mkoghzd.xyz Open in urlscan Pro
45.32.60.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tdsyi.centuriontelcom.org/af/05299815
Effective URL:
https://mkoghzd.xyz/2021/02/19/265.htm
Submission: On February 19 via manual (February 19th 2021, 1:23:59 pm UTC) from JP

Summary HTTP 102 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 15 domains to perform 102 HTTP transactions. The main IP is 45.32.60.83, located in Heiwajima, Japan and belongs to AS-CHOOPA, US. The main domain is mkoghzd.xyz.
TLS certificate: Issued by R3 on January 14th 2021. Valid for: 3 months.

This is the only time mkoghzd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	95.179.238.243 95.179.238.243	20473 (AS-CHOOPA) (AS-CHOOPA)
14	45.32.60.83 45.32.60.83	20473 (AS-CHOOPA) (AS-CHOOPA)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	153.120.49.87 153.120.49.87	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	183.90.237.33 183.90.237.33	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1 25	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4002... 2800:3f0:4002:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:29::8	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
102	23

1 95.179.238.243 (London, United Kingdom) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 95.179.238.243.vultr.com

tdsyi.centuriontelcom.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 45.32.60.83 (Heiwajima, Japan)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.60.83.vultr.com

mkoghzd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 153.120.49.87 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www33.with2.net

blog.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.90.237.33 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv7192.xserver.jp

airw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4002:808::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.156 (United States)

ASN15169 (GOOGLE, US)

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:29::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	311 KB
19	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r2---sn-4g5e6nez.c.2mdn.net	200 KB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net bid.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	85 KB
14	mkoghzd.xyz mkoghzd.xyz	142 KB
7	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com	62 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	131 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	googletagservices.com www.googletagservices.com	94 KB
1	google.com adservice.google.com	317 B
1	google.de adservice.google.de	317 B
1	googleadservices.com partner.googleadservices.com	640 B
1	airw.net airw.net	2 KB
1	with2.net blog.with2.net	3 KB
1	centuriontelcom.org 1 redirects tdsyi.centuriontelcom.org	121 B
0	cnzz.com Failed s4.cnzz.com Failed
102	15

	Domain	Requested by
17	pagead2.googlesyndication.com	mkoghzd.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	s0.2mdn.net	mkoghzd.xyz s0.2mdn.net googleads.g.doubleclick.net
15	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	mkoghzd.xyz	mkoghzd.xyz
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mkoghzd.xyz
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	mkoghzd.xyz googleads.g.doubleclick.net
2	ade.googlesyndication.com	mkoghzd.xyz
2	googleads4.g.doubleclick.net	mkoghzd.xyz
2	r2---sn-4g5e6nez.c.2mdn.net	mkoghzd.xyz
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	airw.net	mkoghzd.xyz
1	blog.with2.net	mkoghzd.xyz
1	tdsyi.centuriontelcom.org	1 redirects
0	s4.cnzz.com Failed	mkoghzd.xyz
102	25

This site contains links to these domains. Also see Links.

