urlscan.io logo urlscan.io
SecurityTrails logo

r.mtdv.me
172.67.179.32 

Go To Rescan Add Verdict Report
URL: https://r.mtdv.me/giveaways/fe-open-reg
Submission: On April 01 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 71 HTTP transactions. The main IP is 172.67.179.32, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.mtdv.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2022. Valid for: a year.
This is the only time r.mtdv.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.179.32 13335 (CLOUDFLAR...)
7 142.250.184.200 15169 (GOOGLE)
3 104.16.87.20 13335 (CLOUDFLAR...)
13 142.250.186.130 15169 (GOOGLE)
9 216.239.34.36 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
5 142.250.184.225 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 178.250.7.12 44788 (ASN-CRITE...)
1 178.250.1.17 44788 (ASN-CRITE...)
8 178.250.0.130 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 104.17.25.14 13335 (CLOUDFLAR...)
12 178.250.0.81 44788 (ASN-CRITE...)
2 178.250.1.25 44788 (ASN-CRITE...)
1 142.250.185.68 15169 (GOOGLE)
71 19
3    172.67.179.32 (United States)

ASN13335 (CLOUDFLARENET, US)
r.mtdv.me
cdn.mtdv.me
7    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
3    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
13    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
9    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.se
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
adservice.google.com
5    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googletagservices.com
1    178.250.7.12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
8    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    178.250.0.81 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
22 criteo.net
static.criteo.net — Cisco Umbrella Rank: 670
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 12528
csm.eu.criteo.net — Cisco Umbrella Rank: 7853
1 MB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
211 KB
9 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2284
460 B
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
544 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
15 KB
3 criteo.com
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 26061
ads.eu.criteo.com — Cisco Umbrella Rank: 7796
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9585
46 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
53 KB
3 mtdv.me
r.mtdv.me
cdn.mtdv.me
4 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 90
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
5 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 198
49 KB
1 google.se
adservice.google.se — Cisco Umbrella Rank: 103494
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 980
598 B
71 13
Domain Requested by
12 imageproxy.eu.criteo.net ads.eu.criteo.com
9 region1.google-analytics.com www.googletagmanager.com
9 pagead2.googlesyndication.com r.mtdv.me
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
8 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
7 www.googletagmanager.com r.mtdv.me
www.googletagmanager.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 cdn.jsdelivr.net r.mtdv.me
2 csm.eu.criteo.net ads.eu.criteo.com
2 r.mtdv.me r.mtdv.me
1 www.google.com tpc.googlesyndication.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.se pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.mtdv.me r.mtdv.me
71 20

This site contains links to these domains. Also see Links.

Domain
mtdv.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-11 -
2023-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.se
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-14 -
2023-06-09		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://r.mtdv.me/giveaways/fe-open-reg
Frame ID: 65C1EA28A652FC5B3CB275326C52C5EF
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 11967C07EAA41623FABAE04954704C3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&adk=1812271804&adf=3025194257&lmt=1680343321&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320601&bpp=4&bdt=367&idt=411&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2039348426273&frm=20&pv=2&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=434
Frame ID: 6CB55F1FD82C7D31B1FF89DC059DBF63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Frame ID: 8AE74AD613F34372AB3C3DA9A7503D2E
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Frame ID: EA20393D3E00B7F13A4BFE7D32A15EE6
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8359A662047ECA812BABCBAC316D5E58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F7D38D564F3E52BA100B96162D4A826
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

