broblogger.com Open in urlscan Pro
173.201.188.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://broblogger.com/
Submission Tags: phishingrod
Submission: On January 09 via api (January 9th 2023, 7:13:23 am UTC) from DE — Scanned from DE

Summary HTTP 174 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 24 domains to perform 174 HTTP transactions. The main IP is 173.201.188.181, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is broblogger.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 9th 2023. Valid for: 2 months.

This is the only time broblogger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	173.201.188.181 173.201.188.181	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.234.31 99.86.234.31	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	209.25.233.253 209.25.233.253	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.29.35.229 52.29.35.229	16509 (AMAZON-02) (AMAZON-02)
1 7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:e21e:b28b:5a38:9bc	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
174	28

28 173.201.188.181 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 181.188.201.173.host.secureserver.net

broblogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.234.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-234-31.vie50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2004 (Ireland) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.46 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.25.233.253 (Canada)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.35.229 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-35-229.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e21e:b28b:5a38:9bc (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	669 KB
31	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 static.doubleclick.net — Cisco Umbrella Rank: 393 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	195 KB
28	broblogger.com broblogger.com	623 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	156 KB
10	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 142	16 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	828 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127 jnn-pa.googleapis.com — Cisco Umbrella Rank: 323	34 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	288 KB
4	adition.com 2 redirects ad2.adfarm1.adition.com — Cisco Umbrella Rank: 39008 imagesrv.adition.com — Cisco Umbrella Rank: 13308 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 34090	1 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124 www.google-analytics.com — Cisco Umbrella Rank: 103	21 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723 ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	489 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 497	948 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 871	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5450	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	112 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 963	191 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 181	60 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	703 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	26 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 204	4 KB
1	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 10356	8 KB
174	24

	Domain	Requested by
39	tpc.googlesyndication.com	googleads.g.doubleclick.net broblogger.com tpc.googlesyndication.com pagead2.googlesyndication.com
28	broblogger.com	broblogger.com
23	googleads.g.doubleclick.net	1 redirects www.youtube.com pagead2.googlesyndication.com googleads.g.doubleclick.net broblogger.com
14	pagead2.googlesyndication.com	broblogger.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	www.youtube.com	broblogger.com www.youtube.com
8	www.google.com	4 redirects www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	broblogger.com googleads.g.doubleclick.net
4	www.gstatic.com	www.youtube.com www.gstatic.com googleads.g.doubleclick.net
4	jnn-pa.googleapis.com	www.youtube.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	onetag-sys.com	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	imagesrv.adition.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	broblogger.com connect.facebook.net
2	www.googletagmanager.com	broblogger.com www.googletagmanager.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	ad4.adfarm1.adition.com	1 redirects
1	ad2.adfarm1.adition.com	1 redirects
1	lh3.googleusercontent.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	region1.google-analytics.com	www.googletagmanager.com
1	z-na.amazon-adsystem.com	broblogger.com
174	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
api.follow.it
www.pinterest.com
www.amazon.com
bit.ly
invideo.sjv.io
www.articleforge.com
wpastra.com

Subject Issuer	Validity	Valid
broblogger.com Go Daddy Secure Certificate Authority - G2	`2023-01-09` - `2023-03-08`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon	`2022-01-17` - `2023-01-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-18` - `2023-01-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://broblogger.com/
Frame ID: 821898FF268D303BBBB0B3AE98A3C7F5
Requests: 50 HTTP requests in this frame

Frame: https://www.youtube.com/embed/irjPezCqHf8
Frame ID: 0EE14A9F434F9FA150CC710CA9DCB80B
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Frame ID: E5BD07D7D6AAE0168030D2090E327727
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&adk=1812271804&adf=3025194257&lmt=1673248398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fbroblogger.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248398272&bpp=5&bdt=886&idt=313&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7433503078226&frm=20&pv=2&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334
Frame ID: 3A34D9F2587DA9E3783CD508361FCD09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=280&adk=697371007&adf=2329691654&pi=t.aa~a.2806159774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673248398&rafmt=1&to=qs&pwprc=3922099570&format=1200x280&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248398277&bpp=1&bdt=891&idt=336&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uLPVhaGqR8&p=https%3A//broblogger.com&dtd=341
Frame ID: A5B8A1F70011944A75200A62C45A2C25
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17
Frame ID: E5B7E0E0F2F6AA8DB7F7F7908202F85F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
Frame ID: B5190DEF75A595446B3F88FA469ADBE3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9B03AD06571C0BE209864555980FD0FD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9F6AC5A1D18334CEB654699733B0553
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 494457CC31A8BC61D29B4E996D79682D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/index.html
Frame ID: A08A0964D3AF4678C8101BC44215361F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7426C54EA5D24F380E016D42FC226F7A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/728x90.html
Frame ID: 2F4A71D5858F881DE31CFA5D88FF4D8F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9C29BCA65D34D8EAE9F1D9D60722DAB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html
Frame ID: DE373A29625EFCBCE9B88E5B449BF764
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CgdG_j767Y7i9LtqK7_UP9tqhqAXM0OjNad3F5ZHRC5eKgOaNGBABIOGe6ZIBYJXa_YGUB6AB_4ew-QPIAQmpAjyTRQTK27E-qAMByANIqgTNAU_Qn6whoxBzrttX6BP1JD4tNyS8iyWJpDL4cQLWvnXN4gNhhgXV9BG10zuyCFlED_qG6fggXv-iTh3i42QddPC6i-fU88LjvaWj9Btf1kkUEMRzoojzg-MQpm5q06K1s2jc7ERy9OEkjMrZmeK_OPuU8ggwZisATRfB1eG4fuALP0fo4d6BBrbL9W2gAwBIJ3cmKtMrYnnZsSDQZcF2OyI4GF0DUluFI2HLjd5o6KPkWFxJYvyyrzFERGZkekF_BAe3Uh1Tcr2HewtV1PvABOCx5qiXApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfp988GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi98Q0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTE0NzQ4MjI2Njk1NjAxNBgA&sigh=mnhwdPjBpao&uach_m=[UACH]&cid=CAQSOwDq26N9Mn4WXNz2QV7h8oB1f46OkXbfEpGo7Kq_lp0Ze52jwq8qqTEjDQwiZsSPQ88SQVHqrZYyeyquGAEgEw&template_id=419
Frame ID: 9E31A447549771C79A2779DE681E8012
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6187E356745F7685E936DF0C690BAF4F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: 57B706AFE9CDE4FEF10F1AB0844C2EBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 34514C854B979E43A65859BD5F61FB96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A2BDB4EBE015862BACDF5316444B7AA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFD3C3DB5F3FA564675F9DD2DE30A93A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84EDE3AE2776A37E29F8BFC95A732083
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BroBlogger.Com Blogging about Life and Health

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

93 %
HTTPS

65 %
IPv6

24
Domains

34
Subdomains

28
IPs

6
Countries

3174 kB
Transfer

8530 kB
Size

22
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbroblogger.com%2Fhow-to-make-my-marriage-last-forever%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Hey%2C+check+out+this+cool+site+I+found%3A+www.yourname.com+%23Topic+via%40my_twitter_name&url=https%3A%2F%2Fbroblogger.com%2Fhow-to-make-my-marriage-last-forever%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://api.follow.it/widgets/icon/dVdaVW1HSlZtVU1ibmlIL2pJTDVqSTc1QjRlbU5TZUQ1dXRUYUJUM2VpTVRVWHkxMXYyeUlQUEZNQTdTRjcyUWJRZDA3dTMwNlRtOWhWWDFvbjUrU2t0c0svdkk3V0hKc0p0TndnaS9NcVVxdGN3NC9MNFA5Tkhxemdjcmhpb1p8eTFnZktyTVV0QnE5QlB4c01abmxKb0Rhbms4ODZ4REZ3cUhBT2hSdUNPdz0=/OA==/
Title: Follow us

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https://broblogger.com/how-to-make-my-marriage-last-forever/
Title: Save

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbroblogger.com%2Fhow-to-know-if-you-are-in-love%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https://broblogger.com/how-to-know-if-you-are-in-love/
Title: Save

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbroblogger.com%2Ftips-for-a-first-date%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https://broblogger.com/tips-for-a-first-date/
Title: Save

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbroblogger.com%2Fhow-to-fix-a-sexless-marriage%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https://broblogger.com/how-to-fix-a-sexless-marriage/
Title: Save

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbroblogger.com%2Fmarriage-tips-for-creating-a-strong-foundation%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Hey%2C+check+out+this+cool+site+I+found%3A+www.yourname.com+%23Topic+via%40my_twitter_name&url=https%3A%2F%2Fbroblogger.com%2Fmarriage-tips-for-creating-a-strong-foundation%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/link/?url=https://broblogger.com/marriage-tips-for-creating-a-strong-foundation/
Title: Save

Search URL Search Domain Scan URL

URL: https://www.amazon.com/b?_encoding=UTF8&tag=broblogger04-20&linkCode=ur2&linkId=ae27d90b4ac7342f17e54cf5441bb833&camp=1789&creative=9325&node=20
Title: Hot Books On Relationships

Search URL Search Domain Scan URL

URL: https://bit.ly/3x6xjIy
Title: The Worlds Most Romantic, Unique And Fun Dating Ideas - For Singles Or Married Couples. Most Dates Cost Under $20

Search URL Search Domain Scan URL

URL: https://invideo.sjv.io/3PMkbd
Title: Make Money on YouTube with Videos

Search URL Search Domain Scan URL

URL: https://www.articleforge.com/?ref=a299e7
Title: Nifty Blogging Software

Search URL Search Domain Scan URL

URL: https://wpastra.com/
Title: Astra WordPress Theme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://ad2.adfarm1.adition.com/banner?sid=4785390&gdpr=&gdpr_consent=&kid=5628550&bid=17041967&wpt=C&ts=[timestamp] HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 153

https://ad4.adfarm1.adition.com/banner?sid=4786717&kid=5632531&bid=17049387&wpt=C&gdpr=&gdpr_consent= HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDUIPm6vTqG9AMsidNCjCmo&google_cver=1&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDUIPm6vTqG9AMsidNCjCmo&google_cver=1&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg&google_hm=a9KlL4WsRa2c4hJN8cRrnw==