Domain
blog.with2.net
airw.net
okane-antena.com
www.rizumu.net

Subject Issuer	Validity	Valid
mkoghzd.xyz R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
blog.with2.net JPRS Domain Validation Authority - G4	`2020-12-11` - `2021-12-31`	a year	crt.sh
www.airw.net R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-02-09` - `2021-04-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://mkoghzd.xyz/2021/02/19/265.htm
Frame ID: 936E93265E9DA5967994BC7425B5ABE4
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: D078430192C214E0A4B1879CB4EAA208
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&adk=1812271804&adf=3025194257&lmt=1613741005&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613741004280&bpp=477&bdt=49&idt=721&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=810153767010&frm=20&pv=2&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=741
Frame ID: 1EEE0475EA0F20AD8EF8B8724F85A6C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
Frame ID: 3C1FA6DA3541354CE552D62638742B8C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
Frame ID: B233B28C0FAE5FF08D1A30EB92A39F70
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
Frame ID: 892C0731E40AA704C87F3BE5BA36BF24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
Frame ID: E850E2A2624594BEC51E57FB15136A93
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEV6to8FBDTI5U-vaAv4nd20SStYCxjLKWuNHsG48SO3Nd7HMmaJH-5A4sbZYs1QD-JfYqQrSt74tzint8zWHIN7rOfcw0juWecQuk7Se3-Af4Jv93CfJRlhHHWRZiP0Pi87DNf-sHhYoWSAlk0zV01s9ArA&dbm_d=AKAmf-DQEPlrYcF7G-b3F1jwZFX8UsTCmbdWOTsLPw19Cv1U2v75amWNSIECbrRfyb6ojItoKTDf92YEtXZUuW1c5GrNX5gqP2j44xeY0XSpwzqEMOtzDsW7A6U-hlNZxSZQbzImtF_PSa9z7P5YBOpFZwQ2bOcPyAGRHFBlLNyit2blm2NoZCzq0G5EdUVcEhOR1lxAx_9rOkiUjC-hrwvtpQOJvjXWuIAg4g96jNqQAJuCdIpIaIp-lLdOt12HK86BwUuO4iMU35-I63nyGuDofQSR9k381GdwhVksqyoj5nhhd5EfCXdydigJSJjKujf5ho0yjpV0_evC74-4_TAuCXmAl1N_d4Ux0nLSBKYhAo1lU-xJ1x75Ckct_CRPXDCCZG0QlixvXZ6no9Huy2KeoueM1ZTfEJPF7SOh23UctujYemKVDMYdsdDTlwtFIon_xcDVm0VIcuPzVbOgPp46xgRePeRa0oDEKmdiep0dVIIbB4UbP5ij3tThJ2W_dqkx2GokrrXFk2Yd9lRwomrvXcCBZ8n5eUqgL92HiJWYLAtQZ2yHi1EqsquFA-8MmtRwRm5TMa8AC3fh7D4nPxjtIeMuSfrrd1RKEOw3btuqVZXzqVGQ3t87u2TxXdGXc9ZV73My4-KQ1toAxEBK9oR2v1PDOPzw9rhNgrtZdNUSvqIsky-ZM8KnVoUlwdTvZd4iuNn4oNXUvIqdSvZPKfr2WR2Mf2BVxJPWE00PSm0PkN-xFWtqJmx0LxnKqr2ctKBch4UlByJ7ImXn2TPmbcYeoZUHFQ2YlFZHtzQsS9viHG-8EB4GyIUS8lK-kZuJNnc_YaJd7N-emnwbOFKBKQbDP0HK9Oxu6tpL2rMjxjW03T9lTYUJR_aMKdLmIegL07pLon6KkpiKfTRsawQicFtC-AOVQ_r1_73Z2pvHvZnK7VH8JKmRQLd4btnXjTf0jcbY8lE9z1bJ2gocSz0H92FHvEdNvOA3WKVAvhQMgmod-fb7_XmLSux8HGMfZv1LlKKOpdwwoGo_JZBQcOtB1ZXdCwKuOHGzyWWQ9_l-HKtN__7QdXSq6v6O3eRYRNefzX9l7fRByEDmPxWrFH844-fMFUJaIEDAGUPhftu6Y_UzL9dEvjio9ryOP38nVe1smPLIW_W8IoZFN5Mq3JQiyUQN6ILsKstW-q8PS-Y7gMTc5InEVmsvXES0eN-Po2t6rsUTrL7pzzIfQGjmxVZo1c0tYsJfKZIReICu5pZfrNsuG0NwLH2lz68czNzvFIHm5SFYup6HepPlESp4wsChplML0aJAyNKtAtZxp9aHRxSUCPG3911CVhBViBXCDl2tkGQdbpgoXn3pI-gjJOvwpTQXNjUpgbGYx7Dy3S-KqlwrjHg87mLDE_bgGZY6hPDUrNVDo7tBzL5zqG2Mcya-s6-Njyze7ocMup6UDu9uyuYIqcFXxHN_KhjWTyc2zKW3uXJ7uI3ykhFpss7yWzwhUJYtO-XCKEMKVP5qo1kLH2PJF7mBo_OJ-azHf0zS0kiFaifZnih6cyd19MC1Ov9jWz567cjj5mxzkgVt-liP111LPmpyaFiPeroonB-bHDwd9BpXWLT0e92vh7KCJJL8y6j1hFEyqltJWX8Zt1aFmcZQoVcXbA5eM4jabgdMqUOtN77dm1wATSOM9Iw8W3y8xsY-JmjXOChHYWrSTq4FrRB9zf8twBVrJh72xlEMa-JsRWKMwEpE7vxxnnhzlWT7MXdqwI1ALqs4Pj6Ovwh68Rly_BpE42nh5TKJaOiLhlBpnS35KRynVN4oAADzOVZXE4f86kfSIslZmxcrcuWpEgKBVa4QwrTsTkRIfX3ynHREtcc8oY3Wh73ZDbV1zrJZyuqNDEgA2o80rkwxWUvSkf4Fj-3N5xPn2TPn5sQpzJosej7zeyWWxfxcYsCwZIaaeZ8g23OnrZcITfCU77SAnHILl9Ll_ckcYLCAIyxQzzrxaxr8EjLGXm8seq0yPgdnA8HYewuPHYDR1Ls5-SbxM5-WZkUgB1_K1GiBDCWr8y4rIf7siB1U2EmG0jjkZrApDPbCL7g3Rwg5KGiX6NBaMmG99hpr5UTyLVpR57M99x9huxYjo7CPOaQBVcPHcToQXFGv_bwnyLVmcSLEwkKtN49qW_WaCz3w2GUZpP5eYhnyMvwn8G9b8ubWjBaRHE2wfJviFX6VtRwIVQdl2upWkHY6vU2muAyaQH4uooHrJUfVVvmf6lJCXQwks_PyRNFAtl0HuIUg_4rVIh5eA2ZBINvGpNxklqG7SLcJhgYmlTfsHRDjZvPCxZnHO-y4MTaJ0b1iSxchew5aoloBeYZCP5Ebmvumuz5PcD5m2rJyOjqjm_OYyhKR1E5Ddfza9lb1rIGcwk4MypS9XCfZPv6DiNMnMdu9IGrTPcGH2oUaBwYun4rsFleIyw6kYNwExURt0kCx01y7IUdTAuMypHra2kt09btV38bsXAZu6rFNvCJwIwgjj40OPB2zxRJz5MnWDjwrAsw2qFAjTxRhqT88XnZfgYP8RzumgyZcpo6a_TpfkxbWvOhLOcQP-XqBR9V7d4jih8MHr9cat1uCHE_YB7OSy_kj4DSA49ff-0joVoI-fNM_evYO84A69RXpo5_a98Bkgs7FK1a8plzgsdtNYQcUGr3m9zY58lhxEPdhWzHCleSuz6Vo3sf4KVKHCRnVLkiHwluiiE8pebZuaCtjNyYutqi8WaDwyruG4cGN74IrOBMCyxLy-Etmh-FMNt0H1HCJb1KkM8JfE_LHcf8fhLZIE80kHAHO9JpsWmTg-LIt9Y_ot6tLQXCy6RXSIpdQE2ryAwGrL28Z_HfSGx_u_BreJV8rozBhEi_6wmdPRZgco2rFAmvUFo7x1McEB7dTx-PcsbLoog3C-w&cid=CAASBORoKio
Frame ID: 83B12D3DC51DF165EC511FB1274CB338
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js
Frame ID: D420086DBE84E5146D8B39C221519BB2
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/8006781/1605552983974/index.html
Frame ID: 205F8FC9C1642736EEE67A31A8E87D70
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5B11E2BD449097E689FD5573410E93A7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9AEE2DCDF17A79AE04F3F58DFF731B38
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9979A90AB7769F81B9DC2AF197A4B927
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

四季報記者が選んだ2021年度大バケ期待の10銘柄(2月19日) | MK投資研究所

Page URL History Show full URLs

https://tdsyi.centuriontelcom.org/af/05299815 HTTP 301
https://mkoghzd.xyz/2021/02/19/265.htm Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

102
Requests

99 %
HTTPS

63 %
IPv6

15
Domains

25
Subdomains

23
IPs

5
Countries

1032 kB
Transfer

2745 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.with2.net/link/?id=2060596&cid=1531

