urlscan.io logo urlscan.io
SecurityTrails logo

r.mtdv.me Open in urlscan Pro
2606:4700:3034::ac43:b320  Public Scan

Go To Rescan Add Verdict Report
URL: https://r.mtdv.me/SCAMDIR
Submission: On May 08 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3034::ac43:b320, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.mtdv.me.
TLS certificate: Issued by GTS CA 1P5 on April 1st 2024. Valid for: 3 months.
This is the only time r.mtdv.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3034::ac43:b320 (United States)

ASN13335 (CLOUDFLARENET, US)
r.mtdv.me
8    172.67.179.32 (United States)

ASN13335 (CLOUDFLARENET, US)
r.mtdv.me
cdn.mtdv.me
9    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.74.163 (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
1    2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
9 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
488 B
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
892 KB
9 mtdv.me
r.mtdv.me
cdn.mtdv.me
14 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
122 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 picsum.photos
picsum.photos — Cisco Umbrella Rank: 85055
fastly.picsum.photos — Cisco Umbrella Rank: 132005
105 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
190 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
36 8
Domain Requested by
9 region1.google-analytics.com www.googletagmanager.com
9 www.googletagmanager.com r.mtdv.me
www.googletagmanager.com
8 r.mtdv.me 1 redirects r.mtdv.me
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com r.mtdv.me
2 pagead2.googlesyndication.com r.mtdv.me
pagead2.googlesyndication.com
1 fonts.googleapis.com
1 cdn.mtdv.me r.mtdv.me
1 fastly.picsum.photos r.mtdv.me
1 picsum.photos 1 redirects
36 10

This site contains no links.

Subject Issuer Validity Valid
mtdv.me
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://r.mtdv.me/SCAMDIR
Frame ID: D389DFD2D4DB803CD00F0493CD4A36F5
Requests: 34 HTTP requests in this frame

Frame: https://r.mtdv.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
Frame ID: 5F6FEFCFF5A19AC70CD799EC0AC56A76
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Videos - %100 SCAM DEĞİL BAS

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

94 %
HTTPS

58 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

1503 kB
Transfer

4360 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://picsum.photos/1080/920 HTTP 302
  • https://fastly.picsum.photos/id/124/1080/920.jpg?hmac=URrIBmJYKYpf8t9xOVG6QeYQGZwVP5XmUzB9OpcwExc
Request Chain 15
  • https://r.mtdv.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://r.mtdv.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SCAMDIR
r.mtdv.me/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/SCAMDIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9407df8fc832eb588ff183e9986367b0fc89e16308f6893e10132c512ba96aa

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
880bf4840bdc9119-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 08 May 2024 19:46:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3WAFGgXzmK%2FpbjA5DeqvZioBpyeBA3Utrdt388BBmZTgpb06jzGxfA5OIN9xJ7VmGr%2BsRaQokpeukJeoAFt5ZO71nfQPSavVLgGxCoanQDvw7d%2BVZLs1H1vvRjcyGait7%2F7k5KJ0bQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
styles.css
r.mtdv.me/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/styles.css
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/SCAMDIR
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVm3lkvC9rlqHVee11pqzQOMTq4tx6yppwWkAsewm0VPlELCc1EMRBhjiItSuFiGPFS1uB%2BOm%2FhTdMeo3ylgPJz%2B59KNum%2FpUBU31Kl5YKem8dU08UsTKlwXH9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
880bf4878befac96-YYZ
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		291 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2cb6fdfa371e4e7930866e389adadf8e0b8796177a55d3f24b91bad957792e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101587
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
95da0728bd05f0a462fa458ca6dda560ffeacb9d8d332c131892737bae21e544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51729
x-xss-protection
0
server
cafe
etag
3043105503410131944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 08 May 2024 19:46:19 GMT
video.ico
r.mtdv.me/assets/v4/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.mtdv.me/assets/v4/video.ico
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f9ca4bc856789be8a73a33f4c7bd93691ef9b37204048d5007d25e0525d3db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/SCAMDIR
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 02 May 2024 17:53:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1714672422.56374-4286-3354464817"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hr0lXF4xuHFIZvOJ07S02oNhRaCQcjPs%2BfDkokZ5NMYB%2Bur60FXvs6RwoHaq5Q9zgBli8uL6YvI%2BBW%2B6UWwdvyuGPZ1rYEBBeFGH5F72cPHi%2Fz083zSfZDdQ92w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
content-disposition
inline; filename=video.ico
cf-ray
880bf4878bf7ac96-YYZ
alt-svc
h3=":443"; ma=86400
920.jpg
fastly.picsum.photos/id/124/1080/
Redirect Chain
  • https://picsum.photos/1080/920
  • https://fastly.picsum.photos/id/124/1080/920.jpg?hmac=URrIBmJYKYpf8t9xOVG6QeYQGZwVP5XmUzB9OpcwExc
105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/124/1080/920.jpg?hmac=URrIBmJYKYpf8t9xOVG6QeYQGZwVP5XmUzB9OpcwExc
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H2
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a182b042e2e745dcbe97a42829b41f93e7ab5c2a06d3c1cb68f3d711cbc4852a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 08 May 2024 19:46:19 GMT
via
1.1 varnish
age
1305354
x-cache
HIT
content-disposition
inline; filename="124-1080x920.jpg"
content-length
107124
x-served-by
cache-fra-etou8220072-FRA
server
nginx
x-timer
S1715197580.633799,VS0,VE2
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
accept-ranges
bytes
timing-allow-origin
*
picsum-id
124

