563tc_kJbrQrJzfNOvq4IomYgVqiuQE2FgbDkKchIZpiDeVSif2SiS8l0q_8b89RNxJ9fhZKemZBlhmd3_7lqnWyMmlx7WeY7R0cdoeSSMN7FVjRB6dtacdrKw7toKlnmeXCfuT0PSJ_ikWzIDxMK41VoDmuK8uylvUDCYesEPhmx0AieNAjy8NhTlSszCX4ZZ99aWwBgUmXofiiYWjhCP5zhdFPo-uHb0-51BMg71VaOw0TcTI-2GpTze0BG7czY2BGdvkfJtbnHNCjZeLlWG0x18gPS0K-eCaWO1BwImlDad4LnllVfUID0nQuBO-l40EL6xomrjpV5kHkRqojop6j3nivvNDf3kjEyGpi1wNSMqrfLXydDzF6uVtLrWZ7VStnmXFMd2ouxv22zE7sXRSPonSnRmw2UiFk3bPuWKDIphpbfZGHMCsjOIu8rTlIjOnfVptG4FoLBDB3f_fnxAnGUwYbqk6cBIxiP-bOutWDVxAtecXuoO5RhoQA0bjfuUgGvHkiYri3uRto4-dafe9-CtRG31FYfC4j6wG0CignVQkVDAipkWOgilANG-apygq-H1Z-WBgWAy-W_ikDw55nJAX2fZmH89NORsZt-evO1drMpQBjdOP-OOcjlvX1eqtt-KgcE9dWCqmT5AI3TGMynsWFDkFY93S6aE94VwzSOKX0mrMH93C01gzdmlczDEA_xDwNxehWedO2sWkAUSoxi5VHcLsGRGtYaCqmeXmXCDRPIQzCDpwLszCSQDjTuw3BiwKndymFx7Ajhg_Wzigd7WtP3991V8AYZwyhFFq2zQYg-WpmV_UY8EQz7rfW53Y146he4S8sWvWLhn9mN7VlUmpksJm2PAigrmQNeWbiZJj2eQGPCBYXz9ztYbIaQUWOQcHjDoJRcpxGC3Y1iGG8tsw9iGOMSyQyiH43vtcMEBnTnlOlMjmh05kxgJ1BHM2goaUr3DspvYSEB2CZru57aDEE0FfDFhzjSVWBlM0wYIiWA1ye8I735Yxjbr1pfQ&cid=CAASEuRoieyRq7F2nvPXmKOULCrPMg&rfl=4%2Chttps%253A%252F%252Fmgoblog.com%242%2C%2C%2Chttps%253A%252F%252Fmgoblog.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9506
x-xss-protection: 0
server: cafe
etag: 11173536317444432557
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:58:43 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CF21 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 view.gif
tk.airfrance.fr/v/ Frame 8C24 43 B
232 B 16ms
16ms Image
image/gif 13.37.59.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.airfrance.fr/v/view.gif?esvid=A50153&wiz_medium=DSP&wiz_source=APP&wiz_campaign=286792721&wiz_content=DE_Structural%2F%2FPROSPECTING&wiz_term=0&esvvid=7f9f60f6618b6e64&esvc=1&esvisc=1&esvf=1&esvsf=0&esvrsl=1600x1200&esvwinrsl=1660x1100&esvaddim=160x600&esvadlt=0x0&esvadrb=0x0&esvadz=10000&esvview=100&esvfocus=1&esvviewts=1011&esvpub=https%3A%2F%2Fmgoblog.com%2F&esvads=https%3A%2F%2Fs0.2mdn.net%2Fads%2Frichmedia%2Fstudio%2Fpv2%2F61754092%2F20211105080755518%2F160x600%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3DZctGyeJGM8%26t%3D1%26renderingType%3D2&esvsts=2021-11-10T07%3A01%3A56%2B00%3A00&esvr=0.35806892307558313&esvlv=1&esvtv=1&esvts=1636527717979&esvtid=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.37.59.66 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-59-66.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:58 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 01BB 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 599068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame CF21 41 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:55:49 GMT

GET
H3 200 B26230969.310867716;dc_ver=81.235;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1055419988;ord=4qbpls;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1cIRZW6LYafiIuizx_AP8-Ss... Show response
ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/ Frame 145B 42 KB
22 KB 61ms
47ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=81.235;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1055419988;ord=4qbpls;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1cIRZW6LYafiIuizx_AP8-SswAO2wN6rZvul5IKjDvAuEAEgxL_OOGCVgoCArAegAcWI5dMByAEJqQI-YQYZ7G-zPqgDAaoE3wFP0GCYeR6sbEWk9GeHeHZ8c21UdUADDPIQqoOCG00PQKBDag3WzunqBpw4KxRvPhPmVsbLG7J92Ah3nLZIU3zvRYtJjlz8dMpx236doEEdD9iDdAoDBU7EXBIpDnvYC7zeG7_fEEofuxyPSAAlh0zksix57LY7TGnBnrBILoSvRfXldXe3DcHnjGw_RYnbLlXSi5vFTAt5hvHIsu_P8B6Wqp1AO0LGqZf_SgN7nbQXUVyEgq2hvdDt7Ixth-SMx0yQw47rVNmVC-_KOigDQ0ir4PRREA2AbTnJw7O5ckXjwAToxK2S6QPgBAOQBgGgBk2AB6P3mqwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04NzY5MDczNjE4OTA2ODA1gAoDmAsByAsBgAwBsBPAsZIN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoieyRq7F2nvPXmKOULCrPMg%26sig%3DAOD64_0y-ZqZyhO0Ejg7ER0sLVbvJxbbyA%26client%3Dca-pub-7269238500499280%26dbm_c%3DAKAmf-DwKnCXm8p49FL7bY8rmK-o5nC41jWHp0ffFoJDzUUVqRgnnelHgBcy4Mbi0HIsMGhbbq6EYii0xF4vDpD7qoXMsV-R8d_KZZNNEszDMeFrYPayCotrjoIaOVT7oC4S5B9dihSbSf28h2Oxqs7vOfW-Cji6qA%26cry%3D1%26dbm_d%3DAKAmf-ApCg15_e55hPrlkoojgIj97EqTi9s_elEi6t2EN0yC41J10zg6cR1EJirUBAYp9noB2MIqk7PhPoNJnTQxCDfCeL_kAhtbs5ILanrLqLFjv5jWe0qXZwJU-1eeJlNpEUJE786e7daEA6GPjHEmkinR-9G23i_GLV4401hfdW24AOKDff-WJqLLeIFiBO6FNKbUfPrtE5kCndoR-FdyoULBO3smSzPUVfRHPz2ghoEYfHzVkO81lfskjgJtmvhIWbkforAhstC4iC9BUQnwDwfCAcj2VdXRdoVSY38LhLy1YKXywMtJrLabauuYJ60e-LzIBcT9aaBKIy8sIn1_3ZTjrKgMjznkrze94vka_0i_2K1xe0cB2Iodb8gi2ZT-ZJVMpk3U5vOtYNsKmL14yve5Sm92lY04pjuxt2gL0ug2ahSw-HdNMld9H7sUuoqiVtGLdNqz%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=4,https%3A%2F%2Fmgoblog.com$2,,,https%3A%2F%2Fmgoblog.com%2F$0;xdt=1;crlt=uc9tRRlaXW;sttr=37;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

3fbfb624f1153cf797a3187e22f69ef954a66ed8953c638f56cd855f0b36aca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 10 Nov 2021 07:01:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 22301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.267.js Show response
static.adsafeprotected.com/ Frame CF21 187 KB
60 KB 197ms
7ms Script
application/javascript 2600:9000:211e:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.267.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/787359/56365210/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 724d5e151b4ba82f7eaf29667bed3a5ae2167a00343cfbcf2ebed5df806d914e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:59:44 GMT
content-encoding: gzip
age: 136935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Nov 2021 16:44:16 GMT
server: AmazonS3
etag: W/"3969d0944eda724d44536ffabb874cbe"
vary: Accept-Encoding
x-amz-version-id: 4WBF5SKEzUvdXUVA6w23d2Sq_.qCUBCq
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: RK_KSOu16tgm6R3sIRDaaC6WN-FmYyQ7U8RqsaPyRI0Ujf4AeP9Ozw==

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EB58 1 KB
849 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 09 Nov 2021 21:11:57 GMT
expires: Wed, 10 Nov 2021 21:11:57 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 35401
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CF21 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77b90df167b67a684475c559d3d223a294817749342369bc028498ccc2daf859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C48D 0
59 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=509588380383778&bg=!AAOlA0fNAAYDGbPvAxk7ACkAdvg8WlCTIYFZTlWvbk4Y60gKVtq-L76XKa7RQP4Z1l7Sl-BGuVRoPwIAAAEwUgAAADZoAQeZAvm7I1H7pztXpIA0wMzrNtog9pEo0plLiw-pz3BH0b5k3WlZEQqcmWhiQwivmpeH6xAJRIgdUWNQL7IIGhS6IvBcwBUE_XGQWJ7sAGfEAvRnVdQgInsCIS6LI-wmoZlUISJuWDcOTNHSocp7ejofJO6qfzwoy1Dv3vn7f4xJ5UOKM5F9g0JQSF0OXBqNmlBIHrz6tETIcjLUOiv_5355WrSRVue-loY-bwHEWfJ3byAqURwtkyy16G9bid5e3EFeKf4EGFYKXjzhhI2nQe3wJmPsVdmUEd7lib_yEav0uxRj6_4MitvARCnsvhubAUfAPQ5yOlO0BqE-f0lDKNepSicIaJTHrwwbSOQCXMwYhuTxg0wOixggj-3QwgMpEO6Mm--k4nK5OKksIhd5hLh_9g04LPPX4q-WzwYPAPa3aZxXFIDF7gCYaZwM5QPUnAYx6oDFXbs3blfGyR4TaHYwBj554EyWtRLVZnHe8WbyMxlNyX3Ox63EvCy2wMrtpjuvYkzeZ6ZHRjL3tPp2t2OvKqba107ivDtii5jcE98VIcL5FBnMH1vMUhfwKwuz1XWnsY7j35oFxcysPL3ci6ZrbGKutJb42x9WORlecKY8t0uX4ghmpKOZS1j-z-4HP4ya-GVWtEkv0K4kkfhaBEz1lZOBP-3YVOEsGBmc5qdCxndSphnrIxSLUdrbv3apSUDpHj5ov8fp_UrKuWcE5voM9amA9S2CDDj9ZxxTc4_863FN6p2O4TRfzjgj7ipG58cUTb4PBGR1IkE3kPMc9z5vq0j8SJKONgCTcYzutKglY6bg_PnFO41pywSqr7-qi7oq2Pzsuv4Lq95zoRRw_OCe34NqenZawumixzsyc2wc5cgP2O0_ZdIwibbsDruzwqaVnDFJkZh0mtPD7rwLScSCyNIEFbF6SF6fkoZv4wN7FJNGDt8nuLur1kp7HPdmklU7_rbFWQk7iGxEe9wcZHVRz_w7j5qJbZ20HBPiLtDlinlXPuJdL7OlwXFECw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EF9C 0
54 B 345ms
44ms Ping
image/gif 2a00:1450:400f:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvt6ckng&c=5305611325941&slotId=2652805662970.5&qqid=CLzkguqcjfQCFZC3ewodlxwGNw&gqid=ZW6LYfa9Dqm7gAfQsoDoAQ&fb=ima_html5-lima&sdkv=h.3.488.0&mrd=4&aab=1&itv=1&gpm_i=15&gpm_c=15&gpm_a=12&smb=1000&br=994&mt=video%2Fmp4&vs=640x360&webm=3&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EB58
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKzfn0XAu-FXuIZN0Z5RDU8&google_cver=1&google_push=AYg5qPK6KKYJLwG5ndokveVsQIvM0lLJS99v2Q4LHgKnQEY3CU2u4-XIB0gL_jnqDCfMzLonfRBxaB5ZtuPK88ZDXW418biPPJOj
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk3NDgzMDM2Mjk3MjQyMDgxMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKzfn0XAu-FXuIZN0Z5RDU8&google_cver=1