Search URL Search Domain Scan URL

URL: https://airw.net/kabu/rank.cgi?id=mktz

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=2060596
Title: 急騰銘柄予想

Search URL Search Domain Scan URL

URL: http://okane-antena.com/
Title: みんなのお金儲けアンテ

Search URL Search Domain Scan URL

URL: https://www.rizumu.net/
Title: 株価アルゴリズム

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tdsyi.centuriontelcom.org/af/05299815 HTTP 301
https://mkoghzd.xyz/2021/02/19/265.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://gcdn.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8D0791D763B9C262EB3FD88A84F67D46535BF186.AB2A6BC8A815B42881ED252B1B3F4CD5710E7485/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5e6nez.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3BC6EDC6DDA24E200570FB3B91FDA32D8E69ABA3.19AA87BC56157A492639CA5362F7DC25163EF9BF/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nez/ms/onc/mt/1613740824/mv/m/mvi/2/pl/41/file/file.mp4

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1

Request Chain 66

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YC.7za.9hotmt.eb6th1VgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1&google_hm=2

102 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 265.htm Show response
mkoghzd.xyz/2021/02/19/
Redirect Chain

https://tdsyi.centuriontelcom.org/af/05299815
https://mkoghzd.xyz/2021/02/19/265.htm

17 KB
6 KB

1162ms
398ms

Document
text/html

45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: ac93499d0c0749d12c09e1ee88a1efc64ff64c320690d133ffed23739d41f016

Request headers

:method: GET
:authority: mkoghzd.xyz
:scheme: https
:path: /2021/02/19/265.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Fri, 19 Feb 2021 13:23:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://mkoghzd.xyz/xmlrpc.php
link: <https://mkoghzd.xyz/?p=265>; rel=shortlink
content-encoding: gzip

Redirect headers

server: nginx
date: Fri, 19 Feb 2021 13:23:23 GMT
content-type: text/html
content-length: 162
location: https://mkoghzd.xyz/2021/02/19/265.htm
strict-transport-security: max-age=31536000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48512
x-xss-protection: 0
server: cafe
etag: 8824829217438060229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 13:23:24 GMT

GET
H2 200 style.css
mkoghzd.xyz/wp-content/themes/teller/ 24 KB
6 KB 258ms
256ms Stylesheet
text/css 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/style.css?ver=4.3.25
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: 73f3ff9b6ec5a12735716ede1adba865262a64a96503c4292555af49d49302c6

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 10:40:43 GMT
server: nginx
etag: W/"5f5f48ab-6064"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
769 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,300

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 13:20:54 GMT
server: ESF
date: Fri, 19 Feb 2021 13:23:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 13:23:24 GMT

GET
H2 200 font-awesome.css
mkoghzd.xyz/wp-content/themes/teller/css/ 28 KB
6 KB 260ms
259ms Stylesheet
text/css 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/css/font-awesome.css?ver=4.3.25
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
last-modified: Tue, 06 Mar 2018 14:47:58 GMT
server: nginx
etag: W/"5a9eaa1e-704b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 public.css
mkoghzd.xyz/wp-content/plugins/recent-posts-widget-with-thumbnails/ 473 B
644 B 260ms
259ms Stylesheet
text/css 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=6.5.1
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: 63313604f88c1935ba43c48ab5678215d92432baff307ee2968306228bdd3e98

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
last-modified: Fri, 12 Feb 2021 03:08:48 GMT
server: nginx
etag: "6025f140-1d9"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 473
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 jquery.js Show response
mkoghzd.xyz/wp-includes/js/jquery/ 94 KB
37 KB 499ms
497ms Script
application/javascript 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
last-modified: Sat, 27 Jun 2015 23:40:23 GMT
server: nginx
etag: W/"558f3467-176e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 jquery-migrate.min.js Show response
mkoghzd.xyz/wp-includes/js/jquery/ 7 KB
3 KB 505ms
504ms Script
application/javascript 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2013 15:28:25 GMT
server: nginx
etag: W/"51eea119-1c20"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 custom.js Show response
mkoghzd.xyz/wp-content/themes/teller/js/ 145 B
325 B 505ms
504ms Script
application/javascript 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/js/custom.js?ver=770086488
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: cc759efe94fdebef6235c770f3b4231bf7891c505da42935f06fa1fb73de63c0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
last-modified: Tue, 06 Mar 2018 14:47:58 GMT
server: nginx
etag: "5a9eaa1e-91"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 145
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H/1.1 200
OK br_c_1531_1.gif
blog.with2.net/img/banner/c/banner_1/ 2 KB
3 KB 1098ms
273ms Image
image/gif 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/img/banner/c/banner_1/br_c_1531_1.gif
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1dee05848e792b91d89bcb14b566f4789112d3752976856538eb0c6fa10d7f3b

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 13:23:25 GMT
Last-Modified: Wed, 11 Nov 2009 07:29:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "d203d4-967-478136316e840"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 2407

GET
H2 200 air_rank.gif
airw.net/img/kabu/img/2/ 2 KB
2 KB 827ms
275ms Image
image/gif 183.90.237.33
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airw.net/img/kabu/img/2/air_rank.gif
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.237.33 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv7192.xserver.jp
Software: nginx /
Resource Hash: 46547a0dc2558600be24ee13a75bd1d389c39c1ec94a3f4f94ac7353541d133e

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
last-modified: Thu, 01 Apr 2010 02:12:20 GMT
server: nginx
etag: "8b2-48323647f4900"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2226
expires: Fri, 26 Feb 2021 13:23:25 GMT

GET
H2 200 cropped-timg-5-300x75.jpg
mkoghzd.xyz/wp-content/uploads/2019/06/ 11 KB
11 KB 257ms
256ms Image
image/jpeg 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mkoghzd.xyz/wp-content/uploads/2019/06/cropped-timg-5-300x75.jpg
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: c536d43b70d61eb900141be6cafaaf2b1956c76b32b25ab3617e5e4a6737268e

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
last-modified: Sun, 30 Jun 2019 03:35:17 GMT
server: nginx
etag: "5d182df5-2bf2"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11250
expires: Sun, 21 Mar 2021 13:23:24 GMT

GET
H2 200 timg-1-150x150.jpg
mkoghzd.xyz/wp-content/uploads/2019/06/ 7 KB
7 KB 259ms
258ms Image
image/jpeg 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mkoghzd.xyz/wp-content/uploads/2019/06/timg-1-150x150.jpg
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: 78e393d62ed44ea291fff2a29f94b13322fcc7c6cce6c34ffbece7ec475ed3a7

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
last-modified: Sun, 30 Jun 2019 03:14:42 GMT
server: nginx
etag: "5d182922-1b6e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7022
expires: Sun, 21 Mar 2021 13:23:24 GMT