71
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

19
IPs

3
Countries

2201 kB
Transfer

4275 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fe-open-reg
r.mtdv.me/giveaways/ 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e524fca3fba950d4b534bcdb9b0f9cc72201744f5ef2c8c0dfa6e6ada599cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b0ffe751e861c12-OSL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 01 Apr 2023 10:02:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqyL0EedvoE5m%2FA7zAaj9UqVH98vjgK1bWtuIBvgDzgMvReSlWuXywnPVc9762u4kV5xCBqRP%2FpTQa3UZKYTSGSUpVLXhNEwK%2Bd3AqkKuTZEBJpaJAGufnqDzhE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		225 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
38c678cc6b501e6d8b4473583dcc9a2246fbde6c76f3ef42236a9551788f5d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80222
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3288499
x-jsd-version
5.2.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230090-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTUqkkm0Ry%2FfzjuL73syX2ni8sjNgdd9mrPhGguCKHPoEHTO%2B1R%2BYJc%2BnAQVfv77kza0tKAc4WR0nBFfARKDxcJTERFkVCwt0lz3ZIDmj0AGQYK0l2v%2Fsv4QlNVJp4K8Pcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0ffe77fa7e9906-ARN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e43c4fff0a3c153ef7e7201579650524f2cc4a53a7f39fa51a63bfb3f0b88e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48429
x-xss-protection
0
server
cafe
etag
14942280357492878510
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:02:00 GMT
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.11.5/dist/umd/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.5/dist/umd/popper.min.js
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3288416
x-jsd-version
2.11.5
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230111-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"4d36-iXnFvLmVc4BctoOR4R3Y2/669h0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ad5TKzbrLPEj5k0AhS%2B4YvBMEbgzudTHzUYH949YaUukqwttWrg%2FS9pzYetrPmah8QERGA7O%2BsQn5LZ6jTP%2F0HaQuFd%2BKYwtD1mlDpuBdmeAIgu6joXVYna9yC8NJcuFWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0ffe77fa869906-ARN
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.min.js
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://r.mtdv.me/
Origin
https://r.mtdv.me
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3288469
x-jsd-version
5.2.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230087-FRA, cache-yyz4564-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"eac8-9zZZhZYveAktjurKbWYz1vv3VYM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9UAg2%2BmfgIKmX7o%2Fl8hzz3CZmA5T%2BvKPWMEpddBw0tqysinA8PRMWkxk9bVHB3T1EKusSjU4SIB8uAyua%2FwcXqZV%2F8HN5bdHLDWWdrDAIjQlpBqYTTLTcLwamW1H%2Fsqm64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0ffe77fa8a9906-ARN
rick.mp4
cdn.mtdv.me/video/ 		223 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.mtdv.me/video/rick.mp4
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://r.mtdv.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 21:28:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6321
etag
"606d1ff258ea6956030689bba79d2a31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU9Ejf8oMNKUr%2BE7zEkAbKTh0p%2BYHaQAcfueRz4gc300sXxquRhazXNexTwQ5cqrHQ6mPgRc%2FaqxifEdQr%2FR8RqowkHjNb0VrQI2f86BQAp9bzT8OXmZrPvCTHEGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-16724502/16724503
cache-control
max-age=14400
cf-ray
7b0ffe77c9151c12-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
16724503
blog-cover
r.mtdv.me/assets/ 		373 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.mtdv.me/assets/blog-cover?color1=0165cf&color2=00000
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a5300a4bcbb08c4c178cb2d67c39e5b027cde5615c9da3aa317ed153fe4e35