Redirect headers

date
Wed, 08 May 2024 19:46:19 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4mtq%2Fr7IYtoy9OIXLc3iwBb5RZwlKnvCITLzk4ZBJW69rRVUPXl0eDFXXXDq%2Bd%2BeIeM15yltCRC6f6NF4bB5Av3fKE%2Bb9wXKaA4BPkorSeZguqJ5a79XIMk5kLPJP4%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/124/1080/920.jpg?hmac=URrIBmJYKYpf8t9xOVG6QeYQGZwVP5XmUzB9OpcwExc
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
880bf4877c545c44-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WCKGFQR8X8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0826a7425afc72fdfa08277d056e9f02bf6a0b57826788d7a0d8b7ba85f02dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z96VBEQQ7C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52a79675f2a43c100d4eedc8f5e316b91dc1291d4ae2c199cf26b6d8a7ff0b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100253
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F9NPV4G8YN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4a066ae25089974789a75991c0a157bf600a9031e2a7db3352970ee2f55aea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cadd33f1d87e1ce6f2f5bb8fa0a08da77dd63e95edd29921cee36a3d11a3ac6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100418
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NSWGD717C6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b13e6d092ebdc8fa0abb65c27bde0c87129235c9863869d7102460a0012ec870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0JVRYDXEHV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d602e43f9348bec2132e29e8b0b333ab0152eada38da7277ca754ab727f35f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N75WS7XWCZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85194730015b936485bbc3f089d839277cf7a8d610ffa075cdae551cc3fdc4bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103947
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZK2C0410MF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed5e7d97da7ef5258dc4d449ed03141d5eba46c5e51667a31678f59853548a96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103944
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 19:46:19 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X2WNN9J8QN&gtm=45je4510v882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715197579&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1025
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rick.mp4
cdn.mtdv.me/video/ 		176 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.mtdv.me/video/rick.mp4
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://r.mtdv.me/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 21:28:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4372
etag
"606d1ff258ea6956030689bba79d2a31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfTaRC67OOoUxazKOtul7HzNpEEoN%2B%2FsC%2BP42%2BGdi4FzOePHzQZasAntKi4fq%2FDjw72DbRbinTqMXBuOsvg5dBBfDDLnykajCLuINPyW9cFTKlc0zgvsnvdOq2qj6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-16724502/16724503
cache-control
max-age=14400
cf-ray
880bf48a7fefac96-YYZ
alt-svc
h3=":443"; ma=86400
Content-Length
16724503
main.js
r.mtdv.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/ Frame 5F6F
Redirect Chain
  • https://r.mtdv.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://r.mtdv.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H3
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5eec769c7abf97568f4fdd09c246399b9fc5ccb5a91e277da4e8d3103d41d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 08 May 2024 19:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRLqm6vSBwyJdyhR%2FMVEsLkHfPcuq9atzLzMKa2mvldcdTyJ%2FLO9IjF6uxhETEzao333VeHUevEDCbJklLFCAZGq9UjA1kjtylPCVtoimbUlf%2BFzldj5y6e%2BfRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
880bf48c6b39ac96-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 08 May 2024 19:46:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIZng7JwhmipLg59S67lY1I8cKESFdAgtRhzVWWP62QRwQ86mMxH4AqBFmRKEzKT9Gll10GYFGDNmMNajT%2FQL1Xc%2B2HcVVkZEz6q4Jl4raJssOKOsIxJJRVjq3E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control
max-age=300, public
cf-ray
880bf48a6fc1ac96-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/ 		412 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me&aplac=true&bust=31083399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
461d52d45c365d0a4d1ac292089523bf40c300f02cef7fe118ab3c5bdb4b82e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142600
x-xss-protection
0
server
cafe
etag
17304269002044299445