GET z_stat.php
s4.cnzz.com/ 0
0

GET
H2 200 jquery.slicknav.js Show response
mkoghzd.xyz/wp-content/themes/teller/js/ 20 KB
5 KB 256ms
255ms Script
application/javascript 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/js/jquery.slicknav.js?ver=1420757342
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: d78af317c5d91360b382395f1e2dd0319d48281820f7c616115ed21da095ba51

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
last-modified: Tue, 06 Mar 2018 14:47:58 GMT
server: nginx
etag: W/"5a9eaa1e-51ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 skip-link-focus-fix.js Show response
mkoghzd.xyz/wp-content/themes/teller/js/ 880 B
1 KB 256ms
254ms Script
application/javascript 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: 4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
last-modified: Tue, 06 Mar 2018 14:47:58 GMT
server: nginx
etag: "5a9eaa1e-370"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 880
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H2 200 comment-reply.min.js Show response
mkoghzd.xyz/wp-includes/js/ 757 B
938 B 256ms
255ms Script
application/javascript 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-includes/js/comment-reply.min.js?ver=4.3.25
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
last-modified: Fri, 15 Nov 2013 04:42:09 GMT
server: nginx
etag: "5285a621-2f5"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 757
expires: Sat, 20 Feb 2021 01:23:24 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 64ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4334598359974777&plah=mkoghzd.xyz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87061
x-xss-protection: 0
server: cafe
etag: 9039926254773515089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 13:23:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame D078 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Feb 2021 16:31:41 GMT
expires: Thu, 04 Mar 2021 16:31:41 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 75103
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 search-icon.png
mkoghzd.xyz/wp-content/themes/teller/images/ 1 KB
1 KB 255ms
255ms Image
image/png 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/images/search-icon.png
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/wp-content/themes/teller/style.css?ver=4.3.25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: 00691ea3935d37728cf216e29720e8e4ea81a3d24727062785ecc70283414aa5

Request headers

Referer: https://mkoghzd.xyz/wp-content/themes/teller/style.css?ver=4.3.25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
last-modified: Tue, 06 Mar 2018 14:47:58 GMT
server: nginx
etag: "5a9eaa1e-4c9"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1225
expires: Sun, 21 Mar 2021 13:23:25 GMT

GET
H2 200 fontawesome-webfont.woff2
mkoghzd.xyz/wp-content/themes/teller/fonts/ 55 KB
56 KB 258ms
258ms Font
font/woff2 45.32.60.83
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mkoghzd.xyz/wp-content/themes/teller/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/wp-content/themes/teller/css/font-awesome.css?ver=4.3.25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.60.83.vultr.com
Software: nginx /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://mkoghzd.xyz
Referer: https://mkoghzd.xyz/wp-content/themes/teller/css/font-awesome.css?ver=4.3.25
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
last-modified: Tue, 06 Mar 2018 14:47:58 GMT
server: nginx
accept-ranges: bytes
etag: "5a9eaa1e-ddcc"
content-length: 56780
content-type: font/woff2

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 109ms
56ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mkoghzd.xyz&callback=_gfp_s_&client=ca-pub-4334598359974777

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4334598359974777&plah=mkoghzd.xyz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a298a18616173be064d6c0ed93da22cbf5f24adef8e2868f72a9e1dbfc68fef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
317 B 28ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mkoghzd.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mkoghzd.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EEE 6 KB
1 KB 67ms
67ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&adk=1812271804&adf=3025194257&lmt=1613741005&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613741004280&bpp=477&bdt=49&idt=721&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=810153767010&frm=20&pv=2&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=741

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8df8e45d17a1be5d401772929a421398f7cb7d2991123bdbe0069f274a62f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4334598359974777&output=html&adk=1812271804&adf=3025194257&lmt=1613741005&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613741004280&bpp=477&bdt=49&idt=721&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=810153767010&frm=20&pv=2&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=741
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 13:23:25 GMT
server: cafe
content-length: 795
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:38:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 13:23:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565174175677"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C1F 69 KB
22 KB 285ms
285ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53846c7977d3e0b84b09cb8d5ad00dc72f2aeca1e571cead8afd02da3cdf5c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 13:23:25 GMT
server: cafe
content-length: 22988
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:38:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 13:23:25 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B233 51 KB
13 KB 189ms
189ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f28db7a271d32d152deb794059743c93e9bc835e88f5bc0bcec65466204d94dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 13:23:25 GMT
server: cafe
content-length: 13493
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:38:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 13:23:25 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 892C 15 KB
7 KB 305ms
305ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

916bc5e20412b6ac3436b53e5747a3760510076e64984a3cd13a44d6bd5ee056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 13:23:25 GMT
server: cafe
content-length: 7344
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:38:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 13:23:25 GMT
cache-control: private