43 B
407 B

208ms
170ms

Image
image/gif

2620:112:f000:bbbb::11
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKzfn0XAu-FXuIZN0Z5RDU8&google_cver=1
Protocol: H2
Server: 2620:112:f000:bbbb::11 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKzfn0XAu-FXuIZN0Z5RDU8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB58
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QVBZR3FJaVoxTUtIQ201&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cver=1&google_push=AYg5qPJr60qmCBRcsyocNGE9lVP6DkaPvLgX2LbXeQdh3t6...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QVBZR3FJaVoxTUtIQ201&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cver=1&google_push=AYg5qPJr60qmCBRcsyocNGE9lVP6DkaPvLgX2LbXeQdh3t6KqSwZXAFEnGSReVT3gQedQT4BM2PgCuaIgnYMN9uekoVp9ibLZvFh

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 07:01:57 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QVBZR3FJaVoxTUtIQ201&google_gid=CAESEMrQ8n8nZspWnB6r300IsaQ&google_cver=1&google_push=AYg5qPJr60qmCBRcsyocNGE9lVP6DkaPvLgX2LbXeQdh3t6KqSwZXAFEnGSReVT3gQedQT4BM2PgCuaIgnYMN9uekoVp9ibLZvFh
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB58
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPjB6483GWBTqmqbDvYczrI&google_cver=1&google_push=AYg5qPJpAggEGL4cVcWZJ8t-4EaQNP_1vbI6FfXcs3_JXajUUaHjqa6pPGr58gYxJfSD57JnCBGfErvGlTPRk0dNG5eyVzLs47zB
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1D908C5D69B423293F68D1861CD360F&google_push=AYg5qPJpAggEGL4cVcWZJ8t-4EaQNP_1vbI6FfXcs3_JXajUUaHjqa6pPGr58gYxJfSD57JnCBGfErvGlTPRk0d...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1D908C5D69B423293F68D1861CD360F&google_push=AYg5qPJpAggEGL4cVcWZJ8t-4EaQNP_1vbI6FfXcs3_JXajUUaHjqa6pPGr58gYxJfSD57JnCBGfErvGlTPRk0dNG5eyVzLs47zB

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C1D908C5D69B423293F68D1861CD360F&google_push=AYg5qPJpAggEGL4cVcWZJ8t-4EaQNP_1vbI6FfXcs3_JXajUUaHjqa6pPGr58gYxJfSD57JnCBGfErvGlTPRk0dNG5eyVzLs47zB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 09 Nov 2021 07:01:58 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EB58 0
142 B 60ms
20ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEv7I80-hGHeM8l43IwQNkU&google_cver=1&google_push=AYg5qPJ3Efr0tKg7RM1xa4r92YVEHQ2N_dpjZ88nuZ96nR-gJGffbHbWnjk3BNfP5w4s0oBfKsc0ZCtHyKskG78DhFNrgk9Yltb-
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:58 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB58
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_26g1wrRQ7eye0khO_wu3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_26g1wrRQ7eye0khO_wu3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI9os9dYVL1no2P_vZWNCx8GGNc_Mk4lpg8j_7ClYuFJeoC53eNxIHiv6aO-kptqxpEOUy3SWNE3nBLIu1sX7bvswTWcMrE

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_26g1wrRQ7eye0khO_wu3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI9os9dYVL1no2P_vZWNCx8GGNc_Mk4lpg8j_7ClYuFJeoC53eNxIHiv6aO-kptqxpEOUy3SWNE3nBLIu1sX7bvswTWcMrE
date: Wed, 10 Nov 2021 07:01:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB58
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDSDJkWchij2i3KBFTb61AY&google_cver=1&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2K...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDSDJkWchij2i3KBFTb61AY&google_cver=1&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2K...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zTDJqcTNoRTJ1RzI5am5OSU9fUC5wTUd2Zm9ZYkdvWn5B&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpg...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zTDJqcTNoRTJ1RzI5am5OSU9fUC5wTUd2Zm9ZYkdvWn5B&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2KhC9Nh5Ozal_vdVEojQHjdgEoU7iw

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zTDJqcTNoRTJ1RzI5am5OSU9fUC5wTUd2Zm9ZYkdvWn5B&google_push=AYg5qPKI-Hcq324BKuu7Y3bd-ABJumb9OwCyFVgk-m_oMnNKmKdgcqTpgoKiBGcdetmlke-D2KhC9Nh5Ozal_vdVEojQHjdgEoU7iw
date: Wed, 10 Nov 2021 07:01:58 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dot.gif
s0.2mdn.net/ Frame EB58 43 B
160 B 23ms
21ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMFtgKFjFzHKdc9F3ay-jjQ&google_cver=1&google_push=AYg5qPLKzPoEUVlkStTz5GR09lu3xCEcpjMcuZxnPeu9TLfXAXpGQ0Hd3239k0X3wfiySDAesQJnaRqS6R4L1bRndyGS8SprIkYP

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Nov 2021 07:01:58 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EB58 0
12 B 24ms
22ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSOioFGsuRAhDiTa7CICl1fEamxUXDO6kEmbWrRAIWTI6LZKJAeFOJ3LgMhAAqQQjyJykuCcE

Requested by

Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 01BB 35 KB
13 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EF9C 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame EF9C 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:36:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 04 Nov 2022 05:36:45 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF9C 0
60 B 39ms
38ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EF9C 0
24 B 50ms
49ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssADjq-jAjwCEufKT9RmPfLiX1eCzxafG0jvG4SK8KcSGwvtBmyI4ExhKtAnBKn16VKjWWyPoBV2h-HsEXnSqHMzUpE3C01iHMg-R5s2wM6EHctw6n225VCWNjHcjEUhG7QEvEuYF_kkuWmWyga-FHt-9jbTglaKcMkd3kdJvGKlXce4aN5X_IKT0T1gqo_uAIJxiDAe-ZoKrOkdXXy79dqosbVbah5DC5OaHol2Ee1mkPU3nPdjzV_Z7hRKYwuZRX_tin1klzITrcSjTbtRoEwEqO5o6knUQqd2NXg0UExDAsLuNkkBwwt-abL-05J7BFUnJpu_AM6TLqL7qFku5zop4E_RNFevd02CMn9Vw4AwFqjEdzakCaCCLjdcvbJwqnZn06VLitgNmRA7mA06bYdSlRMZvlG6dWbWFQvDwN_mm8ccR4ePpEqqUNN_ZSJA7M29pDWJKhy0F3Xv2ZValpVJmgoBiRazeaTFcRpgXHav-Vpw0yjcBuhyfvjEyl_ap-9JWT2f1XLTw-49O-gnuuvEzqK-WKIJ7pOt8-Fl_b9sy3ZhD_NFLRyW5jZbRrWJi-tvY-urRvn0R74X8qUKZQWNBa4uE8eFhvcb3i09myfyyaysJyFBopDWRdIuYcu2yOzShH8fIhBe6iTbnLkI-NZntTi-DG4xir2kuQq6QmIjXoh_9cICCoMMhexLZWpZfgUeTrVkTMHxYEgyD3wYeXucHqWwahPxy2WApwTpzJe1OVWU5q8ntBxAf65hHmsTmkU5yHSBjC2K7kq6JQIfvdBoBuLe-eiOwfAvzusSSyoDcST_Nq6_ndoEfrWytr7I8RGy4dPGDuDlZN-rM1vIG8w0cTFp9aECxxAU8aZEp2bvvsqYG7W9R5Cht7XrgyW_8J0r8q8dv9f1O3Y7jsi8sdc3p_bp5zwoPIrHbcKlnP-Ct3-65j1OL9qZoliZHojk1qjJfbq5hPAkibqiIeaKTrK-nwkkhuys0UiUu-_qjRs8jEawa7Vkj6aqVrg5vO0Lm5xleNwWOloaTiqg5vQ_iuXbgE9Wf0grJbW386SsWI1_mloUdxRNQsnnsiAmJIv5x514N0OYUk5Q91gnI7eHbqmXKYhjcEXP1NS9ocLr7fb-x5YbA&sai=AMfl-YRp7GAn-XcVq4Yh8Ol41Bu9kEBX0wYPThPNy03n4KKKIIhtIemMmu0g3-LCjLNj3bsf2-hWvtedDKCkbn5zIwctHVKmhlWKTbh7EQdvDSnYH-7ehdbjPEvfZlqCTGLunPD0LWZSaC19i8MAxHGVYqQaMUEdIA&sig=Cg0ArKJSzAYly5bm9NiHEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.488.0&adurl=

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 10 Nov 2021 07:01:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame EF9C 0
0 25ms
22ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGMSNrroBIAEwAQ&v=APEucNUmPryKQkP9zSAz1g2l4iFm64YmlpDzpgbqMYtBWE_1MTO8eBxmww0QIh1GMEhFYFE3xIxxZ_2YVoJ2l_f7hzXSNtmhzg
Requested by: Host: mgoblog.com
URL: https://mgoblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EF9C 42 B
108 B 25ms
22ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1W2tZW6LYfydEJDv7gOXuZi4A-eur_Zl1teg-_AO2MawxIUcEAEgnIzEI2CVgoCArAegAemB3dgCyAEFqQI-YQYZ7G-zPqgDAcgDE5gEAKoE6QFP0EeH-6YymPComskzlQRLTHN-taQMMDK_WTWt87aMfYKe-EY0-S7eb02qkY7IU6FN8fJaYCVhAOFC9U-t7rIlc3BUqTulBcQIbz4ufHZsaW_sDvgMK8IomVQjIMaLbcOTua0ZqMN8lfJxQEDeCMFu2zPpuV_3LpwsNUtIIW42GbBfdyy8-VWg5HpxNKsqRu-ELIxD-8GZ3yYKoe76dyG8Q5JxjxpOjU4JOi62YVqpu3a0y7-DxxWXsw0Ms-TjfybtXMjy9-1el2qh7FMeZZLRk_t-vHRE51lzOQuK_y9aTTHWDEKjfGTKJMAEyJv_6eQD4AQDkAYBoAZ2gAf__aKnAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA8gLAeALAYAMAbATuYiYDdATANgTCogUQtgUAdAVAfgWAYAXAQ&sigh=--DnzLB3hsM&label=vast_creativeview&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718282%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636527717865&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjAwNjAwNjQ2NDlAuQMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyNTk3MDgyCTE2MTM1NzY0NkBwUjYI4gcQDyUAAPBBKAE6CzM5MDgyNTY2OC0xQgRHREJNSO0DUABaEHBRc1RZaGUwaHV4NVM3eXEYAQ..