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 May 2024 19:46:19 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WCKGFQR8X8&gtm=45je4510v882066978z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197579&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1160
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCKGFQR8X8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7JRQF757RS&gtm=45je4510v882066981z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197579&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1182
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NSWGD717C6&gtm=45je4510v882066982z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197579&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSWGD717C6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0JVRYDXEHV&gtm=45je4510v882066983z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197580&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1226
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0JVRYDXEHV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N75WS7XWCZ&gtm=45je4510v9181555252z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197580&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1267
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N75WS7XWCZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F9NPV4G8YN&gtm=45je4510v882066980z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197580&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F9NPV4G8YN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z96VBEQQ7C&gtm=45je4510v882066979z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197580&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1309
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z96VBEQQ7C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZK2C0410MF&gtm=45je4510v9181555533z8882066977za200&_p=1715197579805&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=703312044.1715197580&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715197580&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2FSCAMDIR&dt=Videos%20-%20%25100%20SCAM%20DE%C4%9E%C4%B0L%20BAS&en=page_view&_fv=1&_ss=1&tfd=1336
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZK2C0410MF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 19:46:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-4005810911916944
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4005810911916944?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me&aplac=true&bust=31083399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
646b13be12e4347cbe6ddb6fcb82c3bd666c80a105eb15e3b85328921458eb9d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cxH47A5dWRrSV_X3INt-xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-cxH47A5dWRrSV_X3INt-xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw05BiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEBd1X2CtAuKdiy-wHgTiVUcusG4C4o7PF1hnAfF39ous_4FYiIejZ-37jWwCE3Z2_WRU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjEwNTDXMzCNLzAAAJYaS78"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUFAq6JRYNRgTW-uAPiypXt8kMJcxdPRjKFNdeRZEZpOfJkD-0UpNFO1W5bV9RdSRrCarNktaWeCSngvsiBcNvsIr5WPFB23b5HTUQsvWE0jN4RbYnPaKEyY2WaV-CKL4dVAR7V3g==
fundingchoicesmessages.google.com/f/ 		399 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUFAq6JRYNRgTW-uAPiypXt8kMJcxdPRjKFNdeRZEZpOfJkD-0UpNFO1W5bV9RdSRrCarNktaWeCSngvsiBcNvsIr5WPFB23b5HTUQsvWE0jN4RbYnPaKEyY2WaV-CKL4dVAR7V3g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MTk3NTgwLDYwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yLm10ZHYubWUvU0NBTURJUiIsbnVsbCxbWzgsIld1UERMN0I4aEFnIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WuPDL7B8hAg.es5.O/am=BgM/d=1/rs=AJlcJMwJ4IRoEOc3I-6MTLid2SE5Jr4Y-A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b10d88b3a8c55495acc091d2f93cda8081cda7a09b9843733ecd1935abba6011
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Lui_VTF-N7cLkaVq19f7Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-Lui_VTF-N7cLkaVq19f7Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw1JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEBd1X2CtAuKdiy-wHgTiVUcusG4C4o7PF1hnAfE39ous_4BYiIejZ-37jWwCDaueXGRS0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjEwNTDXMzCNLzAAAJsdS9Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WuPDL7B8hAg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzDROZo9EwjRDIRHxxebGpOyiKkyQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 19:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 19:46:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 19:46:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