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/giveaways/fe-open-reg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSgInEPOkOsajB3HZuuKYDIri8LSjSyg%2BkSH%2B38gN3jjW618bGjKw9%2BcIE502FYaQWM%2BQID75Oxlih7zxYg6fJhT%2BFRbFCTHhsXchzHNA79EYA0sIHlxQVWt8Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
cache-control
no-cache
cf-ray
7b0ffe7889bf1c12-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WCKGFQR8X8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1b9f8e17fbdb38fad1efc916bfa00722c73434a0a75bbaa5f76e535778d83050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z96VBEQQ7C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
264c1f6f124cffb6d68b1b1665f758ca2ba82754c69a5e0f090b15a5996d6311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79248
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F9NPV4G8YN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f2e52668ce11eea224144406ed067e4a075cfb85d6d50df70bff61fb97069795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79247
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
94c0d4a41588a94298998ed66f4165b584ffeca09e51567d32fb7aa4bd94814b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79256
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NSWGD717C6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fb73e25191b96881c2419ed6fcc25d070e714456762b1caf15f22f7a421c593d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79267
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0JVRYDXEHV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
05c538474ac046cc1c34c06274149cbf1e095369d48ef2de9675eb403397fd56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79273
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 10:02:00 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X2WNN9J8QN&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 		350 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e85309006bf488c39c397b92c3f67fd1d3093683674cb74f5fd113f22d4bb27a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119837
x-xss-protection
0
server
cafe
etag
9055775212129436329
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:02:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 1196 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4005810911916944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r.mtdv.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
35454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 00:11:06 GMT
etag
2378337311435320485
expires
Sat, 15 Apr 2023 00:11:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7JRQF757RS&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WCKGFQR8X8&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCKGFQR8X8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F9NPV4G8YN&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F9NPV4G8YN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z96VBEQQ7C&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z96VBEQQ7C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NSWGD717C6&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSWGD717C6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0JVRYDXEHV&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0JVRYDXEHV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		381 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=r.mtdv.me&callback=_gfp_s_&client=ca-pub-4005810911916944
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0466527f7c7231a184413c97474088d6d7021f740cbe15e7bbd1c2df664d6b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
integrator.js
adservice.google.se/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=r.mtdv.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=r.mtdv.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6CB5 		1 KB
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&adk=1812271804&adf=3025194257&lmt=1680343321&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320601&bpp=4&bdt=367&idt=411&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2039348426273&frm=20&pv=2&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=434
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
072a18508a13afc8cf53b5bd5f83c4e7bcbd1b3b2665b3dd71240e564b47d5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r.mtdv.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
423
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 10:02:01 GMT
expires
Sat, 01 Apr 2023 10:02:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8AE7 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
fa3b61ac2ee02449e32952e23249877895ba122115bbbb0953778c7f887fbcb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r.mtdv.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 10:02:01 GMT
expires
Sat, 01 Apr 2023 10:02:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 8AE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
13405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Apr 2023 06:18:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 8AE7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 22:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
41459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
server
cafe
etag
8048349561987089234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Apr 2023 22:31:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8AE7 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:02:01 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8AE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmlGAGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTKAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-CJSxPVGBUbjoW5dO4MTkdOCYXy0wX34FyOwNykAqMJJkBRcqr7mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDAwNTgxMDkxMTkxNjk0NBgA&sigh=PvcCq_2tRLU&uach_m=[UACH]&cid=CAQSGwDUE5ymPtU9AKqqENWUulzRWpbq2CPYRNBDZhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Apr 2023 10:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 01 Apr 2023 10:02:01 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8AE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kMHHFb76RLAJmAKdg2ICAgAAAGK5QkyufGr0EBgBKGQ1IEbEVRSkfUosAAASAAAKCkFRVUJEd0VQRHc&wp=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
168495
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame EA20 		144 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7a202e80879968ad5593fa049fbd83176e2ba3e499f9e035d31c336ec10bdc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 10:02:00 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fgKKIvbuWkKFst4cdKaAd37vIHe8xkJB4k98rS-Q2tttJ_G2-baemaeBCEcpWedhIt0odyIDTEedA5zxooac8uskwBHvqTbVu8N1o80-9Y8KIctXigP2XK6Xo_Jeoz67Z-AAAhZTgmyM-A5UDTztQmNRL_CVQAIU7aVDxYiq2-5PFGGL8Z6ZeKyGjA_XaJefxGoWa-zb2wbYI49HUViRGaxPtw_zkjnAm06WI24m8Oo8NKsmL00U8vnPPzrttfLcX7vqAA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
28697718
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44786015&pvc=113699811258007
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=AUTO_PROSE_BOTTOM_ANCHOR&vpt=DESKTOP&pvc=113699811258007
Requested by
Host: r.mtdv.me
URL: https://r.mtdv.me/giveaways/fe-open-reg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8AE7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b89c4b2678113dea6a3cf565ed4767ff71e6c12afbefe9eb6b5d06c7fae289a2