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame EF9C 42 B
494 B 81ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718285%26pngs%3D9,14,200103c,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EF9C 42 B
114 B 34ms
31ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspfQUfhQaPvEtqNCRDE7WWmCm6mw2uOkl8pXMMt9ANHsOrRDmzeaEZLajKSzDAGeftocD2RlYlac-GSxefv7ZACodz9an_O-63ebIOesW3FHLEQUKQZw&sai=AMfl-YTUyJv8Iy7tnb5vPCjGREV7BJbu7h_4h41J8hSNuRhPz6-VXYcq7JcBO6GHE9LeFWw_Mj1m6zByg8vpwvWKsdqgIxpOVgf4hv-zEw8zMQzwq0b4zBkEVb3HI0MB&sig=Cg0ArKJSzBQ5J7hlPz71EAE&cid=CAASEuRoDFqhnKzGrh5c8hkGA06YfQ&id=lidarv&acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718285%26pngs%3D9,14,200103c,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865&avm=1

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame EF9C 42 B
107 B 82ms
43ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718289%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865;dc_rfl=3,https%253A%252F%252Fmgoblog.com%252F%240;ecn1=1;etm1=0;eid1=11;

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EF9C 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1W2tZW6LYfydEJDv7gOXuZi4A-eur_Zl1teg-_AO2MawxIUcEAEgnIzEI2CVgoCArAegAemB3dgCyAEFqQI-YQYZ7G-zPqgDAcgDE5gEAKoE6QFP0EeH-6YymPComskzlQRLTHN-taQMMDK_WTWt87aMfYKe-EY0-S7eb02qkY7IU6FN8fJaYCVhAOFC9U-t7rIlc3BUqTulBcQIbz4ufHZsaW_sDvgMK8IomVQjIMaLbcOTua0ZqMN8lfJxQEDeCMFu2zPpuV_3LpwsNUtIIW42GbBfdyy8-VWg5HpxNKsqRu-ELIxD-8GZ3yYKoe76dyG8Q5JxjxpOjU4JOi62YVqpu3a0y7-DxxWXsw0Ms-TjfybtXMjy9-1el2qh7FMeZZLRk_t-vHRE51lzOQuK_y9aTTHWDEKjfGTKJMAEyJv_6eQD4AQDkAYBoAZ2gAf__aKnAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA8gLAeALAYAMAbATuYiYDdATANgTCogUQtgUAdAVAfgWAYAXAQ&sigh=--DnzLB3hsM&label=part2viewed&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718289%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjAwNjAwNjQ2NDlAuQMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyNTk3MDgyCTE2MTM1NzY0NkBwUjYI4gcQDyUAAPBBKAE6CzM5MDgyNTY2OC0xQgRHREJNSO0DUABaEHBRc1RZaGUwaHV4NVM3eXEYAQ..

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame EF9C 42 B
107 B 82ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D18%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D18%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D18%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718294%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865;ecn1=1;etm1=0;eid1=16;

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EF9C 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1W2tZW6LYfydEJDv7gOXuZi4A-eur_Zl1teg-_AO2MawxIUcEAEgnIzEI2CVgoCArAegAemB3dgCyAEFqQI-YQYZ7G-zPqgDAcgDE5gEAKoE6QFP0EeH-6YymPComskzlQRLTHN-taQMMDK_WTWt87aMfYKe-EY0-S7eb02qkY7IU6FN8fJaYCVhAOFC9U-t7rIlc3BUqTulBcQIbz4ufHZsaW_sDvgMK8IomVQjIMaLbcOTua0ZqMN8lfJxQEDeCMFu2zPpuV_3LpwsNUtIIW42GbBfdyy8-VWg5HpxNKsqRu-ELIxD-8GZ3yYKoe76dyG8Q5JxjxpOjU4JOi62YVqpu3a0y7-DxxWXsw0Ms-TjfybtXMjy9-1el2qh7FMeZZLRk_t-vHRE51lzOQuK_y9aTTHWDEKjfGTKJMAEyJv_6eQD4AQDkAYBoAZ2gAf__aKnAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA8gLAeALAYAMAbATuYiYDdATANgTCogUQtgUAdAVAfgWAYAXAQ&sigh=--DnzLB3hsM&label=admute&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D18%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D18%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D18%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527718294%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjAwNjAwNjQ2NDlAuQMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyNTk3MDgyCTE2MTM1NzY0NkBwUjYI4gcQDyUAAPBBKAE6CzM5MDgyNTY2OC0xQgRHREJNSO0DUABaEHBRc1RZaGUwaHV4NVM3eXEYAQ..

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B78 0
54 B 233ms
43ms Ping
image/gif 2a00:1450:400f:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvt6ckpb&c=5305611325941&slotId=2652805662970.5&met.4=hvd_lc.kvt6ckpc~hvd_src.kvt6ckpc&ps=300x250
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame CF21
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/787359/56365210/skeleton.js?adsafe_url=https%3A%2F%2Fmgoblog.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmgoblog.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

7ms
7ms

Script
application/javascript

2600:9000:211e:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Server: 2600:9000:211e:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
age: 10880762
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ZIaNfBShAkbBPHMa2hlFJnrLvtZ0AIOfZEJL7Fa695FCPNlaE4hIoA==

Redirect headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E82A 80 KB
21 KB 7ms
7ms Script
application/javascript 2600:9000:211e:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 3452008
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: ocW6vDmTLD4dkEPKdXH6yRO3er9EbeSU0AH7vX53GDOx4bbuWrSXBw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 293ms
93ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKai,pingTime:-3,time:344,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:289%7D,%7Bpiv:0,vs:o,r:l,t:343%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:345,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-server-name: dt48.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
216 B 287ms
92ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKak,pingTime:-6,time:346,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:346,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:mgoblog.com*%2Cmgoblog.com*%2Cmgoblog.com*%2Cmgoblog.com*&br=c
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-server-name: dt50.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 08182021-080336905-Love_DE_DE_728x90_728x90_ger_-_German.jpg
s0.2mdn.net/3392373/ Frame 145B 44 KB
44 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3392373/08182021-080336905-Love_DE_DE_728x90_728x90_ger_-_German.jpg

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=81.235;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1055419988;ord=4qbpls;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1cIRZW6LYafiIuizx_AP8-SswAO2wN6rZvul5IKjDvAuEAEgxL_OOGCVgoCArAegAcWI5dMByAEJqQI-YQYZ7G-zPqgDAaoE3wFP0GCYeR6sbEWk9GeHeHZ8c21UdUADDPIQqoOCG00PQKBDag3WzunqBpw4KxRvPhPmVsbLG7J92Ah3nLZIU3zvRYtJjlz8dMpx236doEEdD9iDdAoDBU7EXBIpDnvYC7zeG7_fEEofuxyPSAAlh0zksix57LY7TGnBnrBILoSvRfXldXe3DcHnjGw_RYnbLlXSi5vFTAt5hvHIsu_P8B6Wqp1AO0LGqZf_SgN7nbQXUVyEgq2hvdDt7Ixth-SMx0yQw47rVNmVC-_KOigDQ0ir4PRREA2AbTnJw7O5ckXjwAToxK2S6QPgBAOQBgGgBk2AB6P3mqwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04NzY5MDczNjE4OTA2ODA1gAoDmAsByAsBgAwBsBPAsZIN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoieyRq7F2nvPXmKOULCrPMg%26sig%3DAOD64_0y-ZqZyhO0Ejg7ER0sLVbvJxbbyA%26client%3Dca-pub-7269238500499280%26dbm_c%3DAKAmf-DwKnCXm8p49FL7bY8rmK-o5nC41jWHp0ffFoJDzUUVqRgnnelHgBcy4Mbi0HIsMGhbbq6EYii0xF4vDpD7qoXMsV-R8d_KZZNNEszDMeFrYPayCotrjoIaOVT7oC4S5B9dihSbSf28h2Oxqs7vOfW-Cji6qA%26cry%3D1%26dbm_d%3DAKAmf-ApCg15_e55hPrlkoojgIj97EqTi9s_elEi6t2EN0yC41J10zg6cR1EJirUBAYp9noB2MIqk7PhPoNJnTQxCDfCeL_kAhtbs5ILanrLqLFjv5jWe0qXZwJU-1eeJlNpEUJE786e7daEA6GPjHEmkinR-9G23i_GLV4401hfdW24AOKDff-WJqLLeIFiBO6FNKbUfPrtE5kCndoR-FdyoULBO3smSzPUVfRHPz2ghoEYfHzVkO81lfskjgJtmvhIWbkforAhstC4iC9BUQnwDwfCAcj2VdXRdoVSY38LhLy1YKXywMtJrLabauuYJ60e-LzIBcT9aaBKIy8sIn1_3ZTjrKgMjznkrze94vka_0i_2K1xe0cB2Iodb8gi2ZT-ZJVMpk3U5vOtYNsKmL14yve5Sm92lY04pjuxt2gL0ug2ahSw-HdNMld9H7sUuoqiVtGLdNqz%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=4,https%3A%2F%2Fmgoblog.com$2,,,https%3A%2F%2Fmgoblog.com%2F$0;xdt=1;crlt=uc9tRRlaXW;sttr=37;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd85608ed11e3c5f170be5e7af3b2d7a5b6ec738c066678a9cd7d38ce03d8e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 14:33:13 GMT
x-content-type-options: nosniff
age: 59325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45120
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 15:03:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 14:33:13 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/xfa/ Frame 145B 10 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e8051b94686609d3d93deeee4cb09a88ad547405f713631677efc1a6873b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4160
x-xss-protection: 0
server: cafe
etag: 13116061625376754624
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 20:16:32 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 145B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 06:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 06:52:56 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 241ms
93ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKb8,pingTime:-2,time:396,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:61,bdZ:211,beA:229,beZ:231,mfA:486,cmA:488,inA:488,inZ:494,prA:494,prZ:507,si:520,poA:521,poZ:542,cmZ:542,mfZ:542,loA:575,loZ:579,ltA:625,ltZ:625%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:289%7D,%7Bpiv:0,vs:o,r:l,t:343%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:396,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:104,readyFired:true%7D&br=c
Requested by: Host: c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
URL: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-server-name: dt47.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B9F4 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Mon, 08 Nov 2021 05:48:36 GMT
expires: Tue, 08 Nov 2022 05:48:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 177202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 145B 121 KB
37 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:01:58 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 145B 0
23 B 42ms
41ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveva07FPc1o2KM261Y8SPLpdkKwU1lSaZOkjec8DA1aT-FfnMd0Ll3oKVVgzu1mXnE8UC0XjVXp8c5L3maX3RGjvv6jJGwkREIjs4h6AD2p55dk5ADw0zOxEHsjq4o1rKHP5jZ4hYU7_PV-CZPzH9PPIGHdkwuIeVgU7eSyZPR&sig=Cg0ArKJSzH98kMaRnS0nEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.04186&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 145B 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 145B 0
23 B 42ms
41ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 145B 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6df0cb5ad69c9f5ddcf52cca580cc32423ad80f0fa55915d1e3911584914ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 07:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5287
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4187 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 599068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C48D 42 B
108 B 28ms
27ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvri6vUiwqJeg7sLXMDXvrCFEm6zoqrsvk6eKb9DOzaB3zYDcvfJdN9efJIOLbjz6QRr5bM5w9VECWYntyNu_QxAJGd8OoMThIsIXTR3qI8AxJaPo2l&sig=Cg0ArKJSzPCfoq5aSwUkEAE&id=lidar2&mcvt=1058&p=1111,436,1201,1164&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3928450669&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636527717296&rpt=215&isd=1&lsd=1&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame B9F4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 21:24:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 145B 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 10 Nov 2021 07:01:58 GMT

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4187 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 21:24:40 GMT