Request Chain 162

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECpyvRk7fxOP4JsJxf9cixI&google_cver=1&google_push=AavPq0PqbRKb_dpZFeHzB177rwf7e3H_YApZnpNtTY0pwa_xOBrBg6I9C2VG3r7_MOxPqazs_S6HbvNxcLnY1Pw6xoJu8AlZjkdzow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PqbRKb_dpZFeHzB177rwf7e3H_YApZnpNtTY0pwa_xOBrBg6I9C2VG3r7_MOxPqazs_S6HbvNxcLnY1Pw6xoJu8AlZjkdzow&google_hm=eS1KWTRJVml4RTJwRzAuTlhpaTNwcG1TeDVDaFNuX1VheX5B

Request Chain 163

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENTMHtkwSeOQ7uYgANhOEyk&google_cver=1&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjEsYL13n0-USxOQqNgYmhMkkog HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENTMHtkwSeOQ7uYgANhOEyk&google_cver=1&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjEsYL13n0-USxOQqNgYmhMkkog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4ODI3ODAzNjM4MTE2MTg4NQ&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjEsYL13n0-USxOQqNgYmhMkkog

Request Chain 164

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENyU9qiTQRq2m5AXt8p5RPg&google_cver=1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_1 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_1&google_gid=CAESENyU9qiTQRq2m5AXt8p5RPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjYzMjAyNzM0NDQ5MDk2MzczMDk1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_1

Request Chain 165

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqyYJsiRiQ7DleY-OCBaL8&google_cver=1&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT179m19xPCH7J8Bfz2bQCevKdtqctwoY HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqyYJsiRiQ7DleY-OCBaL8&google_cver=1&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT179m19xPCH7J8Bfz2bQCevKdtqctwoY&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMUlJV0dGRTJ1RmxvVDVlYXNNdXBMTlRMZDdlbFZZS35B&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT179m19xPCH7J8Bfz2bQCevKdtqctwoY

Request Chain 166

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECypmj4Aa2uSMHbKv7J1xAk&google_cver=1&google_push=AavPq0PWfmyBd3pRM68l0yR0QC1EM9mEN93s0_Vw2tfPpPqgo5pfQIPvDLW4qizSOCR5NI7MjplPheVFqcElCamN0Cm1GNbkA3IP_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PWfmyBd3pRM68l0yR0QC1EM9mEN93s0_Vw2tfPpPqgo5pfQIPvDLW4qizSOCR5NI7MjplPheVFqcElCamN0Cm1GNbkA3IP_A HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

174 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
broblogger.com/ 156 KB
24 KB 787ms
378ms Document
text/html 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 472d82ca6eb21018079db8082245885b037fadea0fceb2a9dd6d505b7a4e5791

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 24538
content-type: text/html; charset=UTF-8
date: Mon, 09 Jan 2023 07:13:17 GMT
link: <https://broblogger.com/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding

GET
H2 200 main.min.css
broblogger.com/wp-content/themes/astra/assets/css/minified/ 40 KB
8 KB 167ms
166ms Stylesheet
text/css 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.0
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: ba71d7360fc084690191be50fae228b204839bff0cd2e2c2265b7d924e5b030a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Thu, 21 Jul 2022 13:56:25 GMT
server: Apache
etag: "3b00bf6-9e45-5e45115566c3a-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7697

GET
H2 200 css
fonts.googleapis.com/ 774 B
896 B 82ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Black%3A400%2C&display=fallback&ver=3.9.0

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e08ccb82bf7d124299353bb019e263eab5333764509ed36d064f9c6f88d6847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 07:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 07:13:17 GMT

GET
H2 200 style.min.css
broblogger.com/wp-includes/css/dist/block-library/ 93 KB
11 KB 213ms
213ms Stylesheet
text/css 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Wed, 16 Nov 2022 00:46:50 GMT
server: Apache
etag: "4b41822-172a9-5ed8bced9df5f-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 11590

GET
H2 200 email-subscribers-public.css
broblogger.com/wp-content/plugins/email-subscribers/lite/public/css/ 2 KB
733 B 162ms
162ms Stylesheet
text/css 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.5.6
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 12:47:05 GMT
server: Apache
etag: "3a606fb-85d-5f16f94e4a06d-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 652

GET
H2 200 sfsi-style.css
broblogger.com/wp-content/plugins/ultimate-social-media-icons/css/ 80 KB
12 KB 224ms
223ms Stylesheet
text/css 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: edaa3dff3f45cdad5d62fb8cbd1b68a419f4fdb0189ccb93039f06b501c0b15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de3089-13e04-5e02d720ef586-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12425

GET
H2 200 cropped-Broblog2-3-526x197.jpg
broblogger.com/wp-content/uploads/2022/04/ 9 KB
9 KB 183ms
182ms Image
image/jpeg 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/uploads/2022/04/cropped-Broblog2-3-526x197.jpg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 4c51d3613036e86964d98966fac62f809522127ab1ff39a578928c6279f0b523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Tue, 14 Jun 2022 14:16:26 GMT
server: Apache
accept-ranges: bytes
etag: "3ae343b-2567-5e1690cd49622"
content-length: 9575
content-type: image/jpeg

GET
H2 200 HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v17/ 18 KB
19 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivoblack/v17/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Black%3A400%2C&display=fallback&ver=3.9.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://broblogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 16:16:02 GMT
x-content-type-options: nosniff
age: 140235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18604
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:16:02 GMT

GET
H2 200 marriage.jpg
broblogger.com/wp-content/uploads/2022/07/ 35 KB
36 KB 307ms
307ms Image
image/jpeg 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/uploads/2022/07/marriage.jpg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: c9337d88c61c2e6d6e95a450dd6dec597e8e041244ea61e0ac905606cc5c5fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Thu, 21 Jul 2022 22:06:28 GMT
server: Apache
accept-ranges: bytes
etag: "3ae145b-8cdc-5e457edf1f3b6"
content-length: 36060
content-type: image/jpeg

GET
H2 200 facebook.svg
broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/ 387 B
308 B 373ms
372ms Image
image/svg+xml 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/facebook.svg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 4f50287e7121727ee1c1f2a124d8de06e77338ac060068da4447887d1d101c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de334e-183-5e02d72176d8b-br"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 238

GET
H2 200 Twitter.svg
broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/ 1 KB
595 B 373ms
372ms Image
image/svg+xml 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/Twitter.svg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: e8dde8a5e065f7b73ba896c804ee3538298133d2fca113de1e846a37b43090fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de3352-40c-5e02d72176d8b-br"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 537

GET
H2 200 Follow.png
broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/ 2 KB
2 KB 333ms
332ms Image
image/png 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/Follow.png
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 2bd732c0b3798d92e25ddf695322718e6b972fed8485ba698af1ae1c7e951c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
accept-ranges: bytes
etag: "4de3349-85c-5e02d721769a3"
content-length: 2140
content-type: image/png

GET
H2 200 Pinterest.svg
broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/ 1 KB
665 B 373ms
372ms Image
image/svg+xml 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/images/responsive-icon/Pinterest.svg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: e9b74f7a020962a1569b0576896a84518052f13c5f1126f5a310ef23fcf46308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de3354-508-5e02d72176d8b-br"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 607

GET
H2 200 irjPezCqHf8 Show response
www.youtube.com/embed/ Frame 0EE1 67 KB
28 KB 206ms
114ms Document
text/html 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/irjPezCqHf8

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a2c945ac93b545ba9afdfa3a8df16557094cc05ea86b148b412265b2eaf6878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 spinner.gif
broblogger.com/wp-content/plugins/email-subscribers/lite/public/images/ 3 KB
3 KB 331ms
329ms Image
image/gif 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Wed, 04 Jan 2023 12:47:05 GMT
server: Apache
accept-ranges: bytes
etag: "3a60ab4-c88-5f16f94e4a83d"
content-length: 3208
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
68 KB 84ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KPCKNP1GPN

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45d698e3fcc1315185ff96165c300fe3c8bd44fd075afefd33a480aa4ff087a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Jan 2023 07:13:17 GMT

GET
H2 200 wp-emoji-release.min.js Show response
broblogger.com/wp-includes/js/ 18 KB
5 KB 360ms
360ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 00:47:30 GMT
server: Apache
etag: "4b41904-48b9-5dfcb6b085701-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4614

GET
H2 200 frontend-gtag.min.js Show response
broblogger.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 453ms
449ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 00:48:12 GMT
server: Apache
etag: "3a8080e-2e7a-5efaaf97d50c1-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3018

GET
H2 200 jquery.min.js Show response
broblogger.com/wp-includes/js/jquery/ 88 KB
30 KB 476ms
472ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 12:49:25 GMT
server: Apache
etag: "4b42413-15e54-5ec7c45397297-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30350

GET
H2 200 jquery-migrate.min.js Show response
broblogger.com/wp-includes/js/jquery/ 11 KB
4 KB 450ms
445ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sat, 06 Mar 2021 16:13:09 GMT
server: Apache
etag: "4b41989-2bd8-5bce07a0abac1-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3998

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 25 KB
8 KB 524ms
433ms Script
application/javascript 99.86.234.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=284e3c79-4206-44e7-994d-4ec30c67eacf
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.234.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-234-31.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 9b2b89ce2d7d83e2b05ec03c40dce23232a8155f8cafbcf0d2fb58e3529a4064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: Public
date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
content-length: 8259
x-amz-cf-id: WsxxC_xHxENbppUNGpASOExjGgqyrvGLiykSHv_HTkwgsSlWT0xu2w==
expires: Mon, 09 Jan 2023 07:18:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
49 KB 172ms
79ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9147482266956014

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61fa444db527da2119ee3720001210b6f77ba7ababe6955f1b1e90678f4f12ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Origin: https://broblogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49884
x-xss-protection: 0
server: cafe
etag: 7518202403556389986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 07:13:17 GMT

GET
H2 200 frontend.min.js Show response
broblogger.com/wp-content/themes/astra/assets/js/minified/ 16 KB
4 KB 450ms
446ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.0
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 0bfa78534c298411845229e6dee89bfd935ed71c8aa64add2b06f8c31c5daf6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Thu, 21 Jul 2022 13:56:24 GMT
server: Apache
etag: "3b00b80-4184-5e45115551860-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3796