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame EA20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:02:01 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame EA20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:02:01 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EA20 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 26 Mar 2024 10:02:01 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EA20 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 26 Mar 2024 10:02:01 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame EA20 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SQk0YodoZEEHaV7iQtXJt_RibphKV45RFU_VKM3ah4pZLCxNLTb2kxybMrr3acXX0QqTf_UdFrvCCq-L-7rI_I9O55mOv4_Uo4qRexwS2bfNRETYZIEVsTw4abkVaEBfjM2E-lh521BBrgqUDZ3qkvNMZsLACA84pcdbdRDkJl3mLmDYYkkBWAZl-wKiNCQFi2MLytDyKBPXy1fLVl26QiyghEVWZ-_VQ28-csgOMwie7lR7MvBflHecs7eD-5PmXpmj-pIozZSCvef_J9ozBZYWkbKNrH9-1-EV75ClDeduMjqIRWH9FxeaTna6T1kpOy_DWJiGEibXEqb9ts7Bj7G7CAI5sCsLrlH69-GTCqFdmPWE8p4u-aU_esGOYn6GudCl1KzEGZsKfYwt_DVYSxcXGQ0JydsmjcjK0fc3j7XlQkry
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1949573
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EA20 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1953226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sPgDGFUF1AL5ufDfQuJJ0k0gZ1eLf7aymABDXH96aihZvlWxIwq%2FteCFmLa0%2FQIb1qO1XovoJNxfhcxaO4Qi3TBVyYzSBE3aNKnHhgwHOvoDuqtXFyWK5%2BNYwtgT0ty6SfRMrYg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b0ffe8049ef98f4-ARN
expires
Thu, 21 Mar 2024 10:02:01 GMT
animejs.js
static.criteo.net/animejs/ Frame EA20 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:02:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2F76e9c8c741814172ba76955df8d26f20_01-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=DTGSHeZcrH93noCcpG7SLmYx
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
88fdc9134cb29181d2b0b394066ee8c21d6758f12d75f821681175942182210d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
82084
expires
Sat, 09 Mar 2024 22:30:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2Fa45f3afcc7d842bda318267608b34a10_02-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=lCk1IwdHAsKsMNilqgGuDdl_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
61c1507a3548dda446499967a029df436da70f182edb49ceaadcd80eacee027f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
189754
expires
Sat, 09 Mar 2024 22:30:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2Fe20f8b80312e49b3b9dcd6e86a2bdadf_03-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=WAeZ0357pVZqLHq_gsI7xDzi
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5bf7d7f9bf52189a0d494c218dd7e5b32d28fecbb0c0b857f15af974c76b579c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
82488
expires
Sat, 09 Mar 2024 22:30:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2F468b07467da84258a19c1cca82a23dcc_04-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=GxMEk3T2B-JjTV1P8PPB00MG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
41cc3a7b78d290f383ce76898875cf1df96851f8e0bf3907e6a93fe0647d618d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
57552
expires
Sat, 09 Mar 2024 22:30:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2F5b8b82e72549427fa3743caed9ce710e_05-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=o51WWZ9WFaSbp6_7prfczBr_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4cfb4d52f417fd40e0a454347a2c2f6f0b10b066280384624c2146b1f46a4855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