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FB85 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 93ms
93ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKgc,time:710,type:e,im:%7Bimprf:%7Bttecl:624,ecd:8,tsecr:94%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:311,o:400,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B311~100%5D,as:%5B311~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:314,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 94ms
93ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKh6,pingTime:-10,time:766,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1636527718811%7C%7Cbc3e99f1f35d2bc1cc4ef522f543f95d%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7C5045f698db374d6d67aafb50e4b6528d%7C%7Ca1e2fc6482bc11624452ba7374fcec19%7C%7C22362049fc2515e1ddd5570dd2782035%7C%7C4ffc550ad6014d1ed67634f52c1bce8a%7C%7C96b428fb0907ba00f7d04724e9890f3d%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:58 GMT
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 103ms
102ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://mgoblog.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 10 Nov 2021 07:01:58 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01BB 0
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcHJVZW6LYdrVONaPjuwPv-OvqAsAAAAAOAHgBAI&bg=!MTKlMnbNAAYDGbPvAxk7ACkAdvg8WtDeAEgu8O1GakWXfDTmNBdVUtPqbZmz4da9MOfrfOTCxYN6RwIAAAF0UgAAAEloAQcKAAmrWrCgAFWGRTOZAzUrJ6oE8BZPcy3MDMu9X-Zmuf9-FZJgvlFTOyeSCxKK5dtQVtu9KVX3Ws1usE1BmtPRjHjEG-qnUwNwiGG98-pwGl5T271dOannmOM7FRe8rcu3Q2S0x1Va79JxVHtSpNPbbrqFY2kuVh3AmgJJyNNHm85qSCM4ETZxb46QxoyhwiESOxlE3-C1oXwWUPGPu4NQ-LhXFXHeApnytxdbmVaILNgM0UIaGaPxtvDIq0yi4xPCHOktz3Xke7wiRD3Ky004cccFVvSx-NS8BM6r8MfMlSwqsPDVP5gTDEFSYv9iFvxtpuzeG_JiPRMrfCv5oNYajjPNYZ0j1wfpqfi4r_vQt9yPMTkhIlLZRlkaolm0cL_8_yA_5yUpkqwLleiUhLaN4fT5fZJVPTOE0RBzVQI-fkKsGzmnyTA5QIL_FX0XSZnzqjO5q84FapzCh0fEUFTipqELJnCt8jgPKtba3hci3sIQIbJzaDElX9NdNZoXkQlcaoLv2QJlXZ-_e_cUs5_4A2yL_fzQBAcEqdF6csmUFS66HHDbaVObhJDN_iKMzW0fRGRZBLy_2orxDpo1nDfzxggl8-KIbmQ7cYkbC6HIN_lp1U4UXzvyHd4eG5LTP1v028Ea5nXkV1daDEtso-DzWPJVfoEVEI4o7KbbERsGCvfzru357wTTI_kjTWwMN3UgIWnp7usB6rQveEg0kRgNQ8KqnMLymhApRpOOHPp-m8G2YcujNe5iYZ6Z4K9jo2n6IdymIOoCONbeC_DzJz3YYzmXiHFoAmX3sB_kp2qhuBasFOEKjjQcfXoywuSeqsoG-imvke47fvut_tmBoWYmbf6WHtAyD2WZ9JLe7KrrzHx4A_vt0EzGApNDnW9or1IAblOWjYLYawBHyuult_Ba1srhmTyz1nxiYNBcHuGW1NvpgfxrD2l7b-8iME3-IBEkf_v0t_WUWn62HWXM4_sUkRL7tvjeijGYZQD0KgbegFjwoItmYo1B0KH4DaV6pd6XhK72grLT_MgECBMoM2TBXWNrWZS1A4x-1LUO8xAf5UNloVikG3rtASXoNcaLlSlK1t9b4x6SuG9VefppbLJ9MIRCjw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF21 42 B
108 B 34ms
34ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6Fot4RNHlJcQMlXRjbeVu6IxhsQ3CRBj01emMyXVBOpoxaj1FODZhu6tlvvPDTOt4nViH-1-fgiSy4b2TnBbzA4zzIOCalB2EPF7oyZ8kop42cxPXzA&sai=AMfl-YQeL5nRjy4vbrooWXb4Y_4IW19H5xhop2_dsgBAmwesrZnuVXxBZiFEb5n_2Arp654l5XcDGWrON6D5QoMKBCzxNJ3hYO_XZN4z-kluZyYrerSrMLczRXLOaC6Q&sig=Cg0ArKJSzPMolzDNmQHMEAE&cid=CAASEuRoieyRq7F2nvPXmKOULCrPMg&id=lidar2&mcvt=1016&p=1111,436,1205,1164&mtos=0,1016,1016,1016,1016&tos=0,1016,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1712902168&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636527717817&rpt=253&isd=1&lsd=1&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9F4 0
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.488.0&bgai=BqYNaZW6LYf6HLdHHb4-ouMgNAAAAADgB4AQC&bg=!SkmlSQ3NAAYDGbPvAxk7ACkAdvg8WuxpaElCxAXtQgTmF12mNaSxGzLJdMyBwL1ZCbQtlAKReeJgWgIAAAHSUgAAACBoAQcKACI51auucY9_FmTl3ZjUWMl5oyTHq3xHxDXnWlYl-OmoIwLomQMvvm49Yt5LkM2tKZSeGZ9WfeKBtNbBio7RGIjJx85npT_Ad0BQk0Xvw29CSRDfbfpwFVPd1WA3d6jeG5ugd5UcBrYGwzrlIw2aWeDbb6TDmizMCONGARXxIfdbo_04Rx9uF3d3Oe4GIhUR6PQXqmj8sXmgqjwVsGGk0SkGk6Zet2kLsDTAianI-ZTTtdUjzdINsjDNQrWd5iLVgG--by_MyXtiudV_tho7bT3ivrVkUwBcRgV3jSJ56FYAZH7O5pRgOtfwe4cPHsMqja5BgnzutsXUBGi8nrgk90yhygI2Cgs_DPOaSRbGl6XxDcVx0oiY4fndQukWTZI-yGjAgaMRCEMg5TsLgeq0ga7xbHLNIwB0_I2EdpcmNiXHiqEgkTSOCr9cECfE5dvoUkqmDQBUTn6Zse49n7chJEdIeiFFeFrZ_g3OTsPAI_qyXUgJXaL36BtnZzMg8wWoMOShN4fHut9ENooPfH9zqxXqCcpnaARDqA0xTQvhqqr9V8a8JvOuNJDVOCizLyvtD8nI8PZq9y1SFMsjf3NTVyiFymj7Z_dkPo59kBYUU-artcVJ3ISY_94JzVzb5mnNzQceALsonWXD6ojDtkeqdUUcxehYJhoYOR7klha0ETOpellheEHrE2ZOpVeUfDG99ZUr_rQiUoC3EY4bMZbGpthpW2-RYDjZVGQ82hHUqykRIWYBE-M4OTOXjchNUWdl8Od1Y1J4WEItKjbgiA-yyumpKd_S6gHQsp9ITKPX0t2Oe5bdtLw1D95Cg4g0c-qhhu0BTffcuZOuoWjCYKJZbPyYH9RN8OMtfftJcbi5QrFcHg14sF5x5skWdzQKmu5s-symfsdf71Qa192IpkcVI9-ZZXXvSMQrt-yyFq2fJpUwxxonym7S3HUeoqVljqHdN2DKixWEaJ7r_EJfCdeF-Dd5U1QMHPIqIKZiISueKa_UuMk3HVAmY4VIFs3V9hAReMQC4mEvD3Q2daxgbNijNqbpLIjZYQ7YKgwfoqW1eOXOO4JomgpmVPLCyPNUZHOSNWezz2lGsDBSizg3uBlAe4lgqBa5jdvj19bMG_NtAzff2Q9Mqwg

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4187 0
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcU1SZm6LYYzGEYnE-gaa2oPIDgAAAAA4AeAEAg&bg=!5eal5qLNAAYDGbPvAxk7ACkAdvg8Woc4IOrKuPvGtAc85ypcVbSjxte1Gh_4e7uBriio2NNqjCIqpQIAAAG2UgAAABRoAQeZA2-Sxavi13VoUZvM3KawmV3HDM7VhIiLSI861CziNnzz14tNz5C6tWSLjTbEAcK5Ti3CTTV-R2DcFlC9orUxnrASmeWF4sFRzRvDFmtQjnXpC1ndY8GqiehujMgfZKxMvpS8VrYXNC-jlAOict1nKIJl-EiiUY9y6RvBY5BdLYsxh3e7e0vlw8EossITzL_EQaDHPoKB522BLjZbqcPtvTxRftTjPsaPlH-PmQt1MjGKA5hY3KWUvWLsG3TPz-Bd-uE56WFBJ1EOJUhTVWwo9HE8Qs98oJ_k90CV93y1cJVeyzEzvjJX3sIbbSxFxnb6MY6297sT-8BQmz8KD5HUF0yqFXNf5EsknGFE8gR1yH7FG7nM5kYmi9jNcnG65LVLXQZrQ86x3_pAf300jGNv25-tTOo_6A_Zt4bQ3PAWLKUKwYO2sUww-bw0B2_SYWDFHR9nngO0zn_SVXYs3aABVnuzcbiyfhVjFhHaWxTbNti07ZCshQHU-xbPR9ig2uKJtmt707XzF0ITX9jQI4-O015pF_1ahAHij0Zz76q5diL69dNaUNhA1QFtaGF_z-7SdIlbsdhzXZSOdT3KW0pyfaN9M3DLDET9wYFf8EjGAl-LiY3jQAxXPAFrP401eb3FVbexkB-lg2u-3xKp08oSg-jqJiBhbUqil1fKpow0aLq0t50LQtnrz86I1rUC2tcUjB7d8VU3_QbYkMwSd5_ku_q1cT3b6v2hw8A86VALg6UwXoTbilYvgtzVBk4xQ-0m3tKdttGbevO-5nXbLFHk0vs2fLwno9ZKbVAVC5X2f-FC2_UEQN8ZcMn4C9u_Ahf-QEmBdkp52EH4pIEgE-0d3bLSr6fQdy7KrG7KGbFezvwjFLQbPRmX0bTwb_XkkvhjE6d6QWOekM7VP7nuuGEoJVhzpn0RzCNiiWXeXpIICefsv-DlK_1p54-fahEesqpNQvbY-XylDmUs5SGWRrhUG30pKIieYdR0wTOvHQu8SPF_cQcQ1VFpu5kzfaTGFQCZUML3eOBbrE8KGG2H51mJDycSZT90jZ1FoaLyYzsnJkQ39MIvjsPD-GvxJs60_eFN415Pyt4Ug_A4t9Kk4k1r3svC9y4uiJaOgXPo1ooGrcFbcWf8kOeSoFgK5eNO48eMm3pmpqEZu41r9N5U8q7DcqM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 94ms
93ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKrl,pingTime:1,time:1401,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:289%7D,%7Bpiv:0,vs:o,r:l,t:343%7D,%7Bpiv:100,vs:i,r:,t:400%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:400,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:134,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 93ms
93ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSKrm,pingTime:1,time:1402,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:289%7D,%7Bpiv:0,vs:o,r:l,t:343%7D,%7Bpiv:100,vs:i,r:,t:400%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:400,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:134,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 145B 42 B
108 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcumOj3JLMFx_H2AgGfMKBtFhPa8Gt8IRlZPV8aMxcauTiP87f6P6uKLclo3kItQ-TYxKnHrzUoPDyimnUM31iiWc1W1eX7FM&sig=Cg0ArKJSzKzBkX0exJjdEAE&id=lidar2&mcvt=1016&p=0,0,90,728&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=1055419988&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636527718039&rpt=534&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 98ms
94ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSLtR,pingTime:5,time:5401,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:289%7D,%7Bpiv:0,vs:o,r:l,t:343%7D,%7Bpiv:100,vs:i,r:,t:400%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:400,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:02:03 GMT
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF21 43 B
215 B 97ms
96ms Image
image/gif 3.219.181.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=a53f098d-98d7-f60c-14f6-460a462b58be&tv=%7Bc:txSLtS,pingTime:5,time:5402,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:289%7D,%7Bpiv:0,vs:o,r:l,t:343%7D,%7Bpiv:100,vs:i,r:,t:400%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:400,n:343,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:289,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~1,0~0%5D,as:%5B81~728.90%5D%7D%7D,%7Bsl:o,t:343,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:400,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sOlhwDA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e111%7C1e1121%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1g31%7C1h11%7C1h121%7C1h122%7C1h123*.787359-56365210%7C1h1231%7C1h1232%7C1h1233%7C1h1234%7C1i,idMap:1h123*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-181-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:02:03 GMT
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 log Show response
play.google.com/ Frame 7DF7 131 B
672 B 336ms
15ms XHR
text/plain 2a00:1450:4001:813::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 07:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.youtube.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 10 Nov 2021 07:02:04 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 53ms
14ms Preflight
text/plain 2a00:1450:4001:813::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 10 Nov 2021 07:02:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 10 Nov 2021 07:02:04 GMT
cache-control: private