154527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/SCAMDIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:46:06 GMT
x-content-type-options
nosniff
age
129614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:46:06 GMT
AGSKWxVft9gFtPttolIQvYurz5QZEUkfHHZzPKSi0lObxwATwr4sN_hrFEVKDILxVDpWKIrrzLKsLUo3icR6XDUC2lPA5uSQFGCQ_oGo90N_GV5IJwD4kIRO8lvnvKl2l_Wabel1yF5M9Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVft9gFtPttolIQvYurz5QZEUkfHHZzPKSi0lObxwATwr4sN_hrFEVKDILxVDpWKIrrzLKsLUo3icR6XDUC2lPA5uSQFGCQ_oGo90N_GV5IJwD4kIRO8lvnvKl2l_Wabel1yF5M9Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WuPDL7B8hAg.es5.O/am=BgM/d=1/rs=AJlcJMwJ4IRoEOc3I-6MTLid2SE5Jr4Y-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8SLNZgeZNtEC8Idx5jbGow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 May 2024 19:46:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8SLNZgeZNtEC8Idx5jbGow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0gDi9BmsIUAsxMPRs_b9RjaBEw871zAruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxMDUwNzPQPz-AIDALybIqI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://r.mtdv.me
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVft9gFtPttolIQvYurz5QZEUkfHHZzPKSi0lObxwATwr4sN_hrFEVKDILxVDpWKIrrzLKsLUo3icR6XDUC2lPA5uSQFGCQ_oGo90N_GV5IJwD4kIRO8lvnvKl2l_Wabel1yF5M9Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVft9gFtPttolIQvYurz5QZEUkfHHZzPKSi0lObxwATwr4sN_hrFEVKDILxVDpWKIrrzLKsLUo3icR6XDUC2lPA5uSQFGCQ_oGo90N_GV5IJwD4kIRO8lvnvKl2l_Wabel1yF5M9Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WuPDL7B8hAg.es5.O/am=BgM/d=1/rs=AJlcJMwJ4IRoEOc3I-6MTLid2SE5Jr4Y-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nFxsCaXGAfTUfVZMuLvJ5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://r.mtdv.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 May 2024 19:46:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-nFxsCaXGAfTUfVZMuLvJ5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HD1r329kEzjwe9ZaZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYK5nYB5fYAAAywgi0Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://r.mtdv.me
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
880bf4840bdc9119
r.mtdv.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5F6F 		0
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/cdn-cgi/challenge-platform/h/b/jsd/r/880bf4840bdc9119
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 May 2024 19:46:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8Ahvm6iu08dDQm36vW1IshAKz3KDxaBUyift%2FWHacKn%2F%2BvehrQg47b0E%2FKtdNjTT9AGDpZdGdOOOmqY4H5dySvqCYMZ%2BWzWukrSIet8zq0RwFf7jDpdG3YEDP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
880bf490ca5eac96-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
product.ico
r.mtdv.me/assets/v4/ 		4 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/assets/v4/product.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e721c3bafe0e850e71f1d3adab0d4685a6db2634b64e041d472255227b216cee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/SCAMDIR
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 02 May 2024 17:53:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1714672421.9397597-4286-4004778779"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBFrxP8RoBFC99%2FML%2BkMkHgp4sre3j6vUtVDCO1tNjwQYXk95kLxPRV8fhXF4KPPCewi%2BbY76Gl%2FWTrobiO%2F4mEEXiq3wKuLNF%2BvMJNAoG5DezIx2Vt8AWwXS1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
content-disposition
inline; filename=product.ico
cf-ray
880bf4925d4bac96-YYZ
alt-svc
h3=":443"; ma=86400
favicon.png
r.mtdv.me/ 		788 B
760 B 		Other
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fdc567ddcb5fb79f726e79bce531fbeedff43e61b4300f7d922526848f8be4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://r.mtdv.me/SCAMDIR
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 19:46:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIwLAtuqZOEhDFqS%2BJ80w610yT50T8ivzJEVSG%2FWOmvVziNmiuXy1o2g%2BF43a7zINTW9hW7zb4Qlud6N%2F6N3fjEBPTuJ%2F3nkr4PWl3nSPmFg1U7%2BR6%2BYdGlzk%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
880bf493ffe7ac96-YYZ
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| adsbygoogle function| playRickRoll object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YjgyNjdiNDY2NGRlYjVmOWxvYWRlcl9qcw== string| YjgyNjdiNDY2NGRlYjVmOWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