GET
H2 200 email-subscribers-public.js Show response
broblogger.com/wp-content/plugins/email-subscribers/lite/public/js/ 4 KB
1 KB 449ms
446ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.5.6
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: f0d756fbeb3274d62775e709e479063afa849c753728e5d356280ef1ffd6586d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 12:47:05 GMT
server: Apache
etag: "3a606d8-11c7-5f16f94e4989d-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1437

GET
H2 200 core.min.js Show response
broblogger.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 450ms
447ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 12:49:25 GMT
server: Apache
etag: "4b4199c-53c0-5ec7c4539479f-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6809

GET
H2 200 modernizr.custom.min.js Show response
broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 3 KB
1 KB 474ms
471ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.1.1
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de28e8-c11-5e02d720eda2e-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1373

GET
H2 200 jquery.shuffle.min.js Show response
broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 11 KB
4 KB 450ms
447ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.1.1
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de28e7-2cdc-5e02d720eda2e-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3956

GET
H2 200 random-shuffle-min.js Show response
broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 1 KB
675 B 448ms
445ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.1.1
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de28e5-5c0-5e02d720eda2e-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 618

GET
H2 200 custom.js Show response
broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/ 30 KB
6 KB 448ms
446ms Script
application/javascript 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: cb47b561f47e3d106d419bdd7721a3a26a00c36e20ce6f1bfa3c6d13cdb8c76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de28f1-76c7-5e02d720ede16-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5678

GET
H2 200 inlove.jpg
broblogger.com/wp-content/uploads/2022/07/ 30 KB
31 KB 435ms
434ms Image
image/jpeg 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/uploads/2022/07/inlove.jpg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 0a710ffb4db5ea7afcac0ea49847155dfd00ddd711ef6e998dc4e506675ab912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Wed, 20 Jul 2022 15:53:49 GMT
server: Apache
accept-ranges: bytes
etag: "3ae1451-7900-5e43e9b5c7b6a"
content-length: 30976
content-type: image/jpeg

GET
H2 200 dating.jpg
broblogger.com/wp-content/uploads/2022/07/ 25 KB
25 KB 440ms
439ms Image
image/jpeg 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/uploads/2022/07/dating.jpg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 7a5e7197f364c0bdf7d3aa64d71e221561ff4746f54f3eb074be78b964c1e54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Wed, 20 Jul 2022 15:07:29 GMT
server: Apache
accept-ranges: bytes
etag: "3ae022b-6359-5e43df5b1226b"
content-length: 25433
content-type: image/jpeg

GET
H2 200 sexless.png
broblogger.com/wp-content/uploads/2022/07/ 230 KB
232 KB 439ms
439ms Image
image/png 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/uploads/2022/07/sexless.png
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 41195b4e82e2bfefe638885b1d44e952af89dae1e5a42916dba0964beb20fc4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Mon, 18 Jul 2022 17:00:13 GMT
server: Apache
accept-ranges: bytes
etag: "3ae0233-397d1-5e4174d258e74"
content-length: 235473
content-type: image/png

GET
H2 200 CartoonMakerb19fc0d9c350641af57506026e6ba336-683x1024.jpg
broblogger.com/wp-content/uploads/2022/06/ 136 KB
137 KB 439ms
439ms Image
image/jpeg 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broblogger.com/wp-content/uploads/2022/06/CartoonMakerb19fc0d9c350641af57506026e6ba336-683x1024.jpg
Requested by: Host: broblogger.com
URL: https://broblogger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: a1ff6a25d00fa4812292bb77456e0f6aad9e3423fdd6f7254149dbdfdbef93fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
last-modified: Tue, 14 Jun 2022 14:05:46 GMT
server: Apache
accept-ranges: bytes
etag: "3ae22d1-22036-5e168e6b1b0cc"
content-length: 139318
content-type: image/jpeg

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 80ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KPCKNP1GPN&gtm=2oe120&_p=260011803&gdid=dZGIzZG&cid=952981580.1673248398&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673248397&sct=1&seg=0&dl=https%3A%2F%2Fbroblogger.com%2F&dt=BroBlogger.Com%20Blogging%20about%20Life%20and%20Health&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPCKNP1GPN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://broblogger.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-251291-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPCKNP1GPN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdb3c0eee82b69897cccf47a9f566f099d004761c26e7c8aa2553db555621374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45297
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Jan 2023 07:13:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-251291-6&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Jan 2023 05:50:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4960
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 09 Jan 2023 07:50:37 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame 0EE1 360 KB
49 KB 108ms
36ms Stylesheet
text/css 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EE1 15 KB
15 KB 66ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 474710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EE1 15 KB
15 KB 72ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 18:59:48 GMT
x-content-type-options: nosniff
age: 476009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 Jan 2024 18:59:48 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame 0EE1 339 KB
107 KB 133ms
78ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:47 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 0EE1 2 MB
597 KB 145ms
90ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:27:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611344
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:27:37 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame 0EE1 9 KB
3 KB 132ms
77ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:47 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 61ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 09 Jan 2023 07:53:46 GMT

GET
H2 200 helvetica_0-webfont.woff
broblogger.com/wp-content/plugins/ultimate-social-media-icons/css/fonts/ 25 KB
25 KB 336ms
336ms Font
font/woff 173.201.188.181
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/css/fonts/helvetica_0-webfont.woff
Requested by: Host: broblogger.com
URL: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.188.181 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 181.188.201.173.host.secureserver.net
Software: Apache /
Resource Hash: d9a333df1a7c419570f41e94ad240501efc51081a553226be8c2970a81bbcb9e

Request headers

Referer: https://broblogger.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
Origin: https://broblogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:17 GMT
content-encoding: br
last-modified: Sun, 29 May 2022 21:44:35 GMT
server: Apache
etag: "4de30d3-6554-5e02d720f18ae-br"
vary: Accept-Encoding
content-type: font/woff
accept-ranges: bytes
content-length: 25839

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 26ms
26ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=260011803&t=pageview&_s=1&dl=https%3A%2F%2Fbroblogger.com%2F&ul=en-us&de=UTF-8&dt=BroBlogger.Com%20Blogging%20about%20Life%20and%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=1155276888&gjid=297397959&cid=952981580.1673248398&tid=UA-251291-6&_gid=844581153.1673248398&_r=1&gtm=2ou120&did=dZGIzZG&gdid=dZGIzZG&z=1985399007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://broblogger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://broblogger.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0EE1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

112ms
70ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1cf11863a20f812fe4f02944d3d717b927e2ed2f9320d7f34ffbf55590b4c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Jan 2023 07:13:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0EE1 29 B
588 B 74ms
20ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 06:58:44 GMT
x-content-type-options: nosniff
age: 874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Jan 2023 07:13:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 76ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d307871ee9feca92730822e1e742511df83accc7b0f36d38f8e9f461d142e786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Jan 2023 07:13:18 GMT
content-md5: 2pVX24abTl649lgK04y3wg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: z/29/1KdfAv6qRBD5GHWrf6cFzx5QsS/Irbg1IbnFHcFEBZ6rNK9fNm7HNUcUFGTGO//+SJUW5wh+T3Kmzaafw==
x-fb-trip-id: 917726464
x-fb-content-md5: 197902b177e65ee0de7a44a6e941ac1e
cross-origin-opener-policy: same-origin-allow-popups
etag: "47016ab940ffba7b32f8034cca38836d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 07:23:48 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 83ms
29ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 09 Jan 2023 07:13:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0EE1 66 KB
30 KB 86ms
39ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b661b2f95d196676697034b00a4fc28ce1c2cf362e40454e44e27bbdfaf5ed4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30814
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 0EE1 119 KB
36 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37321
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:27:56 GMT

GET
H2 200 _mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response
www.google.com/js/th/ Frame 0EE1 36 KB
15 KB 121ms
34ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 08:22:04 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 0EE1 26 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:27:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:27:59 GMT

GET
DATA 200
OK truncated
/ Frame 0EE1 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Fc83lRdiM43-6EzSlf9RqEoDsDqT906QJNBvXyf-EjZ8pDjLki5wzIiUXqo57EaGTnNnWFVIQP0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0EE1 4 KB
4 KB 101ms
38ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Fc83lRdiM43-6EzSlf9RqEoDsDqT906QJNBvXyf-EjZ8pDjLki5wzIiUXqo57EaGTnNnWFVIQP0=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

120891e5601ab6ccfdb175bb26236890337c9e6efcb03477026277e2c6f12be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3729
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 08 Jan 2023 19:15:29 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/irjPezCqHf8/ Frame 0EE1 26 KB
26 KB 117ms
68ms Image
image/webp 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/irjPezCqHf8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f762174c5f20139aedca847b6dd15c6ca4ba06bcf02236d80abf692533d05811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
x-content-type-options: nosniff
server: sffe
etag: "1650836556"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26200
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 09 Jan 2023 09:13:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 167ms
88ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9147482266956014&plah=broblogger.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9147482266956014

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b9f1fe3649d8d3f1cbb6b4c619949311e720b6a8ee420345aa68f9c3f50013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119962
x-xss-protection: 0
server: cafe
etag: 9231759674129579685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 07:13:18 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/ Frame E5BD 10 KB
4 KB 73ms
22ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9147482266956014