GET
H3 200 dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame EF9C 42 B
63 B 59ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvs6f6pyN9AIV0eMbCh0PFA7ZEAAYACDOvvhMQhMIvOSC6pyN9AIVkLd7Ch2XHAY3;met=1;acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1636%26pst%3D469%26dur%3D30016%26vmtime%3D7696%26dvs%3D0%26dfvs%3D0%26dvpt%3D7727%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527726021%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865;ecn1=1;etm1=0;eid1=960584;

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:02:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame EF9C 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1W2tZW6LYfydEJDv7gOXuZi4A-eur_Zl1teg-_AO2MawxIUcEAEgnIzEI2CVgoCArAegAemB3dgCyAEFqQI-YQYZ7G-zPqgDAcgDE5gEAKoE6QFP0EeH-6YymPComskzlQRLTHN-taQMMDK_WTWt87aMfYKe-EY0-S7eb02qkY7IU6FN8fJaYCVhAOFC9U-t7rIlc3BUqTulBcQIbz4ufHZsaW_sDvgMK8IomVQjIMaLbcOTua0ZqMN8lfJxQEDeCMFu2zPpuV_3LpwsNUtIIW42GbBfdyy8-VWg5HpxNKsqRu-ELIxD-8GZ3yYKoe76dyG8Q5JxjxpOjU4JOi62YVqpu3a0y7-DxxWXsw0Ms-TjfybtXMjy9-1el2qh7FMeZZLRk_t-vHRE51lzOQuK_y9aTTHWDEKjfGTKJMAEyJv_6eQD4AQDkAYBoAZ2gAf__aKnAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA8gLAeALAYAMAbATuYiYDdATANgTCogUQtgUAdAVAfgWAYAXAQ&sigh=--DnzLB3hsM&label=videoplaytime25&ad_mt=7696&acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1860,1028,2110,1328%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1636%26pst%3D469%26dur%3D30016%26vmtime%3D7696%26dvs%3D0%26dfvs%3D0%26dvpt%3D7727%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D785%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D28425589%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636527726021%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636527717865&sdkv=h.3.488.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NjAwNjAwNjQ2NDlAuQMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTIyNTk3MDgyCTE2MTM1NzY0NkBwUjYI4gcQDyUAAPBBKAE6CzM5MDgyNTY2OC0xQgRHREJNSO0DUABaEHBRc1RZaGUwaHV4NVM3eXEYAQ..

Requested by

Host: mgoblog.com
URL: https://mgoblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:02:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI3OeE4JyN9AIVa-O7CB2h_AoOEAAYACDWuphH;met=1;&timestamp=1636527726473;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9442 42 B
63 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3OeE4JyN9AIVa-O7CB2h_AoOEAAYACDWuphH;met=1;&timestamp=1636527726473;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 07:02:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11272209693943;ec=11272230929715;adv.a=5109792;c.a=25656232;s.a=2259545;p.a=301181284;a.a=494199072;cache=2530032951;

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=26

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6ITdsReqJJI
.youtube.com/	1970-01-20 02:54:39	Name: VISITOR_INFO1_LIVE Value: Au2B74X3amU
.mgoblog.com/	1970-01-20 16:06:39	Name: _ga Value: GA1.2.1133490413.1636527693
.mgoblog.com/	1970-01-19 22:36:54	Name: _gid Value: GA1.2.126717603.1636527693
.mgoblog.com/	1970-01-19 22:35:27	Name: _gat Value: 1
.adsrvr.org/	1970-01-20 07:21:03	Name: TDID Value: 0cc474ab-2678-4f47-a800-b7b7f6ca73c5
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 07:21:03	Name: khaos Value: KVT6C2WX-1H-1F39
.quantserve.com/	1970-01-20 08:05:42	Name: mc Value: 618b6e4e-dec22-ccd5a-45a8e
.adnxs.com/	1970-01-20 00:45:03	Name: uuid2 Value: 1374527662504782850
.ad.gt/	1970-01-20 16:06:39	Name: au_id Value: cb6b9f31-3fd9-472f-a03c-ca64ed469ee9
.ad.gt/	1970-01-19 22:36:54	Name: au_idmatch Value: {"apn": "2021-11-10", "ttd": "2021-11-10", "pub": "2021-11-10", "adx": "2021-11-10", "halo": "2021-11-10", "goo": "2021-11-10", "rub": "2021-11-10", "taboola": "2021-11-10", "ppnt": "2021-11-10"}
mgoblog.com/	1970-01-19 23:18:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mgoblog.com/	1970-01-20 02:54:39	Name: _pubcid Value: c8c3f6b6-8fc6-45c0-8e6b-ad5c427914e1
.a-mo.net/	1970-01-20 07:21:03	Name: amuid2 Value: 916476fd-8682-40d7-8a28-e0d5505ff2c0
.mgoblog.com/	1970-01-20 07:59:56	Name: __qca Value: P0-1087985140-1636527694858
.britepool.com/	1970-01-19 23:40:15	Name: _temp_bpid_ Value: 277cc471-3772-4e50-855d-4aca26d6ea3a
.mgoblog.com/	1970-01-20 07:57:03	Name: __gads Value: ID=a66a8a72971e70cc:T=1636527694:S=ALNI_MZXai-rVOKbHDaQ3PAAdc4HPrBkLw
.rubiconproject.com/	1970-01-20 07:21:03	Name: audit Value: 1\|naVuGyos1qp4JM4S0Bx7K+MH05QULE/jV/G9Z/GRzTz24WPzaViPwedSZbsHvzrl9J3j4eSSl9po2B05UvZjL7YBnR7sBGJbsqlSNZOaaDQ=
.adsrvr.org/	1970-01-20 07:21:03	Name: TDCPM Value: CAEYASABKAIyCwjk_8qn1YiSOhAFOAFaBzhna3hiNm5gAg..
.adnxs.com/	1970-01-20 00:45:03	Name: icu Value: ChgIpOxLEAoYAyADKAMwz9ytjAY4A0ADSAMQz9ytjAYYAg..
.pubmatic.com/	1970-01-20 00:45:03	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 00:45:03	Name: KADUSERCOOKIE Value: FF6EA0D7-0AD1-43B7-B27B-49213BFC2EDE
prebid.a-mo.net/	1970-01-20 07:21:03	Name: __amc Value: 2_1636527694_1636527695
.contextweb.com/	1970-01-20 07:13:51	Name: V Value: MHZPFqUNzTA4
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 81cfada1b08769e4
.doubleclick.net/	1970-01-19 22:35:31	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 07:57:03	Name: IDE Value: AHWqTUk3gxy2cviTnwxwfFEyekquaEc02NEoZTfUYdQL7CcEsEpD_KEzK8hk6qtFWKQ
.ad.gt/	1970-01-20 16:06:39	Name: last_seenrub Value: 1636527695995
.ad.gt/	1970-01-20 16:06:39	Name: rub Value:
.ad.gt/	1970-01-20 16:06:39	Name: last_seeng_hosted Value: 1636527695995
.ad.gt/	1970-01-20 16:06:39	Name: g_hosted Value:
.ad.gt/	1970-01-20 16:06:39	Name: last_seenadnxs Value: 1636527696007
.ad.gt/	1970-01-20 16:06:39	Name: adnxs_id Value: 1374527662504782850
.ad.gt/	1970-01-20 16:06:39	Name: first_seenadnxs Value: 1636527696008
.ad.gt/	1970-01-20 16:06:39	Name: last_seenpbm Value: 1636527696008
.ad.gt/	1970-01-20 16:06:39	Name: pbm Value: FF6EA0D7-0AD1-43B7-B27B-49213BFC2EDE
.ad.gt/	1970-01-20 16:06:39	Name: first_seenpbm Value: 1636527696008
.openx.net/	1970-01-20 07:21:03	Name: i Value: 219ba6d4-78b5-415d-a77e-533593b96224\|1636527696
.ad.gt/	1970-01-20 16:06:39	Name: last_seentd Value: 1636527696010
.ad.gt/	1970-01-20 16:06:39	Name: tdid Value: 0cc474ab-2678-4f47-a800-b7b7f6ca73c5
.ad.gt/	1970-01-20 16:06:39	Name: first_seentd Value: 1636527696010
.ad.gt/	1970-01-20 16:06:39	Name: last_seenadx Value: 1636527696010
.ad.gt/	1970-01-20 16:06:39	Name: google_gid Value: CAESEHj07i_F0bh6LtoUSAupKFk
.ad.gt/	1970-01-20 16:06:39	Name: first_seenadx Value: 1636527696010
.ad.gt/	1970-01-20 16:06:39	Name: last_seenpulsepoint Value: 1636527696015
.ad.gt/	1970-01-20 16:06:39	Name: uid Value: MHZPFqUNzTA4
.ad.gt/	1970-01-20 16:06:39	Name: last_seenhaloid Value: 1636527696259
.ad.gt/	1970-01-20 16:06:39	Name: halo_id Value: 0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 16:06:39	Name: first_seenhaloid Value: 1636527696259
.mgoblog.com/	1970-01-20 00:45:03	Name: _fbp Value: fb.1.1636527696319.423559683
.ad.gt/	1970-01-20 16:06:39	Name: last_seenopenx Value: 1636527696451
.ad.gt/	1970-01-20 16:06:39	Name: openx_id Value: db7780e8-58be-4156-ae53-8f8de0e19edd
mgoblog.com/	1970-01-19 22:35:31	Name: _lr_retry_request Value: true
mgoblog.com/	1970-01-19 23:18:39	Name: _lr_env_src_ats Value: false
.pubmatic.com/	1970-01-19 22:36:54	Name: pi Value: 159745:3
.mgoblog.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1636614115497
mgoblog.com/	1970-01-19 23:15:46	Name: sharedid Value: %7B%7D
mgoblog.com/	1970-01-20 00:01:51	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%220cc474ab-2678-4f47-a800-b7b7f6ca73c5%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-10T07%3A01%3A55%22%7D
.pubmatic.com/	1970-01-20 00:45:03	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:45:03	Name: SyncRTB3 Value: 1637712000%3A220_21
.pubmatic.com/	1970-01-20 00:45:03	Name: KRTBCOOKIE_80 Value: 22987-CAESEE_5nX16aya36BKU-p11ZPg&KRTB&16514-CAESEE_5nX16aya36BKU-p11ZPg&KRTB&23025-CAESEE_5nX16aya36BKU-p11ZPg
.pubmatic.com/	1970-01-19 23:18:39	Name: PugT Value: 1636527716
.pubmatic.com/	1970-01-20 00:45:03	Name: chkChromeAb67Sec Value: 3
tk.airfrance.fr/	1970-01-20 07:21:03	Name: uid Value: rB8A0mGLbmSZDUH3FRxFAg==
mgoblog.com/	1970-01-20 07:57:03	Name: cto_bidid Value: VZHG8V82TXFuYTJSSEhBQnFLbEVaU08lMkZaWjFzRTFrYVE0M3YlMkY5ZjFsS1o2ZldsN1AwRkZWVkc0M3F0RFhlNGdTdG5tTkZIdGNwMzJoU3dVWGElMkJYS0RoS3Q0ZyUzRCUzRA
mgoblog.com/	1970-01-20 07:57:03	Name: cto_bundle Value: FIiPRl9JTUFMQ1kyU3Y3Q1NDVTBUV2VMZEsyQjlzNDN2ZjNIV3hCTHFXVVRYTVNUZkpRWUxUMzFha2tyOWVjN0RidUtTTjRGJTJGdTYlMkZ5V2d0bVRXTXY3dmExTjdVdjVZU2dXVExDMTR3JTJGckRhclI4YXMxSHNGRXhKTTNtZGYxc0RYOXFvOQ
mgoblog.com/	1969-12-31 23:59:59	Name: NODENAME Value: N6\|YYtua\|YYtuT
.casalemedia.com/	1970-01-20 00:45:03	Name: CMPS Value: 5239
.casalemedia.com/	1970-01-19 22:36:54	Name: CMST Value: YYtuZmGLbmYA
.casalemedia.com/	1970-01-20 07:21:03	Name: CMID Value: YYtuZjbY99sqIf2wAMHDIwAA
.casalemedia.com/	1970-01-20 00:45:03	Name: CMPRO Value: 1169
.casalemedia.com/	1970-01-20 07:21:03	Name: CMRUM3 Value: 2d618b6e662760CAESEDKRYuQ7qq36iR6ErydhnyQ
.adnxs.com/	1970-01-20 00:45:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>6pRx0P!]tbPl1M>e)ZlrFUfJ+tGXxpGQq!<7Ho^fUQ.c@e<^40TSDQY!^NDN.GSAa_bpRzqF1`b_U@/Kuo
.yahoo.com/	1970-01-20 07:21:25	Name: A3 Value: d=AQABBGZui2ECEDis6SM_b_h1kZ-IjAIh-FgFEgEBAQG_jGGVYQAAAAAA_eMAAA&S=AQAAAlzQAjmOYDgGa7FFOUO32ro
.blismedia.com/	1970-01-20 07:21:07	Name: b Value: 618B6E66B4ED766353480ECEBLIS
.w55c.net/	1970-01-20 08:04:15	Name: wfivefivec Value: APYGqIiZ1MKHCm5
.simpli.fi/	1970-01-20 07:22:30	Name: suid Value: C1D908C5D69B423293F68D1861CD360F
.analytics.yahoo.com/	1970-01-20 07:22:30	Name: IDSYNC Value: 18yx~21g7
.w55c.net/	1970-01-19 23:18:39	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 02:54:39	Name: uid Value: 2974830362972420813