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame B233 18 KB
8 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:55:31 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B233 8 KB
1 KB 44ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 13:13:31 GMT
server: ESF
date: Fri, 19 Feb 2021 13:23:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/ Frame B233 14 KB
3 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39163
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 20:10:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 02:30:42 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/ Frame B233 358 KB
125 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b29b371fe6f76fce7a682c0ca2ff6e1138d2ca192bb188766fcf7aa564bcd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 03:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34495
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127892
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 20:10:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 03:48:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame B233 14 KB
6 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:48:30 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B233 0
331 B 740ms
252ms Other
image/gif 2800:3f0:4002:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~klcbq8sk&c=1194716834540&slotId=597358417270&qqid=COHC99qF9u4CFdpMFQgdFzsKgQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408%2C447279544&nsei=44714510%2C75259405&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4002:808::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B233 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 334680
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:25:25 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B233 11 KB
11 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 32266
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B233 0
88 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CdzSYzbsvYKGoBNqZ1fAPl_aoiAjzwqyjYZaOh-b_DM3G_d8FEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE2QFP0EgXcfT2xF2hzg701oxghMkDvVm_JMY9eYCSjOFydVXtJxo_5YGuiTu4JwVIg9ZAHPk3zkpN8KICvTeqDs2pdv0PdDzeGCkahvjaaa4BEyhn8Dol5SD-SUcl2slQXZaA17zXMk2JDYrWFrIttUuDhZTddQnMPWmI6k9oJYTq0i01-x2lHxwnDTNLEXedV1sALd_JpsRIp8ZI_tBJbx7opKVtiGxizQd2NtUdB9ZgiDzpeb3m6aw856cJGEq6XfIQQtxDc0v8685VXZco5FnOtMy4UkBNCoJxwATBwN_7vgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&eventType=clickstring&clientTime=1613741005326&ai=CdzSYzbsvYKGoBNqZ1fAPl_aoiAjzwqyjYZaOh-b_DM3G_d8FEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE2QFP0EgXcfT2xF2hzg701oxghMkDvVm_JMY9eYCSjOFydVXtJxo_5YGuiTu4JwVIg9ZAHPk3zkpN8KICvTeqDs2pdv0PdDzeGCkahvjaaa4BEyhn8Dol5SD-SUcl2slQXZaA17zXMk2JDYrWFrIttUuDhZTddQnMPWmI6k9oJYTq0i01-x2lHxwnDTNLEXedV1sALd_JpsRIp8ZI_tBJbx7opKVtiGxizQd2NtUdB9ZgiDzpeb3m6aw856cJGEq6XfIQQtxDc0v8685VXZco5FnOtMy4UkBNCoJxwATBwN_7vgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B233 26 KB
13 KB 104ms
57ms XHR
text/xml 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ByClbJwWguP8toUglPXKLS46RpU6vPHuEDMTp_uSOQoc23nnqMo-idkyXKRVLtnbNvzbMz2TzxPZVoUHpX7jeNfjxrgg&cry=1&dbm_d=AKAmf-Dz_8HzMj6XqgqZagAGXqutuUdYE69ayq6Nbna_3fM1pA52J0JjV103OhTvvTDwLAUt8ntTit0D1Qgmvr_FFQ6k5Lkd21CfQNpsr7WmuGC6epgAAs1sevVchgjeLejCiOdF3FOLPgmd09juVALmldwUuZ0LqzskV94Hw-CcrrMiX8-gBC4niMwCLNxHN_fOXfipE2ybhca9kC79ZE5wz5__sjb1KjuV2WtSuYGzmm-mAjzVbFOrn7ahO1togLbWTAgJRlaVX8DFN8XfaiouZnmJ0kScPZZLBJE6PSBJkajAiSctfVP-snQaMi0kKRvyqMcfHMdRMIk_WcVbyQUF8lk7B2_VqgmdUHQ7rqgBIHXXRV1BE8gxCSeEq3LQ4ih_0M6RpZrtvnvlKB89A1GASk7lBpR7dPlMSHlHz3cn1OnD1i7lWo3yjROak_6e9AqItw6TVyagz1fnUOkzFymX8IgZIZ1fLZwc7Tvgl71XhCaEyhEVBcvNNskUeexVexCMeTqDQXSceyvps3ZzjPA6A3xObflGdEZaxA4XXjNny8ca_BLOxhZcKVvFcwX6LRbmByv6BepSRTZfdj2GH2wj1W_cfincf_ooq5GGSBvJ9Ao02tZQMh8E1hKLW4gq2X0F0Sq_rKoR3kaWZdU2wg3mRgTjsxOnRc89ynQI5xmLHhWJzzTnk_rr_BEi8NGmy_j79zAPdq2mnSz9Q-ONzqmPziVSq2yrkacahT5liPNlXVEZTyIbGWdFMqcw8A4ry-uszYV7-hHFfUEmIMzh6i11n8B7ffleJxumfqH3PyrNo5kVw_1NRq-rcblj1HlJhir9dX5_aEf3TnvnuVAzzGe_qcRg6t8V05nHRmEawKM32Tus40SLsH0_53bSkD8FVbiCO0mT1tGQiik1oBtXb5k9X8urmS2i0zPRCa-W19WuY2KKmJ4ddJxXQNUwYymdNFsN3zmoCo5EqDBCTchlPAHNkeFjdD5q23j5s7ZXF1TStzbOYKySmgqJWdAwQZtUVlFDa-nnszyJGvpdLx5ceRMBabOJZqwqAk1l6GG6mX-TKACGhNr_VvVMu3vs2Ei2c5RrtY969W8VKVP0NwO5WCWNgEIX8PMIYVDTNcaVcw2k96wJLP00h268Ruffc9LLvg99L7U-rFVd-55HFwW-RXSS8PkmhyFGkQIoEr22HgXQdU_wHOYamHNxouqq7pWuag1axUun2e9KhYWIJ44go5jIwV7KztLCxVv2Qbxn_GdyS0tYZ5X64S-1c1he2PsLIE60Y-xTk3FHEYyUvb_FD19V0oCpMuGrMJ040mmIomyGtBL5AX9osr17ifxIMWVOPXlZarOWoCoJ-kfD4c_nkfny0zmxwOE4FL7SR5hPXSfmgFPqhj8A-B6-wL0SP4HGXSz07mT0z8Ljf8PqRzTYy6y5OFqZ98FQoe-YVGUZTa72f5X5l83J7jdZdDF51O56captuC-JZKPHflQzYhUtpdgnpQ24mJpgFZ6AWPVL3R-Y3LOlLdDDFG_9iLlnxjg6CNMSjjCajRCjd1Q7honAFlD3gpANjUNltIW-kgaa0cqbfxsVtBb9EoL19aDxukXDAahLedK63l8VGMf7OMS7dylO3XEkkuNyBUhqUknLaoKoLzV6-0roiXtLyliazzDqNRmVXePI-4KLkvT_SUPsqZ5mPDCZlEv8unxcy6ADpiadPmM_3tDZKwKkikNdwBpcVDlYE-egi4rsYVfByRU2MtPTEAdp4lCRUBfKqFEHyJLcCkqFSwmhgAGZlC7ta_zZItx28HaQ7dCTb4dtnfAwoBb9uVpnSUzStgumxogSm3SksL3cNmMWBZXPBqHyIF5W4UqvwiEIUt22K0os_iV_wNB_HLEPyqgbdKVO4lWVyJCjtkko-WqkL7T7x3SL3Inqzm9YvgV_EaEaffimo73Aoyq8Qp3E97i47NCkkcyhWkuNXtwy0iR9ta1OaACBnaLKxV4kuizzY-AIkF80OgN2FqPt4eXThH_RCFs40ZiYNf4jTcT1tPXVakLgsmdIaJ3mFdn2iwdpHjAMNcAnM9FUcDvzuplyA4uG0cA-471ShI_f62AzMqs77rwn12bOZCZMw1NSsU31_DfSJ2FIdziWb6-ttkN059qvqA8QDY0yQP3kQE8w4z6MXhgIIONBXgBb1tndtAHRzNH9k-NAJT_lAkC8tsaPfPQ3zt62UkuQHW1hm0v_eMg4ZM2tulnQjyF9uCNxHcFGj3h-XWKUx6yRZ1c09dm9texAmnlRvpWlARFCg6_wP2s8vqEiI_yeZ_qmP6nxxctWfWiP325lail6-qzqHscEHJSlU0M6H5BLEiDJIpOQjcOnL9Zlg87TaXfpP8-KVtgeez4C0XfO8RhPg0_no6MZtyh1L9giTHq9r0Lt1OsScY2SRTdYBP2c7aiW9YaaaI6KE5jKrOZ2JRL8CmYYnF1kybvw_agV4UTSj3grwwf-lMViyzyIcYuyTKjcZXxP_WKBW4-pkGf2zEgDFOvqzSS7tN8jfeAO1U159eOwunlqTlIHndficEUZ9BtN05lx50wZEwcHn9MQgvefd9djGZvnu_jNUv_IwTy2ciAQIiwCZQzLwJ9H-AnrAa9HbxRG3mzMKChf3b4PbYjj-z3iFbliEextuLDGLJsxyMeEaeThhDLr_dxcYLIsBX0S2FQ01L3Quc8OP8za4RvqQIAxXMWIxJgcvEKMpBi9OC4Fs61dWXwxn6z2hLtFrX8rrbJiDdOqNDBwp3uDC5_b2q57Qf4A1EwcJmYpRtSB9yXAkf06o4FQcngkYbBtvphfI2dGjhuJ6b8t2NwQUqGn8UrMBCKNKbVDfW0EPm-Si9FKlVdP2JEDmPGR0ZYTym3CmK5CkDuCJcp2yZaQgJnSuxAI-aaOcDnVFm4Jqn6inEy3lxJBvY4XpzgYrelQEQ-zcjkTGkbSFd9zLmOp9O3Hh9mutYkl5I83EfuJh7KzbKtO-wFHBdVN01wM22TCGdEBMCbjJMkq62gZBxE_X3MxLM2blv1UbdJ-zHSC6TFFG3rrpBbokBJZWItEbgKI86ONPX__17TddJXRckTyoc3VHuUuXhwTzc0FGEIWcXCqvM_xiKk2f5hsoXuY8zjEt9wIesjEX9d6RTniJuSVmn50AUnQwlQUaOxeIRHEYlO2t_WblkqCizEY193ZxStAb3kZSV1xNDhJxGDPbyiFY9NDyfrUxtbhbFRCGcyPaU3LeX197RGuVjffyus6JGqueDdUZHZxGDqEvQFKsjbWEw6rGhHD5nDVqQqgCg&cid=CAASBORoCnw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c010e7c28a5bd7a5a60ba2e97a90229c3f9953fe2e8827aa9eee4ce7e07ea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12020
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B233 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqBHezbsvYKGoBNqZ1fAPl_aoiAjzwqyjYZaOh-b_DM3G_d8FEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE1gFP0EgXcfT2xF2hzg701oxghMkDvVm_JMY9eYCSjOFydVXtJxo_5YGuiTu4JwVIg9ZAHPk3zkpN8KICvTeqDs2pdv0PdDzeGCkahvjaaa4BEyhn8Dol5SD-SUcl2slQXZaA17zXMk2JDYrWFrIttUuDhZTddQnMPWmI6k9oJYTq0i01-x2lHxwnDTNLEXedV1sALd_JpsRIp8ZI_tBJbx7opKVtiGxizQd2NtUdB9ZgiDzpeb3m6aw856dRGYBfzjBg0AGRjA4oFNPA1bO3bGtNE_473WdVwATBwN_7vgPgBAOIBZnh3cotkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeop9hrqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwkQ9FIYs6qSmgHSCAkIgOGAEBABGB-ACgHICwGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAGyFxoKGAgAEhRwdWItNDMzNDU5ODM1OTk3NDc3Nw&sigh=e0VDh5tyASw&cid=CAQSGwCNIrLMcf3VisC4TSO23axyIPoWorhTJxP5UQ&vt=10