160128
expires
Sat, 09 Mar 2024 22:30:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2Fc9e00742283e4fe78994b7505df1fd14_06-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=99UHJYBHUL3IQIM4u50rXGHc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5401bf32b29fa7239541c6ff11c22a7d387bd86add772b4fc260680d61fe48fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
77764
expires
Sat, 09 Mar 2024 22:30:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2Fa8295fa1a4ba45ac95653858f0b4f865_07-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=wLvAjUDpCyr72fLTn01zWWOX
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bdad826c5fe56606ef3689a6b0fda98184604f451ef9d1eccc737993fc1d70ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
140850
expires
Sat, 09 Mar 2024 22:30:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2F412b13f6413947ac81b46c958c1d37fd_09-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=fzyfNur6prR6yM6Fh0_gmNmc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2eaa0feeda4856527cee9e63708e409c30ba876d9ddac1e9d370cd3b3935be2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
86002
expires
Sat, 09 Mar 2024 22:30:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2F31715631c881408187088b7f7a9c8786_08-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=ELvqyoV_wS48whFvYnYyrSI6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
77c06e0bfcaf6ea94a93475dc66c8bdded6bdf9a9b70daa2a46b291c8f77fcd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
88568
expires
Sat, 09 Mar 2024 12:30:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2Fc026f2865e684504a703efcc519d0fe5_amanti-ag_logo-v1_rgb-neg_01-4x.png&v=3&w=2396&s=9nmv3lQ5kp0AIPoqwnA8dr3t
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
74d550b6fe3b25d8a1f7aba4f7ae3c322b32b2ae6704e84c9f1cb4aece4d252a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
24031
expires
Sat, 09 Mar 2024 09:15:34 GMT
all
csm.eu.criteo.net/ Frame EA20 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fgKKIvbuWkKFst4cdKaAd37vIHe8xkJB4k98rS-Q2tttJ_G2-baemaeBCEcpWedhIt0odyIDTEedA5zxooac8uskwBHvqTbVu8N1o80-9Y8KIctXigP2XK6Xo_Jeoz67Z-AAAhZTgmyM-A5UDTztQmNRL_CVQAIU7aVDxYiq2-5PFGGL8Z6ZeKyGjA_XaJefxGoWa-zb2wbYI49HUViRGaxPtw_zkjnAm06WI24m8Oo8NKsmL00U8vnPPzrttfLcX7vqAA&sds=2&rev=85392.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame EA20 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:02:01 GMT
lato-400.css
static.criteo.net/design/googlefont/lato/ Frame EA20 		682 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-2aa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:02:01 GMT
lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame EA20 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin
https://ads.eu.criteo.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-5c1c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 26 Mar 2024 10:02:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230329&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4f3b05b7bbc1fa58ddc13d2cc766b14638b02c8d083d6fdf2c6b901289c97b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11361
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4005810911916944&plah=r.mtdv.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 10:02:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8359 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r.mtdv.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