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 15:48:29 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 15:48:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 54ms
29ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2977d64b19ca9b033da9b0b73728a1d2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66bda6a480b0e6bddc8bc87ba9eaebb14bc61d13252e4a35ce3ece36361a0218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://broblogger.com/
Origin: https://broblogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Jan 2023 07:13:18 GMT
content-md5: 0X+PbnFgZMNVIeG3eZEHdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86925
x-fb-rlafr: 0
x-fb-debug: /s5pQ1WmvJ6XplKcws9n+1Fcs+JuhyllkH89cHK9cT9yLtKZNdJsU0qd6MbQHJ1aD0abDXsLRkSXG2EhCJJ2uA==
x-fb-content-md5: afa045200f8529bef730c0021166dcdc
cross-origin-opener-policy: same-origin-allow-popups
etag: "d644ba303d286f5222a8d3c8654c1ee9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Jan 2024 05:42:56 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0EE1 4 KB
3 KB 93ms
31ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 0EE1 0
10 B 35ms
34ms Image
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?QrzB2g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/irjPezCqHf8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/irjPezCqHf8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0EE1 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4485def080ef2520e765df11e676f872e7306134c9eaad4870f0dfb82bccc83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
30ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 09 Jan 2023 07:13:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 0EE1 52 KB
15 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 20:21:53 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
703 B 160ms
56ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=broblogger.com&callback=_gfp_s_&client=ca-pub-9147482266956014&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9147482266956014&plah=broblogger.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41e2cfb68bc1557bb7122a4b2100da7dc847814b926d0aec3adee55b11dd2a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 156ms
55ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=broblogger.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 144ms
56ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=broblogger.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A34 371 KB
65 KB 1046ms
1046ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&adk=1812271804&adf=3025194257&lmt=1673248398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fbroblogger.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248398272&bpp=5&bdt=886&idt=313&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7433503078226&frm=20&pv=2&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d029da9682d8304c239097f8742e4942035002d8693944345b59b75e224aded2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 66693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:19 GMT
expires: Mon, 09 Jan 2023 07:13:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5B8 83 KB
30 KB 1287ms
1287ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=280&adk=697371007&adf=2329691654&pi=t.aa~a.2806159774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673248398&rafmt=1&to=qs&pwprc=3922099570&format=1200x280&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248398277&bpp=1&bdt=891&idt=336&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uLPVhaGqR8&p=https%3A//broblogger.com&dtd=341

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da71934d1a3e7371d751e74a1e9962ceeaf8877500980eaae6f57ebd344821c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30918
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:19 GMT
expires: Mon, 09 Jan 2023 07:13:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 101ms
101ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fb5a8c85b1b894c30cd6764dff1898456c725106eb56b2f383c05f0871bb99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 9333392164722382209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 07:13:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 77ms
28ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=broblogger.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
55ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=broblogger.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5B7 132 KB
43 KB 455ms
455ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a31b029111da913085b1fa1c134fa60028863f442fa3387a07cf736a619bf3b3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjA9IP4ufwCFVrFuwgddm0IVQ&gqi=j767Y9fxLcSQ9u8P_NSSyAQ&layout=/sadbundle/%24csp%253Der3%24/139051849006851566/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44105
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjA9IP4ufwCFVrFuwgddm0IVQ&gqi=j767Y9fxLcSQ9u8P_NSSyAQ&layout=/sadbundle/%24csp%253Der3%24/139051849006851566/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
expires: Mon, 09 Jan 2023 07:13:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B519 98 KB
37 KB 1081ms
1080ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6c42da14ae3ce0b3621464b9e2ab7cacf5bd49b94154a83ef15b473422d3dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 37628
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
expires: Mon, 09 Jan 2023 07:13:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame 9B03 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:55:16 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 07:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame E9F6 10 KB
4 KB 22ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:55:16 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 07:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/ Frame 4944 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:55:16 GMT
etag: 10353107486223812946
expires: Sun, 22 Jan 2023 07:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9B03 3 KB
601 B 73ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 07:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 07:08:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 07:13:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 9B03 2 KB
846 B 161ms
71ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 9B03 22 KB
9 KB 121ms
33ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 9B03 3 KB
1 KB 160ms
73ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 9B03 18 KB
7 KB 124ms
37ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B03 156 KB
48 KB 180ms
75ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 9B03 34 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 15:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 15:30:14 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/ Frame A08A 81 KB
21 KB 147ms
74ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/index.html

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

939bd5e7cc2c0d907e58df3a1871bb0d1230329575c45933e484ba2dd67c153f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 110800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19604
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 00:26:39 GMT
expires: Mon, 08 Jan 2024 00:26:39 GMT
last-modified: Fri, 21 Oct 2022 16:01:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7426 143 B
166 B 22ms
22ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 06:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame E9F6 3 KB
1 KB 161ms
90ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame E9F6 18 KB
7 KB 113ms
42ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H2 200 728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/ Frame 2F4A 71 KB
14 KB 145ms
92ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/728x90.html

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88508ef238d0fba1223b4b56c9b50045a7c17a25207cfde5829010a172407cd2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 131000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 14187
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 18:50:00 GMT
expires: Sun, 07 Jan 2024 18:50:00 GMT
last-modified: Tue, 11 Oct 2022 16:04:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4944 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CptELjr67Y7TUJ42oZ5KrqPAGpcfglG366sOq-w_OlPb0zyoQASDhnumSAWCV2v2BlAegAYrN1JooyAEJqQI8k0UEytuxPqgDAcgDSKoEzwFP0BV00xHcDxboAOGxILk0zEv3ImarPIhMhFy-kWulaKmY6pxPRMzK16AWNS8MIdBuKKkccYwki3Nm2x2G6zxHGVv5kuAK5MyZtpQFa8CFyeUdGSzcMVU1lS_I19vjpVW0Rjt5Kfu3AapsD2ewZyHZK1FmdsIgbI_YJtQhNqeE0EIoZo2SA0SgPvfkKWLDUGCB4AYbFWP9VhvuFRBTfnkY-rgCCvOag0Ttm22HuY87wtyoPlO8RTdlgvFf62CpswXsfSIsuIp8WO0nFBH12pnABNrStf3qA5IFBAgEGAGSBQQIBRgEoAYugAeKhaX6AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPeJSNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTkxNDc0ODIyNjY5NTYwMTQYAA&sigh=0b-MTzTf10Y&uach_m=[UACH]&cid=CAQSGwDq26N9ylDhWVD-qAGxwXyKc3eRa5_C-yyn-BgBIBM&template_id=419

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Jan 2023 07:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Jan 2023 07:13:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 4944 22 KB
9 KB 117ms
65ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame A5B8 7 KB
3 KB 129ms
88ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=280&adk=697371007&adf=2329691654&pi=t.aa~a.2806159774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673248398&rafmt=1&to=qs&pwprc=3922099570&format=1200x280&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248398277&bpp=1&bdt=891&idt=336&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uLPVhaGqR8&p=https%3A//broblogger.com&dtd=341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:49:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A5B8 6 KB
672 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 07:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 05:53:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 07:13:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5B8 156 KB
48 KB 179ms
124ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame A5B8 33 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 20:47:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7426
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
expires: Mon, 09 Jan 2023 07:13:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9F6 156 KB
48 KB 102ms
102ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9C2 143 B
166 B 21ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 06:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 4944 3 KB
1 KB 106ms
34ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 4944 18 KB
7 KB 111ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A08A 16 KB
6 KB 99ms
35ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 04:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Jan 2023 04:12:58 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A08A 34 KB
13 KB 108ms
44ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Jan 2023 15:59:13 GMT

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame A5B8 0
50 KB 151ms
82ms Other
application/webbundle 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/subresource.wbn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51120
x-xss-protection: 0
server: cafe
etag: 5372672275828428658
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame A5B8 2 KB
2 KB 149ms
149ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A5B8 0
0 67ms
65ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDCxxjr67Y_2XJ5767_UPw6KqaMia0qBuj8S26PQOpvGG46ACEAEg4Z7pkgFgldr9gZQHoAHmnvmFA8gBCakCPJNFBMrbsT6oAwHIA8sEqgTUAU_QRtmoWARSx832DHSejhsfP1jKwbx3h-kBjVVNz3RO_FGiSZ37qFfW_-Zij7JCvQVXbuVVlJAAn6iGoa7mgCDEk_KR1rVJ_lTTl-QBLh8BSlTVh5iNqZMCjJTidmNZFH9SYFL1rT2V96nIuAaAPHXO0PryoInF-WpwFaU_TO2pmmi-5FINEo7A4VnTfmZN5Iri0_tQIJZ5st4Os9XoXqGIngi93lJT786cf7Wi3ptuEry9ZXidmLeRriru5cI8Gktum0ZlF9Mmow6QWq0UFmoytemlwATV6fze3AOSBQQIBBgBkgUECAUYBKAGLoAHguGGeqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMPfGNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi05MTQ3NDgyMjY2OTU2MDE0GAA&sigh=aBepFG235Eg&uach_m=[UACH]&cid=CAQSGwDq26N9I8-rExOFlhUrcCwnOjpg1tptd2xaIBgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=280&adk=697371007&adf=2329691654&pi=t.aa~a.2806159774~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673248398&rafmt=1&to=qs&pwprc=3922099570&format=1200x280&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248398277&bpp=1&bdt=891&idt=336&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uLPVhaGqR8&p=https%3A//broblogger.com&dtd=341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Jan 2023 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame A5B8 22 KB
22 KB 179ms
179ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

f083e25c4a7f7c30b24b83f511e6b2b1b688d8c6a8ab2703c5387d9f1a0429e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2F4A 6 KB
3 KB 98ms
54ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 21:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Jan 2023 21:29:21 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2F4A 34 KB
13 KB 100ms
56ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Jan 2023 15:59:13 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15005528673747013779/ Frame A5B8 15 KB
15 KB 103ms
65ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15005528673747013779/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50a520e2603adc04969921d47cd0518ce75498eff350b49f5ee5c614d7e041a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 23:19:27 GMT
x-content-type-options: nosniff
age: 201233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15253
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:15:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jan 2024 23:19:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

124ms
124ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
expires: Mon, 09 Jan 2023 07:13:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4944 156 KB
48 KB 168ms
96ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
DATA 200
OK truncated
/ Frame 4944 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b33defb1b2f8c62404dbe1179e457c7561c06ef0b83aa1e062ed0a894586a710