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 13:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
DATA 200
OK truncated
/ Frame B233 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccb506c25fa20f53d4283003e7b33ca6e64aea32c419684bdb7d20a3ec2f7266

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3C1F 3 KB
607 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 13:10:59 GMT
server: ESF
date: Fri, 19 Feb 2021 13:23:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3C1F 2 KB
992 B 35ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:32:25 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 3C1F 18 KB
7 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:28:57 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3C1F 3 KB
2 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:33:32 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C1F 107 KB
33 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3C1F 14 KB
6 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:33:58 GMT

GET
H2 200 fa9f376fb382443f5f015f3a0c3dfed2.js Show response
www.gstatic.com/mysidia/ Frame 3C1F 25 KB
11 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa9f376fb382443f5f015f3a0c3dfed2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 19:50:48 GMT
server: sffe
age: 72609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10802
x-xss-protection: 0
expires: Wed, 19 May 2021 17:13:16 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E850 510 B
400 B 20ms
19ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 19 Feb 2021 13:23:25 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUllCEnCpFyIHDSeIxY-YGeFZuMEcJo3V5Z_22j_nPlogovHz9qQ86w4CCPE; expires=Wed, 16-Mar-2022 13:23:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 83B1 52 KB
21 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEV6to8FBDTI5U-vaAv4nd20SStYCxjLKWuNHsG48SO3Nd7HMmaJH-5A4sbZYs1QD-JfYqQrSt74tzint8zWHIN7rOfcw0juWecQuk7Se3-Af4Jv93CfJRlhHHWRZiP0Pi87DNf-sHhYoWSAlk0zV01s9ArA&dbm_d=AKAmf-DQEPlrYcF7G-b3F1jwZFX8UsTCmbdWOTsLPw19Cv1U2v75amWNSIECbrRfyb6ojItoKTDf92YEtXZUuW1c5GrNX5gqP2j44xeY0XSpwzqEMOtzDsW7A6U-hlNZxSZQbzImtF_PSa9z7P5YBOpFZwQ2bOcPyAGRHFBlLNyit2blm2NoZCzq0G5EdUVcEhOR1lxAx_9rOkiUjC-hrwvtpQOJvjXWuIAg4g96jNqQAJuCdIpIaIp-lLdOt12HK86BwUuO4iMU35-I63nyGuDofQSR9k381GdwhVksqyoj5nhhd5EfCXdydigJSJjKujf5ho0yjpV0_evC74-4_TAuCXmAl1N_d4Ux0nLSBKYhAo1lU-xJ1x75Ckct_CRPXDCCZG0QlixvXZ6no9Huy2KeoueM1ZTfEJPF7SOh23UctujYemKVDMYdsdDTlwtFIon_xcDVm0VIcuPzVbOgPp46xgRePeRa0oDEKmdiep0dVIIbB4UbP5ij3tThJ2W_dqkx2GokrrXFk2Yd9lRwomrvXcCBZ8n5eUqgL92HiJWYLAtQZ2yHi1EqsquFA-8MmtRwRm5TMa8AC3fh7D4nPxjtIeMuSfrrd1RKEOw3btuqVZXzqVGQ3t87u2TxXdGXc9ZV73My4-KQ1toAxEBK9oR2v1PDOPzw9rhNgrtZdNUSvqIsky-ZM8KnVoUlwdTvZd4iuNn4oNXUvIqdSvZPKfr2WR2Mf2BVxJPWE00PSm0PkN-xFWtqJmx0LxnKqr2ctKBch4UlByJ7ImXn2TPmbcYeoZUHFQ2YlFZHtzQsS9viHG-8EB4GyIUS8lK-kZuJNnc_YaJd7N-emnwbOFKBKQbDP0HK9Oxu6tpL2rMjxjW03T9lTYUJR_aMKdLmIegL07pLon6KkpiKfTRsawQicFtC-AOVQ_r1_73Z2pvHvZnK7VH8JKmRQLd4btnXjTf0jcbY8lE9z1bJ2gocSz0H92FHvEdNvOA3WKVAvhQMgmod-fb7_XmLSux8HGMfZv1LlKKOpdwwoGo_JZBQcOtB1ZXdCwKuOHGzyWWQ9_l-HKtN__7QdXSq6v6O3eRYRNefzX9l7fRByEDmPxWrFH844-fMFUJaIEDAGUPhftu6Y_UzL9dEvjio9ryOP38nVe1smPLIW_W8IoZFN5Mq3JQiyUQN6ILsKstW-q8PS-Y7gMTc5InEVmsvXES0eN-Po2t6rsUTrL7pzzIfQGjmxVZo1c0tYsJfKZIReICu5pZfrNsuG0NwLH2lz68czNzvFIHm5SFYup6HepPlESp4wsChplML0aJAyNKtAtZxp9aHRxSUCPG3911CVhBViBXCDl2tkGQdbpgoXn3pI-gjJOvwpTQXNjUpgbGYx7Dy3S-KqlwrjHg87mLDE_bgGZY6hPDUrNVDo7tBzL5zqG2Mcya-s6-Njyze7ocMup6UDu9uyuYIqcFXxHN_KhjWTyc2zKW3uXJ7uI3ykhFpss7yWzwhUJYtO-XCKEMKVP5qo1kLH2PJF7mBo_OJ-azHf0zS0kiFaifZnih6cyd19MC1Ov9jWz567cjj5mxzkgVt-liP111LPmpyaFiPeroonB-bHDwd9BpXWLT0e92vh7KCJJL8y6j1hFEyqltJWX8Zt1aFmcZQoVcXbA5eM4jabgdMqUOtN77dm1wATSOM9Iw8W3y8xsY-JmjXOChHYWrSTq4FrRB9zf8twBVrJh72xlEMa-JsRWKMwEpE7vxxnnhzlWT7MXdqwI1ALqs4Pj6Ovwh68Rly_BpE42nh5TKJaOiLhlBpnS35KRynVN4oAADzOVZXE4f86kfSIslZmxcrcuWpEgKBVa4QwrTsTkRIfX3ynHREtcc8oY3Wh73ZDbV1zrJZyuqNDEgA2o80rkwxWUvSkf4Fj-3N5xPn2TPn5sQpzJosej7zeyWWxfxcYsCwZIaaeZ8g23OnrZcITfCU77SAnHILl9Ll_ckcYLCAIyxQzzrxaxr8EjLGXm8seq0yPgdnA8HYewuPHYDR1Ls5-SbxM5-WZkUgB1_K1GiBDCWr8y4rIf7siB1U2EmG0jjkZrApDPbCL7g3Rwg5KGiX6NBaMmG99hpr5UTyLVpR57M99x9huxYjo7CPOaQBVcPHcToQXFGv_bwnyLVmcSLEwkKtN49qW_WaCz3w2GUZpP5eYhnyMvwn8G9b8ubWjBaRHE2wfJviFX6VtRwIVQdl2upWkHY6vU2muAyaQH4uooHrJUfVVvmf6lJCXQwks_PyRNFAtl0HuIUg_4rVIh5eA2ZBINvGpNxklqG7SLcJhgYmlTfsHRDjZvPCxZnHO-y4MTaJ0b1iSxchew5aoloBeYZCP5Ebmvumuz5PcD5m2rJyOjqjm_OYyhKR1E5Ddfza9lb1rIGcwk4MypS9XCfZPv6DiNMnMdu9IGrTPcGH2oUaBwYun4rsFleIyw6kYNwExURt0kCx01y7IUdTAuMypHra2kt09btV38bsXAZu6rFNvCJwIwgjj40OPB2zxRJz5MnWDjwrAsw2qFAjTxRhqT88XnZfgYP8RzumgyZcpo6a_TpfkxbWvOhLOcQP-XqBR9V7d4jih8MHr9cat1uCHE_YB7OSy_kj4DSA49ff-0joVoI-fNM_evYO84A69RXpo5_a98Bkgs7FK1a8plzgsdtNYQcUGr3m9zY58lhxEPdhWzHCleSuz6Vo3sf4KVKHCRnVLkiHwluiiE8pebZuaCtjNyYutqi8WaDwyruG4cGN74IrOBMCyxLy-Etmh-FMNt0H1HCJb1KkM8JfE_LHcf8fhLZIE80kHAHO9JpsWmTg-LIt9Y_ot6tLQXCy6RXSIpdQE2ryAwGrL28Z_HfSGx_u_BreJV8rozBhEi_6wmdPRZgco2rFAmvUFo7x1McEB7dTx-PcsbLoog3C-w&cid=CAASBORoKio

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2027fcccfb252ec011d2e4f6d66cb26e633769657f512d0c587e92aedd4999de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 21649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 83B1 3 KB
2 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:33:32 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83B1 107 KB
33 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 83B1 14 KB
6 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 12:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 12:33:58 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83B1 42 B
68 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAnUDQespgsw7VvScFoS0s6PWpwyyhixaIsSRNouSMxO23QUgk5iFijdSm5lZ1cGFEhcUIylgMMBaqOsESd6ghKX9H_CI7atR0N6b4Fbu3byTfloU