3655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 09:01:07 GMT
expires
Sun, 31 Mar 2024 09:01:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8F7D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
30880a25cddd9eed727cfd2ae2e0226ec9b622aeefcfb9e9312c24134ffb07bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kA48cto3SYLzt9mtc91Yuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.mtdv.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-kA48cto3SYLzt9mtc91Yuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 10:02:02 GMT
expires
Sat, 01 Apr 2023 10:02:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame 8359 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 16:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
62591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 16:38:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8AE7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstY2UoQHhQBLkvlSkjByElhivPd6bgDPzFt6jqt9hgQf1PTZOIO3JPcL4mDB9luykItanTk53fgsaQSbJiN1WPgPqk&sig=Cg0ArKJSzGRExp1xzhZ8EAE&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4003886531&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680343321044&rpt=508&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230329&jk=113699811258007&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame EA20 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fgKKIvbuWkKFst4cdKaAd37vIHe8xkJB4k98rS-Q2tttJ_G2-baemaeBCEcpWedhIt0odyIDTEedA5zxooac8uskwBHvqTbVu8N1o80-9Y8KIctXigP2XK6Xo_Jeoz67Z-AAAhZTgmyM-A5UDTztQmNRL_CVQAIU7aVDxYiq2-5PFGGL8Z6ZeKyGjA_XaJefxGoWa-zb2wbYI49HUViRGaxPtw_zkjnAm06WI24m8Oo8NKsmL00U8vnPPzrttfLcX7vqAA&sds=2&rev=85392.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCgBGQABcacIFV6BAAmtw3M_qk1Uz37QfoOV7A&u=%7ChFXnxP4%2BrsdD4JtE4GegWCgFwB20Hgfk8cSslSXTCKA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861M41QWoXpNWZ47K3mQKLePW5nmfotBjXCYrDNE88Q5p6wKgMm3MWQIe6iCTkueswisc5SpdDoS7BDWHjb6wj8y1uLWWCyiesLQ9gJoAbdqJ0Q-3_wzrU8IiJa9v_fOsGhU5U93BQrsHvYHlMwCGzU7IwffFZGHbmBnJ9aEVGB671372_VaJ1Ei00syLzfdO-yuAzc0t0Qigg1Docyiq-e014OtNnqwmfKV5ff99TN-Jm5O8K6pI9m7P2nfnmdBKmjhbSePeRtNDUdN4ggHG7OtL8FLvnoFtCGuMHVfD7_XmU1-59KhJpdPnBDUy1y0oIwHTq4t7ItjR53o2sRVgakyLNONhEWZ3YZ5Av4sBPibRxTV9hI5X5LKZbSePoAMRTfxlNG8jHdIwYdiv0TmEl0PiA8i1knD_PsVFgSP8_inTbd-0UFuemw-9psBMRr18Y3fUdg6s_FRzkrIdPS0d0fE2HsqYh9pz_T0-IQp4H8kJ1L0SKV1sO5Z3C9aUr_arWR4ZkeIZ5bdYICIzckRB6zyt0bpvClb-7T2GDGB3shcKTl00nGZTs7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNRBaGQEoZKfjBYG91fAPw9ummAbJntKxXIX-l_dwwI23ARABIABg8a38haQfggEXY2EtcHViLTQwMDU4MTA5MTE5MTY5NDTIAQmpAuejGO2JL7I-qAMBqgTNAU_QE2AoUZuaY7nBVH82VBrzTkfDBC58bA_Ch8pc3gl40SPAFeZJnyB5np8cPX5ng40As_lGlDnaMKiv94rXJsDo9HZOaak1N4nRs_TEwyH3-wz1D2HPJZ7nGw6vRH0155BlKkZaMNa3w8MnCiTC28s5rnW5MI3rqzHlUtG8oCA8-DoB59fEF454TXij3xrZzigJnFvbr4mdf1wsVVFVGqCGDR2-SpaQr9YOzatXx4PtMPlCjOmMVZs6cWaHfCQwbLKVLr58gL2uvAaJA3mABuWdo9n_-OHMEKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1buv3QgN8n8BSGRQI5rJ89-1DflA%26client%3Dca-pub-4005810911916944%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 10:02:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8359 