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/ Frame DE37 74 KB
18 KB 35ms
35ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb027ef2b3b3ce494231674960eb07c481529531ffcdf4c5461ec559a3afadc6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18088
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 10:11:40 GMT
expires: Sat, 06 Jan 2024 10:11:40 GMT
last-modified: Wed, 24 Jun 2020 13:02:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9E31 0
0 67ms
65ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgdG_j767Y7i9LtqK7_UP9tqhqAXM0OjNad3F5ZHRC5eKgOaNGBABIOGe6ZIBYJXa_YGUB6AB_4ew-QPIAQmpAjyTRQTK27E-qAMByANIqgTNAU_Qn6whoxBzrttX6BP1JD4tNyS8iyWJpDL4cQLWvnXN4gNhhgXV9BG10zuyCFlED_qG6fggXv-iTh3i42QddPC6i-fU88LjvaWj9Btf1kkUEMRzoojzg-MQpm5q06K1s2jc7ERy9OEkjMrZmeK_OPuU8ggwZisATRfB1eG4fuALP0fo4d6BBrbL9W2gAwBIJ3cmKtMrYnnZsSDQZcF2OyI4GF0DUluFI2HLjd5o6KPkWFxJYvyyrzFERGZkekF_BAe3Uh1Tcr2HewtV1PvABOCx5qiXApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfp988GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi98Q0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTE0NzQ4MjI2Njk1NjAxNBgA&sigh=mnhwdPjBpao&uach_m=[UACH]&cid=CAQSOwDq26N9Mn4WXNz2QV7h8oB1f46OkXbfEpGo7Kq_lp0Ze52jwq8qqTEjDQwiZsSPQ88SQVHqrZYyeyquGAEgEw&template_id=419

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Jan 2023 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 9E31 22 KB
9 KB 36ms
34ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 9E31 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 9E31 18 KB
7 KB 39ms
37ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9E31 0
0 56ms
54ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb1kXf6teJbn2s3Ci1bw_D5trfBlzbpsx7qpU_nY3StCmFWec1FknswaWMCji13eEzuQT8-eQxA64LrUxa98UuRQ5iJg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E31 156 KB
48 KB 145ms
143ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/ Frame A08A 3 KB
3 KB 37ms
36ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/Logo.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6bf212551d0d73f02a62d4c317004ef9a56631cfb3615a6e6e45519e93ee7d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 08 Jan 2023 00:26:39 GMT
x-content-type-options: nosniff
age: 110801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3046
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 16:01:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jan 2024 00:26:39 GMT

GET
H3 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/ Frame A08A 3 KB
3 KB 38ms
37ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/CTA.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb43a04359c7334c6cc6551d81f9e5ec0ceac67b6e158319f6da7195bda3b33f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 08 Jan 2023 00:26:39 GMT
x-content-type-options: nosniff
age: 110801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3095
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 16:01:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jan 2024 00:26:39 GMT

GET
H3 200 Sub.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/ Frame A08A 9 KB
9 KB 40ms
39ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/Sub.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead4182fc526e266914f8a9169391b104d2d22138b3307c310de5fdf3f8eca59

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 08 Jan 2023 00:26:39 GMT
x-content-type-options: nosniff
age: 110801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9622
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 16:01:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jan 2024 00:26:39 GMT

GET
H3 200 Title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/ Frame A08A 12 KB
12 KB 38ms
38ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/Title.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0302fcf9ee08aa92dc83d60a9016ea9b622c772d1d67552c9b8e42efaad02dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 05 Jan 2023 03:00:02 GMT
x-content-type-options: nosniff
age: 360798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11918
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 16:01:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 03:00:02 GMT

GET
H3 200 BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/ Frame A08A 30 KB
30 KB 43ms
42ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/BG.jpg

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6f6180e8182066c72502df9beebefc587725f753f38ba3fd1734c95f44de39c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 08 Jan 2023 00:26:39 GMT
x-content-type-options: nosniff
age: 110801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30449
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 16:01:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jan 2024 00:26:39 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F4A 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:08:56 GMT

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame A5B8 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame A5B8 18 KB
18 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

762e099f22e55c98c3ce28471e89988246aeb3460b3dd578558324901322c698

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame A5B8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 141879e39fe5666f8b1ca0d599d29b2bd1c2d675d707a7411e6e427c077676a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DE37 16 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 04:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Jan 2023 04:12:58 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DE37 34 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Jan 2023 15:59:13 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A5B8 15 KB
16 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 266631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A5B8 15 KB
15 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:22:20 GMT
x-content-type-options: nosniff
age: 211860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:22:20 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A5B8 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 237507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 13:14:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6187 143 B
166 B 22ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 06:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9E31 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 805856baeda07af4f2f9e1e39ee572d39cf711bda0f5437d12fdcf2bf77dbe9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9E31 0
20 B 137ms
68ms Other
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjA9IP4ufwCFVrFuwgddm0IVQ&gqi=j767Y9fxLcSQ9u8P_NSSyAQ&layout=/sadbundle/%24csp%253Der3%24/139051849006851566/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 57B7 36 KB
16 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:08:56 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6187
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
31ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
expires: Mon, 09 Jan 2023 07:13:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame DE37 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:08:56 GMT

GET
H3 200 160-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/ Frame DE37 12 KB
12 KB 36ms
35ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/160-1.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acd459134ed7757f4730855335dc242dc01744337bf9f1fb2e89a86acc0fe427

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 07 Jan 2023 11:56:22 GMT
x-content-type-options: nosniff
age: 155818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12169
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 13:02:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 11:56:22 GMT

GET
H3 200 160-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/ Frame DE37 16 KB
16 KB 38ms
38ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/160-2.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f994877b9f65efb0c61ab270936d341d0ae9dc8009f96470efdb837bdb949bf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 06 Jan 2023 10:11:41 GMT
x-content-type-options: nosniff
age: 248499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16554
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 13:02:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jan 2024 10:11:41 GMT

GET
H3 200 160-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/ Frame DE37 15 KB
15 KB 37ms
36ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/139051849006851566/160-3.png