11 Cookies

Domain/Path Name / Value
.mtdv.me/ Name: _ga
Value: GA1.1.703312044.1715197580
.mtdv.me/ Name: _ga_X2WNN9J8QN
Value: GS1.1.1715197579.1.0.1715197579.0.0.0
.mtdv.me/ Name: _ga_WCKGFQR8X8
Value: GS1.1.1715197579.1.0.1715197579.0.0.0
.mtdv.me/ Name: _ga_7JRQF757RS
Value: GS1.1.1715197579.1.0.1715197580.0.0.0
.mtdv.me/ Name: _ga_NSWGD717C6
Value: GS1.1.1715197579.1.0.1715197580.0.0.0
.mtdv.me/ Name: _ga_0JVRYDXEHV
Value: GS1.1.1715197580.1.0.1715197580.0.0.0
.mtdv.me/ Name: _ga_N75WS7XWCZ
Value: GS1.1.1715197580.1.0.1715197580.0.0.0
.mtdv.me/ Name: _ga_F9NPV4G8YN
Value: GS1.1.1715197580.1.0.1715197580.0.0.0
.mtdv.me/ Name: _ga_Z96VBEQQ7C
Value: GS1.1.1715197580.1.0.1715197580.0.0.0
.mtdv.me/ Name: _ga_ZK2C0410MF
Value: GS1.1.1715197580.1.0.1715197580.0.0.0
.mtdv.me/ Name: cf_clearance
Value: OAZAVifvzxifzCbyIDaOhxTvN5VXPwe.DPue0DKV_C8-1715197580-1.0.1.1-FSGU1AcU9yZmYJ0fnjAD8DWeQfDhEIfkkhDxTUwYH2fodLcjHGh5f91lG3Cv6Fsdd0V65itPpoy0ozL9P6fX8w

2 Console Messages

Source Level URL
Text
network error URL: https://r.mtdv.me/styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://r.mtdv.me/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mtdv.me
fastly.picsum.photos
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
picsum.photos
r.mtdv.me
region1.google-analytics.com
www.googletagmanager.com
142.250.184.194
142.250.185.174
172.67.179.32
172.67.74.163
2001:4860:4802:34::36
216.239.32.36
2606:4700:3034::ac43:b320
2a00:1450:4001:802::2003
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2008
2a04:4e42:200::347
0826a7425afc72fdfa08277d056e9f02bf6a0b57826788d7a0d8b7ba85f02dff
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
461d52d45c365d0a4d1ac292089523bf40c300f02cef7fe118ab3c5bdb4b82e7
4f5eec769c7abf97568f4fdd09c246399b9fc5ccb5a91e277da4e8d3103d41d0
52a79675f2a43c100d4eedc8f5e316b91dc1291d4ae2c199cf26b6d8a7ff0b34
646b13be12e4347cbe6ddb6fcb82c3bd666c80a105eb15e3b85328921458eb9d
72fdc567ddcb5fb79f726e79bce531fbeedff43e61b4300f7d922526848f8be4
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607
85194730015b936485bbc3f089d839277cf7a8d610ffa075cdae551cc3fdc4bb
8d602e43f9348bec2132e29e8b0b333ab0152eada38da7277ca754ab727f35f8
95da0728bd05f0a462fa458ca6dda560ffeacb9d8d332c131892737bae21e544
a182b042e2e745dcbe97a42829b41f93e7ab5c2a06d3c1cb68f3d711cbc4852a
a9407df8fc832eb588ff183e9986367b0fc89e16308f6893e10132c512ba96aa
b0f9ca4bc856789be8a73a33f4c7bd93691ef9b37204048d5007d25e0525d3db
b10d88b3a8c55495acc091d2f93cda8081cda7a09b9843733ecd1935abba6011
b13e6d092ebdc8fa0abb65c27bde0c87129235c9863869d7102460a0012ec870
c2cb6fdfa371e4e7930866e389adadf8e0b8796177a55d3f24b91bad957792e6
cadd33f1d87e1ce6f2f5bb8fa0a08da77dd63e95edd29921cee36a3d11a3ac6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e721c3bafe0e850e71f1d3adab0d4685a6db2634b64e041d472255227b216cee
ed5e7d97da7ef5258dc4d449ed03141d5eba46c5e51667a31678f59853548a96
f4a066ae25089974789a75991c0a157bf600a9031e2a7db3352970ee2f55aea6