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=277cc471-3772-4e50-855d-4aca26d6ea3a Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.atdmt.com/i/img;adv=11272209693943;ec=11272230929715;adv.a=5109792;c.a=25656232;s.a=2259545;p.a=301181284;a.a=494199072;cache=2530032951; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
deprecation	warning	URL: https://w1.predictinteractive.com/widgets/trivia_widget/min/main.min.js?{%22dom%22:%22mgoblog.com%22,%22loc%22:{%22loc_name%22:%22%22,%22loc%22:{%22city%22:[],%22DMA%22:[],%22state%22:[],%22zipcode%22:[]}},%22remn%22:false,%22targ%22:%22_blank%22,%22cat%22:%22%22,%22subd%22:null,%22p_id%22:%222617%22,%22type%22:%22trivia_standard%22,%22z%22:%22fppde0%22,%22size_id%22:1,%22url%22:%22https://mgoblog.com/content/2021-22-hoops-preview-wings%22,%22pr_id%22:%2296%22,%22pl_link_target%22:%22_blank%22,%22pl_click_through%22:%221%22,%22group%22:%22college_football%22,%22category%22:null,%22pr_style_id%22:%221%22,%22floor%22:null,%22on_load_length%22:null,%22vision%22:%22is_visible%22,%22interaction%22:%22yes%22,%22show_passbacks%22:%22default%22,%22send_dwell%22:%22default%22,%22no_rotate%22:%22no%22,%22event%22:{%22p%22:%222617%22,%22w%22:%22trivia_standard%22,%22z%22:%22fppde0%22,%22igloo_id%22:0},%22wide%22:false,%22style%22:%22standard%22} Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
javascript	error	URL: https://mgoblog.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://mgoblog.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=26 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65e2ae8f6f3c44782759814dceae4f79.safeframe.googlesyndication.com
a.ad.gt
acdn.adnxs.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adventori.com
ap.lijit.com
api.britepool.com
api.rlcdn.com
as-sec.casalemedia.com
aufp.io
bh.contextweb.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
c9bdf5c86ad68a01187b77e091d617b2.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.jsdelivr.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
content.predictinteractive.com
csi.gstatic.com
data00.adlooxtracking.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e73c7fa4ce4325baa13e1f1df284cc65.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.brainlyads.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
ids.ad.gt
image.predictinteractive.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
j.adlooxtracking.com
js-sec.indexww.com
match.adsrvr.org
mgoblog.com
mug.criteo.com
p.ad.gt
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.zprk.io
pixels.ad.gt
play.google.com
pm.w55c.net
powerad.ai
prebid.a-mo.net
prod-tw-api.predictinteractive.com
protected-by.clarium.io
pubads.g.doubleclick.net
px.britepool.com
r.turn.com
r1---sn-4g5e6nzs.c.2mdn.net
report2.hb.brainlyads.com
reporting.powerad.ai
rules.quantcount.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
static.adsafeprotected.com
static.doubleclick.net
storage.googleapis.com
thrtle.com
tk.airfrance.fr
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
w1.predictinteractive.com
waa-pa.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
www.youtube.com
yeti.predictinteractive.com
yt3.ggpht.com
ad.atdmt.com
api.britepool.com
api.rlcdn.com
104.111.228.123
13.32.21.201
13.35.253.60
13.37.59.66
142.250.185.162
142.250.185.226
142.250.186.162
142.250.186.38
142.250.186.66
147.75.38.124
151.101.193.194
151.101.65.108
169.50.137.184
178.250.0.157
18.157.213.64
18.185.182.242
18.211.226.152
184.31.84.150
185.64.189.112
185.64.190.78
185.64.190.79
185.64.190.80
198.148.27.140
2.18.232.130
2.18.233.180
2.18.234.21
216.52.2.19
23.20.158.212
2600:9000:211e:7000:6:44e3:f8c0:93a1
2600:9000:211e:ac00:8:48e:53c0:93a1
2600:9000:214f:1c00:1e:8f08:2900:93a1
2602:803:c003:200::61
2606:4700:20::681a:294
2606:4700:20::681a:9a9
2620:112:f000:bbbb::11
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:4c::6
2a00:1450:4001:802::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::2016
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2010
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400f:80c::2003
2a02:2638:1::13
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:600::485
3.126.56.137
3.219.181.211
3.221.83.174
3.86.21.221
34.120.133.55
34.149.20.76
34.210.245.148
34.232.180.222
34.253.169.181
34.96.105.8
35.241.31.249
35.244.159.8
35.71.131.137
35.84.44.29
37.187.27.147
37.252.172.249
37.252.172.45
37.252.173.27
44.227.231.197
44.240.108.244
5.135.141.80
51.89.21.21
52.0.73.248
52.19.22.209
52.206.110.153
52.25.225.148
52.28.203.152
52.74.177.52
54.187.25.111
54.234.151.247
54.85.167.1
66.102.1.154
69.173.144.139
009913b0e54e74d00d2cfbe8e08d72cbe9dabab6ba69b37a0907fd73a4428175
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
018bc192232b968b662399f1cb800c44ee22b64285a6334366c667f7ebfea058
02622348aaa567179d4c237c2419b60e06dd608364c243fda3642107b5e15b0c
030b7b73b55bf5ec0d166fb8921889ac1f9302bc88698785c80b4e4380c7d773
035c573597dad7ca55b92f84e09b91e0ea703674f78fa074920679d09041f608
04229993c9ded71cd72d1ac688b3e1490bef2a769c20651f6e39cd53fbaa4b32
0547739fb0766620be101201435fcfa8b096c0d8e85349d8179f69e48ee16dd8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
06a86ab6dd52218086763cc21b8756aadccc36277e17c30fbf7e0223009bc998
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f5262be8007f7f1cece10385675ac62113a37366a9c5440fa32fa42b539a54
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
08e8051b94686609d3d93deeee4cb09a88ad547405f713631677efc1a6873b2f
095878e900d735c7c317a1fd8a0b2c1dc1b7508d26c1174cddf1a7331466e59d
097e190f905b50aa8f3ea6f4dd3e738f277cc9e7c51afd4cbb095c0412178e7b
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
0ac9d31dc3b81bcdca9f1ce07d3e4419308f59e098c4df52803f742819aaa936
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bec6570c1210115038b973afb8294dcc384525c7703951499ab396da7059d4c
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10504939833401b539099f2fe040c8346889db8387ada82330f1fc377bc2fc64
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e7f42d15a1efa09afcc586ac1d79d9008fa7339ece9c40dbc0cbc5aedcf075
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f118eea46b960c634aeed844c46e632f050c9e3ab864a6400aa6c0a80ec7b7
132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
14c36daff17decee6cc55b18090a2d45fc46d04a1cbe8de070613235b098ef6d
14cdefb6314d8a722453886c0368e52f4a7a8da60f52a7a764a339d5a3b073d6
14ffae1f46d118d9c065d96f02ee4fa16061dbf1a7620957d9564b51289a4317
17aeefb583cf275080123496259609e8041b6474032932e8436f1451093de6e3
17ed069243b8b7be57e510cd57b37aff22fa9b4a1b76fd868c4d9dc011abf0f6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188a40d333a21785393b2a556370ca18f6edd3dd5ffa5b86281ceb7845e05158
193171f9d0ebab49b61fe90dbad4927af056ec22fe1dedc845a8bb4faf557cfd
1a6e13a3675e2ae3ccc9d9436c5ee7cc5d8279260bd597ab5d7f8167d0ee5d13
1b49bb64f034cfcbf6eb6182c6e201ee1e7cbd6e77665c8d989c29e9dd5ed19a
1bab3880f653cc4d004c2012e94eed50909ba0a6cfd8540d5a5ffce7caf56c03
1cda86b3c59f7b535dcb886441e00422802063171ad405f63f9f57a1c6228270
1d3ac286158c86a72511230065aeb26ef223e3455e2602f8ae3c96f4150bc952
1d6f0609e0f4e9792fc7d85ca4f85bac17377d3851f3b61de7f637ac814e785f
1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e746a4544a0fed677fbae00394ecb5be6906b9961cb59ee703d0cdb9ea7f95e
1f18dfd43166392d53482502d316b91e27215abe16343b0dbc17110becf467d1
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20084174035d6917983c470f41799f8efb99ea5e30f5eef982e4d444cdc46bb5
205d4039067e9b57d1c8ea2343b86082430d45c5f0e02d151c5d1f20ab53c699
229b175b326330411826053888dc77f213c184afa155543ebe30723b1101d666
22da4265da81f38c4607e7d3326c17a6d1a462746e612f8b2579c3b14cd33dd1
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23556d80a86017592ce6f8377d0553a90fe89f9c7ec30d0f191780958cac7480
238c00e5891d4873624fa6512f26eb7ee12d0ff95d2861427e3a718f31887331
245e8877d33219e1dc65fb4d71476716545cdca2c9d3070519abde35653a43c8
255a631d85aef03464f41508dd9ec095fc0e06ea143a39544897cc592bf4da76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25df4e71c1ba7118993319e5f62d3ab84db7629efc616744791d6de935a26fe0
26ea4d6bb72cd78fc487a86a2ba279ef0c4674a2d624a8ef572e07db8b1331e1
27ade4448213a70309ff4c8e6157e4a386d24af7c89abecb8df2cfd88fc65701
288ce62e2fbcee65af0fb8a6d163db546617298e6637e2701a2a3058a76c46bd
295304f606b4fbb6e72bcf1dbb0e1356c5be90ebcb42154392d4795a721f3f8b
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
29a630cf5111901233f94887450c9fe9189ea23f6ba08c0e7c60629b3b85049e
2b1f0103f733f4da4869cff4c1b30b7bdb705c096246d480be332e95c660e79f
2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee
2c23ddd28ba4dd81afab4c9cc2a78db2e097eacc750573a9f85cc7038829bad0