Requested by

Host: broblogger.com
URL: https://broblogger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c5fb25d8fa1ea2bec428ca1319fe2bc4359b136f4e1b3bf6bf72c1c7b5e1c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 06 Jan 2023 10:11:41 GMT
x-content-type-options: nosniff
age: 248499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15416
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 13:02:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jan 2024 10:11:41 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0EE1 28 B
54 B 63ms
62ms XHR
application/json 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1673248400639
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/irjPezCqHf8
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtlN04wZmdvRkhzayiN_e6dBg%3D%3D
X-YouTube-Ad-Signals: dt=1673248398013&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B519 6 KB
672 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 06:21:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B519 6 KB
672 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 06:05:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame B519 35 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34507612671884f0dfaff03895673df5df313499a4276be9eed4dea170d2c6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 08:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14239
x-xss-protection: 0
server: cafe
etag: 10435366731557746102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 08:50:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B519 156 KB
48 KB 100ms
99ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame B519 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
server: cafe
etag: 5139089157766378523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame B519 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame B519 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:12:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B519 0
0 59ms
59ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRv4GMo-VAjb58dA2B5jcYuat9IMf6XH_ZTTuEr-Z_FxgnlNX1zDEp_B9AnEnlCbObdLHTOTX_J4w1A8ssdr-W4QRClNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 vscelzkLYYlM31Ztud7IOwHzvcx6qqGITvkIDgJcjaOOpZI_1tjgijQOTfw0jimv8-NOoUWy8-imwEkkkrXiMrlosuJNw59b=w720-h377-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame B519 60 KB
60 KB 86ms
21ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/vscelzkLYYlM31Ztud7IOwHzvcx6qqGITvkIDgJcjaOOpZI_1tjgijQOTfw0jimv8-NOoUWy8-imwEkkkrXiMrlosuJNw59b=w720-h377-rj-pd-pc0x00e9e9e9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecff8944f1e10f0c28bb2c7fd1eaa7c3a43c3737bde0e0c97e2114caa30d7886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 06:51:58 GMT
x-content-type-options: nosniff
server: fife
age: 1282
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61495
x-xss-protection: 0
expires: Tue, 10 Jan 2023 06:51:58 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B519 42 B
63 B 60ms
48ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwVH5Bbgg9nyZ1_Kk07bqQ_wy5D52_ZE8zEd7QkdcITAbieGQGGOzc5T7f5QmuhrbwtzVSATFhgmsBNX7Z7vLls6ErJ5S5jifjQzM0CJnq_Mj068dFk9nSG3ZNdcmdaK-JCqXNnHPggeLRYiWUHDnT5AEYeoTMLGrI8JROHMljIKQK71M&dbm_d=AKAmf-CHT83QtTffBlZ7yq1qjtH32GkueCErjERqekaGFRtOCGnJRPK80ynLwvvhphXDnm8IbEStXnJNscmisNAaMxzgnXq_hDA0vPU4nQ5Ko1ubyh9MkG4iic2iLSc54rVMfBBZlzUJh5SlIsIk0aMf4qVkncASynzQR6L9Ey8wF2DxwkBE_xHsA6L7cWCr05N_l2NR_-UH_nPUP5tKsqcOoay0iCjBgKHRLNcGCi4CXsIGXF--W-bd_1zFa_5h4FlARe0FjPhPTyCzvE8r1gqkg0s0iQ5kzhsWwvSv7gYEOWQWLSX0p1sMEX-wlz0z56Wx3TibHHQS74KTVxRN1YWO9PFedIaHGKzRUhqJrRQ2w3ldDEknI6-K1B0KBRAgw5MGmmVuWvrkFyPyr_9Nt1uFAmLBp_FpbruDoLwZab5h-D8UU9kzLBoghIYv4YniTbT6Hnabw62GBxxaakGnVrm8WsBzFGUA4NH7SCzwoy1jqtHOi_xLPQzMFOBttRNQrSG8ShItcOBt6q4pfypNofKHVBFMO4SX8ImAHH5XJRVkG3gBeOxNyKpicgZc7TYOT-WJWAGIucnoX7xq2mLX70kB5S8nGduZx6CBd6vsxCrvnJspyiP8SriMKjNMsmJYqvqUIGU7uQPrknY50hTWVzcHJeenveDNLh1JyNRk0YScijbhVJSqEN1nVjysQ_0uf993ogrhr3BjEzeXT77X89siS5X6S3w8ENXCftqEke-h0YOsIHEmxH1mpcWWTnMTf0Vph_1rnY7zqzDMMl6HPncA70GA-vq2NY5fD7fibagMm98Z83y8hL6Vl8DHS6fRYgwxezpmWpp7V1-HPcDVd3l1EFIoQdO85YTtMdq16EelH0ZdQkjslpHEbXurGE3ijCh-eP6ycdSL3bl4KQobkH9jaHXsD8iobU3HvJ4jx1qgeP5ETQMjoh8E1rqAxP1Lhs75HZr4ieXXDSZ-5ScAn1ZeurIHvKm0b-nwf7CHXibpgszhj-1gPlj1JfV9JqjuxrftAPvoSsnaojgIMisPdPqUHZaWmJjOnxAf_8TIgX-NJnkFsUqCQPgon1DFUEZv4QBcgnlujWEY2HXhTrxq5ieymC9kYoJ3JDR6r6TbMgUFf6eaU5ObJ3bnd2Ansj7EY6YzHLqNtlU1fTA9_H3gBVoAIeJ0ub47Np-T1IeJKHvVgl6nvzA3YULGvECrFeZUcfFrRRiH-A98NX4RPU8LJG1Xz_fkvH6xz_S_VmmGWxqGtoWDhUqKfPerId7EkqrWzA70joz47TQsKld1aBNT7OrOogfb48WwPrhx75eqyJ2o2h0Tt3LjADiSH_FLWqkRg4rilzgsOJlDQInAwkFs1794kp-JOjaXivdDpCZO7rknlQNno9DIubNb5n5m83r4sYHuDAgekJMMcdqYBRtLN7A-CPSyRMFVJ0EQHwk37RGsYn7ckp5AyxO3MkHsUmVms5DyShAOLqiDbhfSgTpWcAnNNDigPlFeuOywcqZLmwzByLVzC_iMHWCOfDr9tkjqWJRkq_vpgrgGcR9DqQaScW2jWrl6cbQl5ybxwrie7gvyHsvllYIFhLhKcP7qjRbNqN2-tXmG5X0spg6um_cPAtO1Gyq4Jr7PX_1LJB0NvEcQq-AM51zaD3IogG5JvGVq1re1ulc93K7-HmDTvUi_R-MIEKYzO6K4ysBUFwQFehgjHzSC_pnV06wFXLJTvEFcvLwoHy9fUZ51OvPnBTfjk0saqizCQhGu5v-4nAF9ldTr_VSQb2u1lrC0HORyy4qR2rSUBzaWLhhajKzG05Eq_spVDqklUuWyQbNvIg7rQ9DTC5Nx7-yZPcEfUc3_aB4EAecREanq7O_MFSFFhglp0TuxxBo1SYIpr-JslbYOAFSVsYEYBvUqjQGM7Bundxxrj51a_pOrztBh0876XD_APc7G6CrnBpQMCJRwgTW63KjqFErADokWeFPoeDQ1743ABTfK4NSYaRK3RUUGz0YskRgbTJxHx94TgxwiARxuwiCAt0_3bqgnOIJ4hkCLY-tC5nZ-ua4r07pNx5v1GnGjNjlqerhObnz5ruES4lvZq9SNLfWOQ-V_62UNjHrVFDfpEUhwFljB9esnD6_HBrLJAamvvvbwe24c7ZzOfiIs40rr71i3Vux2K9OGDVVI8AEPqi6QyFOSA7ODpU_jthnsIgnoIWlejCIVdxYwGgBqIhmkAtPEjujrwO9Eacoj7hnL3PGXiXUFI2dpcaOuoQKjQTfxCZPj2nNkcbGrpVaWpEe5hQOUKPYkUFyMLyYEaZ4z3n6Uz3pPZhfT7g1ZHPyVf7Qzfc-q2vhdV93uOLRLzp6oIaxoTjDCuusuj2G5JHoO17_6oRAOpxansD4-h3Gx6CKUwD6Pz63j-IAWsrnV5UlHI4EeT8glWH11QbyR7kXs8D7sl9M_Ilimv04IeJRrBiyJ9-ZzoodtS0cLQjvk0I52KZkp1MQo-PyUuFWgRJFjowVgN1bjWlnEicDDg6Rei27fss_mZE9AW0eD65v4cS7yDdPX0CP791JJBtLquB9AjRKHj-fRJphH1uA1L8-FSSegDBVkqGa4COxRwdm3yfejQ2Wg8ttTWDzVCfMU3UVhwFxG54GKHQHr7jfJuOjiFPiyBHMDAIrXYb4puYvEMgPlX5ZWY3M343JOVwAdsbnIZPFLI5Lg9vu0Bs-0KfPNy5we5M-1SArxg2qIXeMugRMDTLYw2kFWg3ea97pslfT7oR1ACwSAbyeuZcv-s5_n3npZM4vCu41Riyk5ifm_dUMZzkEBZ4yXX4WJv4g8-x43X_QYfUJcIUBIQ6A1ZJywbDIHG-Mk5y_vZ5UHxwZyyH2i9zvxRELz74ON3Zd6ZQvOkecHU8SrwIL5Nc3iixxWTIg9g3q5Is6628RDXOGmCHI2AMJLgxRD-TNCrzZSdsa8TVwx4OscdspV9mUnWkl0_bTXuos-zsMCYV6D0_43mI9AK_rcyt-c70kuJ6dbXtQmE1dLRHeGcK6trM6SWtglbSRRVREJsiWRRnv0xC779CN66O7ocJnW0pMwOa54FK8TnvehJcs3lRvPgRtT3Y_sYpQP7ic_EQ3xhwErAbPAgZ1Rz7xL3A5oDoNLHoS3rg3JF31uTgzrz3M1&cid=CAQSOwDq26N90pIvNVPls7ZMpTRmEc1KDKderDuLODxNMdixzMFFY_FziZCZpHUUCwa3bDpJneI9wbYo64tKGAEgEw&dc_exteid=3089534815302207513&dc_pubid=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif Show response
imagesrv.adition.com/ Frame B519
Redirect Chain

https://ad2.adfarm1.adition.com/banner?sid=4785390&gdpr=&gdpr_consent=&kid=5628550&bid=17041967&wpt=C&ts=[timestamp]
https://imagesrv.adition.com/1x1.gif

68 B
103 B

108ms
52ms

Fetch
image/gif

217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
Protocol: H2
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Jan 2023 07:13:21 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 09 Jan 2023 08:13:20 +0100
server: ADITIONSERVER v1.0
etag: 7186547156098026253
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

1x1.gif Show response
imagesrv.adition.com/ Frame B519
Redirect Chain

https://ad4.adfarm1.adition.com/banner?sid=4786717&kid=5632531&bid=17049387&wpt=C&gdpr=&gdpr_consent=
https://imagesrv.adition.com/1x1.gif

68 B
178 B

108ms
51ms

Fetch
image/gif

217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
Protocol: H2
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Jan 2023 07:13:21 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 09 Jan 2023 08:13:20 +0100
server: ADITIONSERVER v1.0
etag: 7186547156101434378
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B519 0
0 73ms
61ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CilNtj767Y8_pMNaE-cAPl8ORoAKjm5eVbvqqzY6SEaDSibSfPRABIOGe6ZIBYJXa_YGUB6AB9_fphCnIAQapAjyTRQTK27E-qAMBqgTmAU_QMN6GGgmgAhUuAvlr5AC1g1XPr_StZNL67KozU9f9H-2h-2CCajNRa-Z3T60zKwL9-9lFQ6Xp2S0vyO9cCa6f-9zVEWYyYmH2pn8FAMzGuoAxgXu9gNuFExZwbq5-rkzKOGfqvL-WS0BXvPRiQj1Hs02BHQzQ2A09tatMcY3joGmYyzf7i3lc8n7MfmK-sFxrxGp0OrnHoh1oUIiDLQ-2i9erw9_avrWNBWiRRJ7yaX-T2YI4WdYf6SKs2uAUFkDa2B9cP5_ixqXQvLXbAQ8Cq0_W4CFwfj93d5_zf-hW_LdaApriwATzmPavpQTgBAOIBaOK5OJHkgUECAMYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH96-65AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHCxCNudMBGKSpzdwB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE8vxyxHIE9KD2-ED0BMA2BMNiBQB2BQB0BUBgBcBshccChoIABIUcHViLTkxNDc0ODIyNjY5NTYwMTQYAA&sigh=d0VOI4_-d6M&uach_m=[UACH]&cid=CAQSOwDq26N90pIvNVPls7ZMpTRmEc1KDKderDuLODxNMdixzMFFY_FziZCZpHUUCwa3bDpJneI9wbYo64tKGAEgEw&template_id=509&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Jan 2023 07:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B519 16 KB
16 KB 32ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:10:25 GMT
x-content-type-options: nosniff
age: 385375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:10:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3451 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 06:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A2B 1 KB
643 B 35ms
34ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Mon, 09 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B519 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6232711ada5af8cddf619a3ebb613b6dc9dcb5a77c5c29021d3c4624c216d2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3451
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:21 GMT
expires: Mon, 09 Jan 2023 07:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7A2B 0
191 B 575ms
176ms Image
text/plain 209.25.233.253
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJloTcX_-Mx0FGlR5Lwnwe4&google_cver=1&google_push=AavPq0PTGpj3T-jqL4bZBc_dW2P2Ya0XXGtgKgUpk3UOlduaeM1t9vv8F2qallOdycQzB2TJ1blliEpD_iOi5e7tQdblOUlfMsqf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=532&adk=2275009325&adf=1280176406&pi=t.aa~a.3109244779~rp.4&w=840&lmt=1673248399&nsk=756d31b8&rafmt=11&pwprc=3922099570&ad_type=text_image&format=840x532&url=https%3A%2F%2Fbroblogger.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399748&bpp=1&bdt=2362&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280%2C300x600&nras=4&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ErxtBBpYhO&p=https%3A//broblogger.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.253 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 09 Jan 2023 07:13:20 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A2B
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDUIPm6vTqG9AMsidNCjCmo&google_cver=1&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPft...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDUIPm6vTqG9AMsidNCjCmo&google_cver=1&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg&google_hm=a9KlL4WsRa2c4hJN8cRrnw==