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZzuCwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230329&jk=113699811258007&bg=!ysmlyZ3NAAbEgrg45II7ADkAdvg8WhO8dMcI8dv0LtNutAyXmbXPYTOk1yYEFT_bbnH4Izj0ODrOdG4jXIb8cuze7iiBSIqHQIECAAAAY1IAAAAJaAEHCgDJkxxM-nWMBUZDAO0WxysPVKioB_MAjTJU5G6iVwpoCoTj8xh1U9-S6Vlp3FWPXf3GLPtl_kSSSsgaUAHCsAIROstyrLlP8PUnT7_tPA2-G0kGkIe5etvGZyH8ZnfMM67Y-l7LpU43M2Sa5NCby_xdd5394vl8u5DdKli3cZXJ4XuYJZo15a08amKz0hyEQCgDCNbgsvgrwOnO9VqLCL1_zonjCSguV43hikYZ0_om7m5pv78q4oYP5xDPtnhjXxYKpKqQ0ItYyRy0mQKRtapbGE-jKEGmBSBde2k8csi0sBL4D2MgjPGwLNO4RmwMWSJyJuPiEkth_ch0jbmNopg8_XWjdzZSkv5bCYGEVDKV44RAxOIoJpgtKo5aJU5qevOtqlEJDjX_Fno3Uthgl_v_56LT2qMqMsIY6Vrun5VcCPUPiPLiVIJuBe8dz7AATGlPVHM8JVzbRvfMKhkMx2iL1VzbM8RalZlePD5dYqFfKfUcX2uwazEZ5UejZtdQUu9UrojUElka6XBx_zjfHHWUXZU9MazKo6dUfZe_EkIOAi37FVBmz_LCSklcH65x2nKRG9gEvDzb1buiKQ6SXHFNo7kRWdeBM_k_8XScAiRvp8c-Nh-cKSn_36XHGq148nRbIQp1EPJkKotGh3e3k3NfWGdubhA2m6ZASdabBlHvBiVi7Nz7_vOsxkcr6XpqN0Rjo4X_TMUczSQJBRwr1C8Su0T39QTdb8yySsRqCRuPeWVv5fUWMSf5_yTxds6P0vY7tAnhuHh_Oi2sG_QK98kXhdi7KGnKK0Q1ZsJFQTS3JAdN53g1oM-7PJWGsY27nNC14w1p48YfOxxfbLAemLIxsYun4J0FrugADymQo1o2-M8abwQYnAbjUbZluTJu_nGApQctPORiix_-2pMpDqUn0U6h4lz0L71DgRSxDjWFmj_2bKJ-8i0_8qhmyX5bddyiVjC0XukC65aVS05mIuJjxpHUw6dEK7EYhjphBc2Q4nxJ3XYQughc51Rbwa1ffpBM2sI86FwYmYL4RLdcavDJHY0kLZubxvkZrdtfLsaJJyIbivuwEneQfdhd7sT-X3rV9trViVdzEQ06E0o_PMn69w1tK1hvCG-sgOu2cfZ8YBQIj6tMwWZTeH5lEGPh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
img
imageproxy.eu.criteo.net/img/ Frame EA20 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2F76e9c8c741814172ba76955df8d26f20_01-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=DTGSHeZcrH93noCcpG7SLmYx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
88fdc9134cb29181d2b0b394066ee8c21d6758f12d75f821681175942182210d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
82084
expires
Sat, 09 Mar 2024 22:30:49 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X2WNN9J8QN&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2WNN9J8QN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame EA20 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=101628&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F101628%2F230207%2Fa45f3afcc7d842bda318267608b34a10_02-amt-summer-camp-criteo-ad_horizontal02-2x.jpg&v=3&s=lCk1IwdHAsKsMNilqgGuDdl_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.81 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
61c1507a3548dda446499967a029df436da70f182edb49ceaadcd80eacee027f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 10:02:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
189754
expires
Sat, 09 Mar 2024 22:30:49 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7JRQF757RS&gtm=45je33t0&_p=1402201256&cid=545818285.1680343321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680343320&sct=1&seg=0&dl=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&dt=FinElite%20avoin%20tunnuksen%20rekister%C3%B6inti&en=scroll&epn.percent_scrolled=90&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JRQF757RS&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://r.mtdv.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 10:02:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.mtdv.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless function| gtag object| dataLayer object| adsbygoogle boolean| loading object| noRightClick number| click object| Popper number| uidEvent object| bootstrap object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack object| googletag number| h number| m number| s object| GoogleGcLKhOms