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e6726a445d070701980a6ba5e452381f6a9cf2fb9265ae574b861c3f6c21612
2e8cdff40bcc0c3bc01bf2bc6ffc90483e768ee6f47e3141ef5876bb1f39fcaf
322caa9e5fdb996a5afa9ef6283b3f0646c72c2add2f2540a82ac24e7c7d917a
32a4fa33149a088bf404579a55fc9636637e184e77a86fb40d73abd2b75683a1
32c6d86a0598b9d7bb5976fb4d51bd5f952a9a94f1e140a8c04a8c4d1b416523
33811d3920ada1f3a8100fc7021b7b9dbecebb18b8e9440d7823ad4fa008bad3
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
34169af71b02b45feb08dbe27772638c0b3bed26fe26d9f015b019be64e4389b
3485707c2d30082b1f3723f9692ea0327c6034346c0271da892d73d5d2ce2f79
39a03c41019be6ab31b43465686c8c7bcc2e25ba542fc23db5e4ff43b34a11ac
3a8547d906ee34a8851f3c86569f0213fead9df11ee4159110ef8ec33b4c9c91
3ac956161b69562fd6e45a617913937ab16ae89ffc18eaba3a81d4526e0876d5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc4c8976917e48d271dc01b9cea9b0fd1b52811fb4a85ba5d807735b0312f5a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fbfb624f1153cf797a3187e22f69ef954a66ed8953c638f56cd855f0b36aca9
4022069a5ded14d585b2934beeea5df3743e70bc48c3974c2188ed4c9384b587
447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54
46045b1fc8ffe6e7956d5702756c6f221b772ef2f55cc38a0ab4f82246088d3d
478a81a25c5a939a8994a92b0ac72e76cbf6fbf3eef82d72dbd10a8dfbc2e358
47a03cdb40941ed9bb87178d34076aa70d7c8a21c2645d9a71e7edb02f94a4c2
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48afeeed97b2af3a855874059d931d733657589a3b627e0928b56e28fbfa984c
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
4acf6e6c9052449f71763158aa2eb5e0a89dee411fc365ad62c6aacd054b13b2
4b2374c121665de61861a6172e64c12e28a0468c6a6c0799e8c3ad6662c00267
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd825f5d45ab682b2a56f15713b72f30fa94fbb15352c9405d1da3b1d8baad9
4d35e6c9b69a08635d2f1d59dd3067233a78f8b12d6cdf0842bd9987c105e3c7
4d9de30f44d155113b05e267edeb3f534339c20b02135b37b954e2be32f1f061
4ee507ed20d99392cc42068423d333225aaee5143bb079bb3c920cc63c505de2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509ab2424579cc51165cfc0f9b53c82fe12612c3569f00c74ac6a5b6f1f58594
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
51b9cee9628def9613279a5acba3506af5bc0e4a623082fe939a8310dfaed98b
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57e07ae19acf82ee28d8d5dedcb4f63fec1b0034141c3156f7fc418a2b26dd6c
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b159e6ef41dbba1dffa56e2a922733a81656a00324bcf82b9b0e48cd6af325a
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5cd43dc68c1717f0fff875ff9cc42db5d94c04a3179d87f4b34a181a7968cb84
5ce56d35fd4889c1d80f079cbc6c9e3515350d7d3f2ab0ffa7c3d81c1d53bab1
5e9a65135f0a698d2df2308a0e7a51c29b3dbd26b3835cd515b6fe3dac0ad5dc
5f7245f8faba0a92b4bf029f93e34205c0769ebe2ef15a73ed0f45b22cbf5e30
61208eaf230342c70144a50695666492e1c140e33bb362bbc0ec3dbf1d14d0a2
6150a014f0a0cb24dfd9ba38a600750c79499567528d929f3880d0226b38ca2f
6251b5a7a501df646d682bb4202e5b98f913ff7426b745dc7729eb0443d3b284
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63acd693106a270f63ee76fb95839b3e920b1df3627aa5ec6c2b89b653ede031
64bf859d26d6a56c05f4506da579091faaf6a218e0dc12a221b63b4033100dd2
66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
690903bae11a2af6ea94866f53d1bf6c9cfd2777ba5596b034eb0769911e0108
692b53f8f6ba69a8f9effe08053e30157f05d0fbd4442ebb587b82f473b6b053
694010e3722a2e8575aef0c6684b60ceed96995a9558d56fbdf7ee7339cc0438
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
699b894b492ff5eb5b20d3c55dd2d61810fff7cf7722c98e8dd5998cef4da77e
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6a611a24848e3e0d249db1d540287760490e98a43ee3eedc90bd03a36c29051d
6dc5032196a4f167a485d72c323f33d7ab3cba0a65d924d11e79db4445eb6a02
6f0160c0d198d260e42d1394b516e5495ee57c204e41cd2147e4026110843d54
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
724d5e151b4ba82f7eaf29667bed3a5ae2167a00343cfbcf2ebed5df806d914e
73219af4f921d15bcb4da59cbaa50f821124de1c6ef167fde2ecc08f13cf94ca
732ac3d1e0be45497ec275b2d9b3f926661e243a4d80da8240abfeaa5eee21bd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
750e66789618a2e5a917b34aa2e29abd2713041f80259ce54ef1b4f0fdffcbdb
757fea1b0dbdeaf45a039097a2d87573933ebcf3bd99f0546821a962a2f3429b
762eb7a8344dd1da033809fcef626f2264cce25c666e5b1dbc17ef9ea5723a81
7691c8355876f35b0380fc1c37dc523c23ec86d73d43bcd77bb98cab082f55a5
77b90df167b67a684475c559d3d223a294817749342369bc028498ccc2daf859
77e4057787bae368d1dd15649cbf34545b5f9787ec7c9bb83846ad8e95496989
7a4b341f48bc5d7de363f8876d99bf437891a73fb4ffa8d87713b7c3a42fdf1a
7a5f97ae791beef344e61320d5015965207e6c7e3e171d606ddf48e2bdd718f1
7a7032e5d1f7f40322b9127915b128179232122c70251337c1e5ba73be14b27d
7a84bb8ebac42d14ad70c3f4adec9416db965b7bab2e0cb1469ca43befec4818
7af38d50a32aeae2254fc10206044bfa2ed47f83377be3a30c9f02ab2be4e064
7b01b36d9b978726eeb935eb9cf4ca4b7ac06e7191264f079068f6b0f3a51e90
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
7e0f43d721b07d29d6310e31aa037a28371e3d85d5ad27592ab1daab3a589e54
7ff1fe3cf52bcd212457128a4402e9bb5c569496bc4f5126c19ad6a7685e4f8a
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
80c2d79c60490444a0dd3a4101e3b1fc00053ed804ecf7be2706d0dd5c7f27dd
80dd92890eb3b5cf2998f3141668bf956843764f1027e038df2dc80ce145bd8b
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
8188bad0f77aaf0e06c5d199b36c85263048a4ac6361bed201939fdab3dd196f
823638d416109400ff7caa3dfb31e2c25bdba67c2cc7c5ada6086d2e550f7b66
829ba3f4985c1ba834b096152b6f456e486ae2f4f15af23daea835e822646140
83edbca201b6fd4ea3cffcf94c7b1cdef8c6ab2be9e8273adfede65a605f3aed
848e395b67c5a776114425ac9ea4cc4f809cdca2caf2685fd2f6a94eba4c7238
84b033a67692828cb38e0db56d21576fe177652c1d5ccfe61010bcee970e23c9
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
860ce6d1ab1decef34593f9ac4d3630c77a3ccdc89ec2a06a627caa9c6e2ea83
871c8bb43d125c55399bccb846741d6b536043e79931fd2b6dabc8da5993129b
8820ea175029bc4576aa97d935dcbd9cc242231ba5950b14a78e41834e1d0fb7
884fe66ed865d9d200e4154bc3127838befef1bdefce8d544c2834f874693261
8ba58700889d4a90393e2ee9aa0112a663ef60055740ee7fa781af5e69675811
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e2c11562c4db62fcaa730cee623e84c9a205115de4bb13785cc434c152831da
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8fe21a5d27d5e3e373a08a0c78a6f2ddb18f80e8e24a769ed5b8c03a011c3e34
9018c4c78b2c89ae030f975ba18c806a4b825d8b470e0f51cfc1327ae09723a7
906a861a9827873b650724fe0da3cee95c0cc80782945e8eee767d81f64e22ce
907dd216d1a0a6dc5d1bd62166c5db67ccc09156bfd1f6dc4ff0db0326a5e17b
910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77
92520ed9f51c1c2931d94eed4950580c5f935ef8bc9135297ac279dee21701ba
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
953357d79c9fcc25abda522ca296145987f143833c7162b3569b30fcbc7d6659
954905fd8a36ac5bcbd670c279777c29cc323e3c5001635091baae35aff1c6bb
95f259a7ddf55f91d0e5b14e03dd11fc5912d71465cee24b9d790a82fe48904e
9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
97b17efeec3db41879c306b0a172ed6fbf99de98cf6fba86af897814278a767f
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
98b006bb1a40d3a6e9bf1fd8864a89de8762dacd667e970124870b76f702909e
98d426e37c5eb97dbdafe0d1860f32aacc66c8464d83f86cc4f34cbf9a1262e1
9a6ddab9c33b155f78e6d9b58a7023de31383ff3a27679c8ca47d452c76218b1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7da4e010fabb7a045234373acca846cdca24219b62065f732a6d1873c99420
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
9b9a7a518058f840160ae48b2aac0af21654717c1171749a2a5a89151b3ab4b6
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9c84b265cade423a8f4233359400ace1df0a64f5faccf4b5ab81879ebc8262fd
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
9e501a166dd6f17a0845252683dd83657bc3e05b9187ca1da8399f13159f910a
9ed87096c1c2b14a5924c310e98c7aea5b2831fc4b62d552ff20e25a78c6be03
9f03592b44b983925bb807dfdc0608ca6107d3fa4c7eeac0499aa3afd2cb3da5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
a08a772c49fef577fd5e0a37663d6d010473be40763496bedb29cf77176bc7b8
a0c22b2f7a1ba76ba4a6d4f37d435f2c89c29461ef89f05c01de25f4b212b051
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c873628dac7a4256f73d0e32e8338774649c296f7cf8c0660b1e35a7d609ff
a2e063dd510341b9b6b5020f5e97eb7d55827a8745605e38db34b87b07f99fb6
a39466e33893924d75838a8722cc9f7dea64bbd144bdec9f2803d6a2cbbef8ea
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d3fc39b76cc98198baedcedba07eed77c41f289e81ab5fa721bfe2a6746301
a5bea68a09f8962f288fb0e92890a175448463c2b10e70594d1f38a1625d449a
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a720a090101e698013011a9d951fa992ca6d948356759db34ed04f4695d6896c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a935eee8aadbdffa9f0bada4e44532e303ff67554138ce1ca124c9a0e65db937
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