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg&google_hm=a9KlL4WsRa2c4hJN8cRrnw==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg&google_hm=a9KlL4WsRa2c4hJN8cRrnw==
date: Mon, 09 Jan 2023 07:13:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A2B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECpyvRk7fxOP4JsJxf9cixI&google_cver=1&google_push=AavPq0PqbRKb_dpZFeHzB177rwf7e3H_YApZnpNtTY0pwa_xOBrBg6I9C2VG3r7_MOxPqazs_S6HbvNxcLnY1Pw6xoJu8Al...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PqbRKb_dpZFeHzB177rwf7e3H_YApZnpNtTY0pwa_xOBrBg6I9C2VG3r7_MOxPqazs_S6HbvNxcLnY1Pw6xoJu8AlZjkdzow&google_hm=eS1KWTRJVml4RTJwRzAu...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PqbRKb_dpZFeHzB177rwf7e3H_YApZnpNtTY0pwa_xOBrBg6I9C2VG3r7_MOxPqazs_S6HbvNxcLnY1Pw6xoJu8AlZjkdzow&google_hm=eS1KWTRJVml4RTJwRzAuTlhpaTNwcG1TeDVDaFNuX1VheX5B

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Jan 2023 07:13:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PqbRKb_dpZFeHzB177rwf7e3H_YApZnpNtTY0pwa_xOBrBg6I9C2VG3r7_MOxPqazs_S6HbvNxcLnY1Pw6xoJu8AlZjkdzow&google_hm=eS1KWTRJVml4RTJwRzAuTlhpaTNwcG1TeDVDaFNuX1VheX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A2B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENTMHtkwSeOQ7uYgANhOEyk&google_cver=1&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjEsY...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENTMHtkwSeOQ7uYgANhOEyk&google_cver=1&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1Uv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4ODI3ODAzNjM4MTE2MTg4NQ&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjE...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4ODI3ODAzNjM4MTE2MTg4NQ&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjEsYL13n0-USxOQqNgYmhMkkog

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY4ODI3ODAzNjM4MTE2MTg4NQ&google_push=AavPq0NHQGdrUImIvu4p8xQ-EvYNLC6zNgHJumPLBzCpVQ_lI4TDN0zE1k2nPiZcmbLY0FUn1UvVjEsYL13n0-USxOQqNgYmhMkkog
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A2B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENyU9qiTQRq2m5AXt8p5RPg&google_cver=1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_1
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjYzMjAyNzM0NDQ5MDk2MzczMDk1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm...

170 B
188 B

79ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjYzMjAyNzM0NDQ5MDk2MzczMDk1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjYzMjAyNzM0NDQ5MDk2MzczMDk1&google_push=AavPq0OfYGn5Rr3rjbmfZi40YVJG01Wg6nXX4KY7ar4UtfMRar6_xg3S2YF8xmjm8fJMYPOuZ4VxTDOoHWMQBOvgfMcyFfiuBz_1
date: Mon, 09 Jan 2023 07:13:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A2B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqyYJsiRiQ7DleY-OCBaL8&google_cver=1&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT17...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqyYJsiRiQ7DleY-OCBaL8&google_cver=1&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT17...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMUlJV0dGRTJ1RmxvVDVlYXNNdXBMTlRMZDdlbFZZS35B&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMUlJV0dGRTJ1RmxvVDVlYXNNdXBMTlRMZDdlbFZZS35B&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT179m19xPCH7J8Bfz2bQCevKdtqctwoY

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMUlJV0dGRTJ1RmxvVDVlYXNNdXBMTlRMZDdlbFZZS35B&google_push=AavPq0OXdzo_idUofmufBzNRokk5PPtOESwsjVyJmBZ7AusWkzMNVdHe_GRlYJgizIrwMbvT179m19xPCH7J8Bfz2bQCevKdtqctwoY
date: Mon, 09 Jan 2023 07:13:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 7A2B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECypmj4Aa2uSMHbKv7J1xAk&google_cver=1&google_push=AavPq0PWfmyBd3pRM68l0yR0QC1EM9mEN93s0_Vw2tfPpPqgo5pfQIPvDLW4qizSOCR5NI7MjplPheVFqcE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PWfmyBd3pRM68l0yR0QC1EM9mEN93s0_Vw2tfPpPqgo5pfQIPvDLW4qizSOCR5NI7MjplPheVFqcElCamN0Cm1GNbkA3IP_A
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

22ms
21ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A2B 0
232 B 93ms
29ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUMSRBK0iIW1o-Dr7VXB1-shMbmNblfPcCeLZiF0g11JoU0JOoIEUT9BRj-RyXYq2cVOK38zI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 77ms
77ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

457f2a052768b35d62a325bdc8dcc29a7aca812219c69425b48223b2d3884411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11231
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
75ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 07:13:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFD3 13 KB
5 KB 35ms
34ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 380655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 84ED 783 B
535 B 60ms
58ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42c5f044dcc5c68a62d10e3f6b05bf2b49892c5188cdc2dd223ec83880270fbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ikJ6QS7RBTabla9Ry2Wtfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://broblogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ikJ6QS7RBTabla9Ry2Wtfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:13:21 GMT
expires: Mon, 09 Jan 2023 07:13:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame CFD3 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:08:56 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5B8 42 B
64 B 71ms
68ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslXKFtpFUp4QjS6ZRhye9j3UTNEku31o861Z93bNJqPbly4q_xCjAX5FOaL7WsiQKfRDNm8FRqzzmYoYDZYrgwOvY_la9jiHnQ8Eya1nIrtu3UNwkzl93MBIGHmeidpP6R676oaw&sai=AMfl-YSZrYFniRNOgJ13RFnkudFEwBtttkNDZNLskUkEOYsCsS09J5KrGdivqndhI9DFHOHQIK7N45ZX6-_Jy5Q&sig=Cg0ArKJSzESefIetjvxjEAE&cid=CAQSGwDq26N9I8-rExOFlhUrcCwnOjpg1tptd2xaIBgBIBM&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=697371007&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673248398619&rpt=1738&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 84ED 0
0 68ms
66ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=2940834777350253&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4944 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3OlzUZr5DgEXK-r7TpfLp2Rmyp11dk1j5hc2hJTSMPu9B2hexPQfIqWr86Mg8xv4n2UpnUC3NZvld7-ZN3zaxxpUcc9nIVgfkOVpf9t8m_OIWgUnbGagrb6783yciRIMJz3eIlg&sai=AMfl-YRkCYR4_bMSiVllHfOY1odlx-_tg5GwhtSoZQB12Ih8jXCTV-7wHE0LcV4jKC3EMhuMVDApKrMXuRWqA10&sig=Cg0ArKJSzCOyMijMPhniEAE&cid=CAQSGwDq26N9ylDhWVD-qAGxwXyKc3eRa5_C-yyn-BgBIBM&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,929,1000,1000,1000&tos=0,929,71,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673248399818&rpt=580&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 07:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CFD3 0
12 B 35ms
34ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rFoUGw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:13:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=2940834777350253&bg=!mZqlmt7NAAYDMoyoIzI7ACkAdvg8WgV3oX9hoeKx5NsEu3QAHDQC4LpB5i9QmvBn9I-Lb6iMLu1a0wIAAABdUgAAAANoAQeZAp1bIxpdvUzzFC6-M11873VoHCeZryjIKWCc6xuPJ-e8QzkbAEXobQ9BXZFtnW_LkOG4Nl7bEd0Lkub_12m2XKNoZXoEzXbt9jAgxW6042Vt4yEDLQkjokciwpKyNf6p6Va98ZR_ptK4RbUeI_S9RcPg29Cpff8UnBQewv6ovA2ImPVsGPPHngwbNVeQJKXnYuwzCTZeNuv1Ttp4SZIXQQBOvV4Tt8Uqe_hDzB5MVLct4fe07QHjJSvhgH_iqpgSL6mySMUxzGovssWHQWBmWVIxbV3kYr3up5vANjr4IJ3brB9QhCjOParN0mDW2BIaxnUs01g2g2Rzf-rm3WcW1ydoOSwUKQKwfAgrL0ZqyWCEA5Dj1ez_Gn3ldfb8zoU4V8tcUA_55HJRxRI429atz4hq-ZdEluJM5du8YYHJKxFllbo9p8-MiNmUnNws-mo_CC5Q1HErgPSXtZ6Kra6OAKwZNrWPtabMW_dmnLruxI_D4WDO672lF795MJme1TQnIJhtE4sfEhbp9o6v9SILO1hsKwZqp2q2lVMhDAPYLDRaZJL3gdvcTyC0_N2LbOsJSx63NCirrlOgxwE9IIzjC0cKR-oenjVW0a4lFDvYPtGW7emG5MBOzrTOt-FUNqFODPSS_ECa_t7mrvz234hJg_-hKB5aEzPFEyC3_nlkbEQdU4dkYraIrI05cw2ewe5q0Mo8Y7pHem6w2g6Ix7I3FTJZ6avmj_zm4tx15vMLB8Y2EuJHFn6cXDqeOFDiNaK1dMHNcDaXk6j2SLY_t4IAMWVM3goOqRpsJYXUzuDQqHPbcArQ-HksZ2l6u7YraqHMYgraNNVfLtBZOtLj_yEJQXeo-Kz8k-Akv4r5qPCXyWygisuTmrTI3qlM06UlTl4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://broblogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.broblogger.com/	1970-01-20 18:23:28	Name: _ga_KPCKNP1GPN Value: GS1.1.1673248397.1.0.1673248397.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bhgCA3GJ2Js
.youtube.com/	1970-01-20 13:06:40	Name: VISITOR_INFO1_LIVE Value: e7N0fgoFHsk
.broblogger.com/	1970-01-20 18:23:28	Name: _ga Value: GA1.2.952981580.1673248398
.broblogger.com/	1970-01-20 08:48:54	Name: _gid Value: GA1.2.844581153.1673248398
.broblogger.com/	1970-01-20 08:47:28	Name: _gat_gtag_UA_251291_6 Value: 1
.broblogger.com/	1970-01-20 18:09:04	Name: __gads Value: ID=55bfe9dfb98e936a-229e8a7635db00c8:T=1673248398:RT=1673248398:S=ALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA
.broblogger.com/	1970-01-20 18:09:04	Name: __gpi Value: UID=00000ba065df6974:T=1673248398:RT=1673248398:S=ALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg
.doubleclick.net/	1970-01-20 08:47:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:09:04	Name: IDE Value: AHWqTUlKBW0tP9kQFzxBEJ8-9p6a-pK9c0ffQDyXqdcb60ieyer7FYmV7IeSIK6TxvE
.adfarm1.adition.com/	1970-01-20 08:47:30	Name: lv_5632531 Value: w=4786717\|t=1673248400
.adfarm1.adition.com/	1970-01-20 10:57:08	Name: UserID1 Value: 7186547156097960717
.adfarm1.adition.com/	1970-01-20 08:47:30	Name: lv_5628550 Value: w=4785390\|t=1673248400
.3lift.com/	1970-01-20 10:57:04	Name: tluid Value: 663202734449096373095
.adform.net/	1970-01-20 09:32:06	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 17:33:04	Name: IDSYNC Value: 18yx~29bj
.yahoo.com/	1970-01-20 17:33:26	Name: A3 Value: d=AQABBJG-u2MCEKnc0aXKF5IGnaZTXFupaYYFEgEBAQEQvWPFYwAAAAAA_eMAAA&S=AQAAAuJ40m9lUez7-iHTy5oGht0
.adform.net/	1970-01-20 10:13:52	Name: uid Value: 1688278036381161885
.bidswitch.net/	1970-01-20 17:33:04	Name: tuuid Value: 6bd2a52f-85ac-45ad-9ce2-124df1c46b9f
.bidswitch.net/	1970-01-20 17:33:04	Name: c Value: 1673248401
.bidswitch.net/	1970-01-20 17:33:04	Name: tuuid_lu Value: 1673248401
.bidswitch.net/	1970-01-20 08:47:28	Name: google_push Value: AavPq0PMNwxrd8VtMMaiIgH6IcFy5ZQfNNDqPZ0-IF8s6AYzBaK9ujLRglyS2kp4jvSmK6VMC1egVRXZ8qCw6-N-IPftM8kdtoSHEg