11 Cookies

Domain/Path Name / Value
.mtdv.me/ Name: _ga
Value: GA1.1.545818285.1680343321
.mtdv.me/ Name: _ga_X2WNN9J8QN
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: _ga_7JRQF757RS
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: _ga_WCKGFQR8X8
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: _ga_F9NPV4G8YN
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: _ga_Z96VBEQQ7C
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: _ga_NSWGD717C6
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: _ga_0JVRYDXEHV
Value: GS1.1.1680343320.1.0.1680343320.0.0.0
.mtdv.me/ Name: __gads
Value: ID=cc3f957c387877d6-2234fab4f2de0013:T=1680343321:RT=1680343321:S=ALNI_MaFwoG0iC41xh4ue7xSYbdbEtXR5Q
.mtdv.me/ Name: __gpi
Value: UID=00000bcf1bd731e5:T=1680343321:RT=1680343321:S=ALNI_Mb6vJ-DbDw-6JbKIilth0UFFCl-hQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlSOXslGH-GJog3PukIjNOsFT_IHrTzjQo-HEBLwPu1kI-clsHVs0TRTBepEoY

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4005810911916944&output=html&h=280&slotname=3822788140&adk=4003886531&adf=590050798&pi=t.ma~as.3822788140&w=1200&fwrn=4&fwrnh=100&lmt=1680343321&rafmt=1&format=1200x280&url=https%3A%2F%2Fr.mtdv.me%2Fgiveaways%2Ffe-open-reg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680343320605&bpp=3&bdt=371&idt=433&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2039348426273&frm=20&pv=1&ga_vid=545818285.1680343321&ga_sid=1680343321&ga_hid=1402201256&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C44786559%2C21065725&oid=2&pvsid=113699811258007&tmod=463880892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BzgdFe0OQS&p=https%3A//r.mtdv.me&dtd=438
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.se
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdn.mtdv.me
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
r.mtdv.me
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.16.87.20
104.17.25.14
142.250.181.226
142.250.184.200
142.250.184.225
142.250.185.226
142.250.185.68
142.250.185.98
142.250.186.130
172.217.18.2
172.67.179.32
178.250.0.130
178.250.0.81
178.250.1.17
178.250.1.25
178.250.1.6
178.250.7.12
216.239.34.36
0466527f7c7231a184413c97474088d6d7021f740cbe15e7bbd1c2df664d6b5d
05c538474ac046cc1c34c06274149cbf1e095369d48ef2de9675eb403397fd56
072a18508a13afc8cf53b5bd5f83c4e7bcbd1b3b2665b3dd71240e564b47d5e6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1
1b9f8e17fbdb38fad1efc916bfa00722c73434a0a75bbaa5f76e535778d83050
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
264c1f6f124cffb6d68b1b1665f758ca2ba82754c69a5e0f090b15a5996d6311
2eaa0feeda4856527cee9e63708e409c30ba876d9ddac1e9d370cd3b3935be2d
30880a25cddd9eed727cfd2ae2e0226ec9b622aeefcfb9e9312c24134ffb07bf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38c678cc6b501e6d8b4473583dcc9a2246fbde6c76f3ef42236a9551788f5d7a
41cc3a7b78d290f383ce76898875cf1df96851f8e0bf3907e6a93fe0647d618d
4cfb4d52f417fd40e0a454347a2c2f6f0b10b066280384624c2146b1f46a4855
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b05b7bbc1fa58ddc13d2cc766b14638b02c8d083d6fdf2c6b901289c97b41
5401bf32b29fa7239541c6ff11c22a7d387bd86add772b4fc260680d61fe48fd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bf7d7f9bf52189a0d494c218dd7e5b32d28fecbb0c0b857f15af974c76b579c
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1507a3548dda446499967a029df436da70f182edb49ceaadcd80eacee027f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
69a5300a4bcbb08c4c178cb2d67c39e5b027cde5615c9da3aa317ed153fe4e35
71e524fca3fba950d4b534bcdb9b0f9cc72201744f5ef2c8c0dfa6e6ada599cd
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74d550b6fe3b25d8a1f7aba4f7ae3c322b32b2ae6704e84c9f1cb4aece4d252a
77c06e0bfcaf6ea94a93475dc66c8bdded6bdf9a9b70daa2a46b291c8f77fcd5
7a202e80879968ad5593fa049fbd83176e2ba3e499f9e035d31c336ec10bdc9c
88fdc9134cb29181d2b0b394066ee8c21d6758f12d75f821681175942182210d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
94c0d4a41588a94298998ed66f4165b584ffeca09e51567d32fb7aa4bd94814b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
b89c4b2678113dea6a3cf565ed4767ff71e6c12afbefe9eb6b5d06c7fae289a2
bdad826c5fe56606ef3689a6b0fda98184604f451ef9d1eccc737993fc1d70ae
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43c4fff0a3c153ef7e7201579650524f2cc4a53a7f39fa51a63bfb3f0b88e39
e85309006bf488c39c397b92c3f67fd1d3093683674cb74f5fd113f22d4bb27a
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e52668ce11eea224144406ed067e4a075cfb85d6d50df70bff61fb97069795
fa3b61ac2ee02449e32952e23249877895ba122115bbbb0953778c7f887fbcb6
fb73e25191b96881c2419ed6fcc25d070e714456762b1caf15f22f7a421c593d