aa665863bb2c2f7d98668c0c178fe2ab8f7f94b1e89ee6052d0c825a01d1588b
abfbc3ab305d79e69ff0920c1d1b51a8692574fc6b2b6005993944f3922b5e09
aec746c11e0ca08018685d050ea9292c49386fc185684297a414f172c25b8701
af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16f119714d9dbe39af89d26b0545d10cfc34751216fded19ff68b2c5078a48b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b289061b6d317172ccc824de9e9d689ffb9abad00c76ca75e7f3880b7ecf1660
b2c16719ea97de487b0926f513f4de1cc1a2ebac5dad7eb44cfa9ac6551bef6b
b433ec255d5055741b20f80f1da4defbe1396e640e69b52a6c4faa8c1f6ac95a
b46e0f428fdce40677abe43f33575023b1b2d87cc3285138bb06b253313a7665
b4d15523a78e62e3d52f25dd92beef975bb2d791dd91f14f30bd79252a45f3b9
b5cfacb3b4ea427e6d603c9c2b11b3d109795f58781ed8691f1c71ca05f362c5
b6c8e816b5c81eb1391ed171664b2acf9fa88a83613d00a429722b49ec5855f0
b7eb5e29d5437eac782dc830031d481fc96b30a7e325c6bcab22c6a1eea40e6c
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bbadf415485196032b7c219dd4c951cd8fa20c6efc8ceb11abf8d30b7aba353b
bbb8e6c2e38b5d0e7f188471f2f8b3c4edf44a5cc91d3960579fcf8b761f6a2e
bca6e1b693d88b862bb7ed8b8f66e8e3a89c4195dbc16fb93a3b3d18797f29a0
bd1ad32b9c7af02743811430a905944da6f769b55d381e623ba1bb2d068d2ff3
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c10ea2506ecf91f01f6f3e5f4fe6a68fb90bc3380571880df7b4912a9ed339ec
c5730d19f43f160faa47af29f7e1dc2bafc393be75aa71d21dc93c775a1833c0
c5f1c6517f6eb508f1d52da988364f278eae57571f4b099d6dad48f30ecc07ea
c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f
c6df0cb5ad69c9f5ddcf52cca580cc32423ad80f0fa55915d1e3911584914ec8
c6f935ed16c785e5972f411b2cf4c66a0e3bbb2d33c3266ff09eea8a5a87945a
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
c8e5394d48611e5f6ea02d48fe650e60a422cff5c028e345fdaba0238c4545fa
c953247aa1084d9b0776174e20b795a235c93f9dcf7c9d34fded56de81146509
c95b0ccfcf875f35f279126425d9eb140bdf41ba56a0d3d653501062b5eb3e16
c97e97973115f83b998950a28cd7e4c9a6702c0b5af616051350264d43a8bffe
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
c9bd4128e822496937128e5ad4bdcf1014f675926e53d7d721a968caf5607ab5
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
ca277925c930177901d064c6de8acca5195d184a9d67a45bf5844472eb5ce0aa
ca2dfa44aae1d8af7f6e859037c47e2caf5455e3fa68c9fe9e1a36c38476bbcb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb51374cb16f2a927333f7fc0cca6f9dcd8ea0355439f5f90252e32de463c996
cb5210465d4f21bd46515f76d1dcf6333a2fce5b22cb584aa091aff4f87fb8f8
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cb9fac927a7d79654435cb8230b485067da307fd6ab180222a4ed98b3c33ec99
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ce4ea7b65f5c1ca5d0b20d09f97eebb5641e93176290f94d60add8865e5aad0e
ce83adf6e0d49b16917f23ceb73ef7429020f4d2c6fef35d6793c68fa798461f
cf0bd7d81a508f639e527b684ace5ff3c665862c384d82d96efea9b698389cde
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf90b6476f9be10a327f956507466371eb571cb66932e7a27ad78c0d11f4c3be
cfbdf899233200dc6fd35e2e692722303b4c0a130bd17840cab718a0cc6727f0
cfdd65ae9ec36659ee977dfeb7f5c126539df8f634bad11e53a23406144e2ee0
d08505f04ce8f7028b1e07c49b88ea79ef318bbde2fe61c7501524d610a84b4e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
d18811561130273f524c3f5faffb2d534d1f0ba69d8b0ff0fdddfdf557ba637d
d1e67632e15525fd9b02d2502dc8c295c413fede875ca418bf51208ab4984e36
d22f5c17e02c64ef55db2abd49286cf2e5e810234d80c495835b4f71ba11817f
d25d2b55e63d93587ef650b6bc519b18ba7db6344fb38f9d886bf0098718557a
d3030a9b9a7fd86f735b9716708663b09894300706b60e74a19c0adb4819c4b6
d33ce5b2c350befdea504c9678f68f9325256db9a6d6604e23b9ce3e17147fda
d4c03018bcc148a940bf6837c3db4a91b969868b128a1163b35288a14c30b722
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d79a9b7c39a97f00c5451713eced639f31fac2d9edeab75e233e30ac5a42962a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80823fad4d9c6118f67bd199f7954389e2b02cac09f5a11ec7b744f041e1e0a
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80
d934f6adb606df6ddacb370755f885481c0b16305411f53000be5be6354a7999
d99dd4d581c7006eabeebac8e77dbeae96fbc430cfa28bfffa222f4348d17127
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da49a1404ff461f3ef235a31261fe19ed1e9a3155f1650652e96afb90744a8e8
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
da94cb8971fd481b52eb5c4b4afa790332f6050737ad7e2f2869e7167ca69300
daa111887e6c6292a5210eab4eaa13545341320b7c7bb894c7caac7d751cb0d3
daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639
dbcf46a83e31510775e2c6d4503aba604fe1c1b9ad585c5f1876b9104a4f5324
dbef5d073377eecce8b62ff2438767b4ab0253dbb4fe7423bacc464cecad984c
dc0fb547c3465ce7d3f9c8c532278d9466fcfe4b1477bb346c031f2f5da2fd88
dc9904e70ffda4b6e743bddbd993e8cb2447680cca2d0018145b4c29d48dc475
dcdb22c649de0d33d65a202d01640250834ba056731b1379abf74e0235497667
ddc0a8630e33b6cc54a5b934f343036a404335e26e074bc9168be9bbfeab0135
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df04b6518951f79fc4d35ff827dbd4d324dce48a8622ab4995edcd1786d070a2
df0e2be062ba7e4602b523fc85aff8845d8039cb4e4e204d2615cb118428fa85
e11c6b827a932282fbc602e3c30a11afd41d4438656500cef42fad45a5650531
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2e6c2852a2b9bf6e4c2fe1aa7324a8151d1f3e57fbbf91d4a4af78f75b79a7e
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e389557cf1ed40d21e50d5389ea256ce4c6a4a9ad4de87754047e4088b2d0456
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b00aa6353c93ac3513a1633b85ad6ba388372c918ac121e2e1e3ab988570c
e6c0258818b93ad77e037d2f8b645e07477f88ac3731b969cb356e6837962ce9
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069
e7c9610ec0d923171ec822d71c9b605456b690320a72f4546af38aedf87737a7
e8269127ed5a71fe4453ecdde15773c8b5f755a8df283e395a3f1514298382a4
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
e8a680ead09d80d74ea14470a6308e2dcec48b7308baa6a914417a2af5b687a3
e8cfa9d00307acc88b9fa7774a5afc0ca94e56514dcd9d038e85f1605e32fc94
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9bdca69d547b036e25d347384d96cfa64ca359fd338de9bb0a86f915087498f
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
ea41c7a611a9ee736dc1d2d5840835619b2f0ec25b19818a79d2ee0ccd7cde45
eaa6bf93557d10eeb378f6cb2b072f3e28164319cb4f398d96d19b9c8cb2f4a2
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ecb2df8a8b79143697bf99a93f6d8edf31db839b7987e53287894bd94f217fc3
ecea4d66f76405fa29138e166b2662ee8539923541af98e8ff7bc6ef48575350
ed1aea2e9fba51d361f9a57e9a3d4575a3d985139c01259e31512bc7a45bc885
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee7f1099198b0b301f5fd64fedfcf14b7c760eb1220fbbca9888dc91a3566d1e
eea2a869048e73584c948011665a62e714144b2f0dd36c8fdf2b887497aaa5a2
eec3484a4d8cee9e3a25bbf0a928b448dd1ee37d383acbe6d3e0c40da5f4d6dc
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0aac31347d948e03fdfca09cd82337cc8b8ad63ed35358c8345339d934169bc
f1451e2056a86387748aa56b4787f0e2cc84a66b1f0db00b8825feab432a22c5
f1c6048fcc59901d0d6b0f681b66eadf89387c8422758d1ebac9fa3f4f893a07
f28a7363bc8466b1e2fb3d178ee8353cbe6a8f7311b334b906271e5ce33af85c
f2dcfeee444dfdae64606429e505a097f75cd2bafff13675244f9433c237bd4a
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f4a901fb799310aa3a61e668748d57c9791fe17a4e2bb2efc33bcd9f74e832b1
f5ac9ecf677f9a456c8faf304f9cd9a6deb61b2f7cad70bac84c63428bc7dbe3
f5bb730d23333162e5d53fb8d65019c52305fff7a101e401cc38ffa3cc2e85a7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80c6ccd2454d0251dd06d2bc455783ae40baeb2d1c1efd27267811b7c2c497a
f9a7505e8d5e90d27e3637cc456d782141f15c5d736fdc4336d20eb336505690
fb1c8d5207f4618e58bca629a48fc126942807b51d86c92bac671c6c3130682d
fc7b0362031a5b6602c7dc8c7f1d49a9549e728c146607f4e27ae0f65723f798
fd85608ed11e3c5f170be5e7af3b2d7a5b6ec738c066678a9cd7d38ce03d8e4a
fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5
fef05d80d07270c203d91d89732ffeaee2894235536317398ac56aaf27b66672
ff310fb7f3399a67a4be790b014dfddb3b8e5178b2ca9fd93ee9a14543181e9f
ff38c9f9280745aa6232e9a58a960316eee5a9291fc2525626f42e31f35c31a8
ff9808aadd4c3c76ae0c64914851c4d20888dcade59d15a2e7cce9a8ac7bc3cb
ffc4397534912ac0da6713364af5a51dd9766de920e99f48b21f8f6ccd4af36f

mgoblog.com Open in urlscan Pro 2606:4700:20::681a:294 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

583 Requests

94 %HTTPS

38 %IPv6

60 Domains

109 Subdomains

90 IPs

7 Countries

14660 kBTransfer

32350 kBSize

81 Cookies

25 Outgoing links

Page URL History

Redirected requests

583 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mgoblog.com Open in urlscan Pro
2606:4700:20::681a:294 Public Scan

Screenshot
Live screenshot

Full Image

583
Requests

94 %
HTTPS

38 %
IPv6

60
Domains

109
Subdomains

90
IPs

7
Countries

14660 kB
Transfer

32350 kB
Size

81
Cookies

583 HTTP transactions
22 data transactions