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6556360538891223040/160x600/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8031906437487916618/728x90.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/139051849006851566/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9147482266956014&output=html&h=600&adk=1300803819&adf=3657794458&pi=t.aa~a.1517101829~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1673248399&rafmt=1&to=qs&pwprc=3922099570&format=300x600&url=https%3A%2F%2Fbroblogger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673248399718&bpp=1&bdt=2332&idt=0&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55bfe9dfb98e936a-229e8a7635db00c8%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MaMaPAs3krkRfy5RMFGKGQhtdxPnA&gpic=UID%3D00000ba065df6974%3AT%3D1673248398%3ART%3D1673248398%3AS%3DALNI_MYOMjAHVh-zWiFAhIaylCN-2kRLEg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7433503078226&frm=20&pv=1&ga_vid=952981580.1673248398&ga_sid=1673248399&ga_hid=260011803&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2940834777350253&tmod=1411494743&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K1OLtgNN6c&p=https%3A//broblogger.com&dtd=17 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/139051849006851566/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
adservice.google.com
adservice.google.de
broblogger.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
imagesrv.adition.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
static.doubleclick.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z-na.amazon-adsystem.com
142.250.185.130
173.201.188.181
2001:4860:4802:34::36
209.25.233.253
217.79.188.21
217.79.188.46
217.79.188.59
2a00:1450:4001:802::200a
2a00:1450:4001:803::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2016
2a00:1450:4001:831::2002
2a00:1450:400d:802::2002
2a00:1450:400d:804::2002
2a00:1450:400d:806::2002
2a00:1450:400d:807::200e
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2002
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3602:e21e:b28b:5a38:9bc
3.126.56.137
37.157.4.25
51.89.9.254
52.29.35.229
76.223.111.18
99.86.234.31
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
0a710ffb4db5ea7afcac0ea49847155dfd00ddd711ef6e998dc4e506675ab912
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa78534c298411845229e6dee89bfd935ed71c8aa64add2b06f8c31c5daf6d
120891e5601ab6ccfdb175bb26236890337c9e6efcb03477026277e2c6f12be8
141879e39fe5666f8b1ca0d599d29b2bd1c2d675d707a7411e6e427c077676a6
1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c5fb25d8fa1ea2bec428ca1319fe2bc4359b136f4e1b3bf6bf72c1c7b5e1c6
1a2c945ac93b545ba9afdfa3a8df16557094cc05ea86b148b412265b2eaf6878
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab
2bd732c0b3798d92e25ddf695322718e6b972fed8485ba698af1ae1c7e951c22
2da71934d1a3e7371d751e74a1e9962ceeaf8877500980eaae6f57ebd344821c
2fb5a8c85b1b894c30cd6764dff1898456c725106eb56b2f383c05f0871bb99c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34507612671884f0dfaff03895673df5df313499a4276be9eed4dea170d2c6d7
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41195b4e82e2bfefe638885b1d44e952af89dae1e5a42916dba0964beb20fc4e
41e2cfb68bc1557bb7122a4b2100da7dc847814b926d0aec3adee55b11dd2a30
42c5f044dcc5c68a62d10e3f6b05bf2b49892c5188cdc2dd223ec83880270fbc
4485def080ef2520e765df11e676f872e7306134c9eaad4870f0dfb82bccc83f
457f2a052768b35d62a325bdc8dcc29a7aca812219c69425b48223b2d3884411
45d698e3fcc1315185ff96165c300fe3c8bd44fd075afefd33a480aa4ff087a1
472d82ca6eb21018079db8082245885b037fadea0fceb2a9dd6d505b7a4e5791
47b9f1fe3649d8d3f1cbb6b4c619949311e720b6a8ee420345aa68f9c3f50013
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c51d3613036e86964d98966fac62f809522127ab1ff39a578928c6279f0b523
4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a
4e08ccb82bf7d124299353bb019e263eab5333764509ed36d064f9c6f88d6847
4f50287e7121727ee1c1f2a124d8de06e77338ac060068da4447887d1d101c17
50a520e2603adc04969921d47cd0518ce75498eff350b49f5ee5c614d7e041a8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fa444db527da2119ee3720001210b6f77ba7ababe6955f1b1e90678f4f12ff
6232711ada5af8cddf619a3ebb613b6dc9dcb5a77c5c29021d3c4624c216d2c9
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
66bda6a480b0e6bddc8bc87ba9eaebb14bc61d13252e4a35ce3ece36361a0218
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6bf212551d0d73f02a62d4c317004ef9a56631cfb3615a6e6e45519e93ee7d
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100
762e099f22e55c98c3ce28471e89988246aeb3460b3dd578558324901322c698
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7a5e7197f364c0bdf7d3aa64d71e221561ff4746f54f3eb074be78b964c1e54b
805856baeda07af4f2f9e1e39ee572d39cf711bda0f5437d12fdcf2bf77dbe9f
8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463
87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256
88508ef238d0fba1223b4b56c9b50045a7c17a25207cfde5829010a172407cd2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
939bd5e7cc2c0d907e58df3a1871bb0d1230329575c45933e484ba2dd67c153f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2b89ce2d7d83e2b05ec03c40dce23232a8155f8cafbcf0d2fb58e3529a4064
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0302fcf9ee08aa92dc83d60a9016ea9b622c772d1d67552c9b8e42efaad02dd
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a1ff6a25d00fa4812292bb77456e0f6aad9e3423fdd6f7254149dbdfdbef93fe
a31b029111da913085b1fa1c134fa60028863f442fa3387a07cf736a619bf3b3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
acd459134ed7757f4730855335dc242dc01744337bf9f1fb2e89a86acc0fe427
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de
b33defb1b2f8c62404dbe1179e457c7561c06ef0b83aa1e062ed0a894586a710
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b661b2f95d196676697034b00a4fc28ce1c2cf362e40454e44e27bbdfaf5ed4e
ba71d7360fc084690191be50fae228b204839bff0cd2e2c2265b7d924e5b030a
c1cf11863a20f812fe4f02944d3d717b927e2ed2f9320d7f34ffbf55590b4c17
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c9337d88c61c2e6d6e95a450dd6dec597e8e041244ea61e0ac905606cc5c5fa4
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb027ef2b3b3ce494231674960eb07c481529531ffcdf4c5461ec559a3afadc6
cb47b561f47e3d106d419bdd7721a3a26a00c36e20ce6f1bfa3c6d13cdb8c76f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdb3c0eee82b69897cccf47a9f566f099d004761c26e7c8aa2553db555621374
d029da9682d8304c239097f8742e4942035002d8693944345b59b75e224aded2
d307871ee9feca92730822e1e742511df83accc7b0f36d38f8e9f461d142e786
d6c42da14ae3ce0b3621464b9e2ab7cacf5bd49b94154a83ef15b473422d3dba
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9a333df1a7c419570f41e94ad240501efc51081a553226be8c2970a81bbcb9e
dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e8dde8a5e065f7b73ba896c804ee3538298133d2fca113de1e846a37b43090fa
e9b74f7a020962a1569b0576896a84518052f13c5f1126f5a310ef23fcf46308
ead4182fc526e266914f8a9169391b104d2d22138b3307c310de5fdf3f8eca59
ecff8944f1e10f0c28bb2c7fd1eaa7c3a43c3737bde0e0c97e2114caa30d7886
edaa3dff3f45cdad5d62fb8cbd1b68a419f4fdb0189ccb93039f06b501c0b15d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083e25c4a7f7c30b24b83f511e6b2b1b688d8c6a8ab2703c5387d9f1a0429e9
f0d756fbeb3274d62775e709e479063afa849c753728e5d356280ef1ffd6586d
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f6180e8182066c72502df9beebefc587725f753f38ba3fd1734c95f44de39c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f762174c5f20139aedca847b6dd15c6ca4ba06bcf02236d80abf692533d05811
f994877b9f65efb0c61ab270936d341d0ae9dc8009f96470efdb837bdb949bf1
fb43a04359c7334c6cc6551d81f9e5ec0ceac67b6e158319f6da7195bda3b33f
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf
fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

broblogger.com Open in urlscan Pro 173.201.188.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

93 %HTTPS

65 %IPv6

24 Domains

34 Subdomains

28 IPs

6 Countries

3174 kBTransfer

8530 kBSize

22 Cookies

21 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

broblogger.com Open in urlscan Pro
173.201.188.181 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

93 %
HTTPS

65 %
IPv6

24
Domains

34
Subdomains

28
IPs

6
Countries

3174 kB
Transfer

8530 kB
Size

22
Cookies

174 HTTP transactions
5 data transactions