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3C1F 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CisXnzbsvYLbwA6WQ1fAPmOuP-AjYgZmkYbrbxtmkDentjeGVGxABIOXprGNglYq4gsgHoAHXncb4AsgBCagDAcgDywSqBNEBT9DTqLZ8vvjrXhTNRUb9sIGjzzDcxIrg1V4m6fi5aM-bT_loLryHxxp6YR3G74_nNyJQonM2ldnXf2Q2mF42Th9QcWgAYfLxwPb_pbEPQW-TpjP--OvjxumoiiFZeMjdmEQknkOEkL83TUt0KhhYoEF1ffasnSqEdMGEcqVlwGm3f7gRz1AY1mgoajfDJENfhpVLIsGMyNXtlRW3YnuqZeiMPC00TteRwfM298QLw15fvEhNOFeG0uLBCbUQtv-G7q1Q4BtrPC7GX4DAo3aQOcXABOe1-KmuA5IFBAgEGAGSBQQIBRgEoAYugAeR4rmHAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDGnwHSCAkIgOGAEBABGB-ACgHICwHYEw2IFAGyFxoKGAgAEhRwdWItNDMzNDU5ODM1OTk3NDc3Nw&sigh=_O2-n7Hi16Y&template_id=5000&tpd=AGWhJmusBANVfXFWMoWcbRPLLBK9S2N5koz8IbU2rcv08t0gHQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 13:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 13:23:25 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7257969888972378805/ Frame 3C1F 37 KB
37 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7257969888972378805/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbfa520b9c2d5ebed4312fc453b939276b4664e036c53d0f1f8af455ae56dc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:52:06 GMT
x-content-type-options: nosniff
age: 16279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37836
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 14:10:13 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 08:52:06 GMT

GET
DATA 200
OK truncated
/ Frame 3C1F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 83B1 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7816
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Feb 2021 11:13:09 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/ Frame 83B1 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEV6to8FBDTI5U-vaAv4nd20SStYCxjLKWuNHsG48SO3Nd7HMmaJH-5A4sbZYs1QD-JfYqQrSt74tzint8zWHIN7rOfcw0juWecQuk7Se3-Af4Jv93CfJRlhHHWRZiP0Pi87DNf-sHhYoWSAlk0zV01s9ArA&dbm_d=AKAmf-DQEPlrYcF7G-b3F1jwZFX8UsTCmbdWOTsLPw19Cv1U2v75amWNSIECbrRfyb6ojItoKTDf92YEtXZUuW1c5GrNX5gqP2j44xeY0XSpwzqEMOtzDsW7A6U-hlNZxSZQbzImtF_PSa9z7P5YBOpFZwQ2bOcPyAGRHFBlLNyit2blm2NoZCzq0G5EdUVcEhOR1lxAx_9rOkiUjC-hrwvtpQOJvjXWuIAg4g96jNqQAJuCdIpIaIp-lLdOt12HK86BwUuO4iMU35-I63nyGuDofQSR9k381GdwhVksqyoj5nhhd5EfCXdydigJSJjKujf5ho0yjpV0_evC74-4_TAuCXmAl1N_d4Ux0nLSBKYhAo1lU-xJ1x75Ckct_CRPXDCCZG0QlixvXZ6no9Huy2KeoueM1ZTfEJPF7SOh23UctujYemKVDMYdsdDTlwtFIon_xcDVm0VIcuPzVbOgPp46xgRePeRa0oDEKmdiep0dVIIbB4UbP5ij3tThJ2W_dqkx2GokrrXFk2Yd9lRwomrvXcCBZ8n5eUqgL92HiJWYLAtQZ2yHi1EqsquFA-8MmtRwRm5TMa8AC3fh7D4nPxjtIeMuSfrrd1RKEOw3btuqVZXzqVGQ3t87u2TxXdGXc9ZV73My4-KQ1toAxEBK9oR2v1PDOPzw9rhNgrtZdNUSvqIsky-ZM8KnVoUlwdTvZd4iuNn4oNXUvIqdSvZPKfr2WR2Mf2BVxJPWE00PSm0PkN-xFWtqJmx0LxnKqr2ctKBch4UlByJ7ImXn2TPmbcYeoZUHFQ2YlFZHtzQsS9viHG-8EB4GyIUS8lK-kZuJNnc_YaJd7N-emnwbOFKBKQbDP0HK9Oxu6tpL2rMjxjW03T9lTYUJR_aMKdLmIegL07pLon6KkpiKfTRsawQicFtC-AOVQ_r1_73Z2pvHvZnK7VH8JKmRQLd4btnXjTf0jcbY8lE9z1bJ2gocSz0H92FHvEdNvOA3WKVAvhQMgmod-fb7_XmLSux8HGMfZv1LlKKOpdwwoGo_JZBQcOtB1ZXdCwKuOHGzyWWQ9_l-HKtN__7QdXSq6v6O3eRYRNefzX9l7fRByEDmPxWrFH844-fMFUJaIEDAGUPhftu6Y_UzL9dEvjio9ryOP38nVe1smPLIW_W8IoZFN5Mq3JQiyUQN6ILsKstW-q8PS-Y7gMTc5InEVmsvXES0eN-Po2t6rsUTrL7pzzIfQGjmxVZo1c0tYsJfKZIReICu5pZfrNsuG0NwLH2lz68czNzvFIHm5SFYup6HepPlESp4wsChplML0aJAyNKtAtZxp9aHRxSUCPG3911CVhBViBXCDl2tkGQdbpgoXn3pI-gjJOvwpTQXNjUpgbGYx7Dy3S-KqlwrjHg87mLDE_bgGZY6hPDUrNVDo7tBzL5zqG2Mcya-s6-Njyze7ocMup6UDu9uyuYIqcFXxHN_KhjWTyc2zKW3uXJ7uI3ykhFpss7yWzwhUJYtO-XCKEMKVP5qo1kLH2PJF7mBo_OJ-azHf0zS0kiFaifZnih6cyd19MC1Ov9jWz567cjj5mxzkgVt-liP111LPmpyaFiPeroonB-bHDwd9BpXWLT0e92vh7KCJJL8y6j1hFEyqltJWX8Zt1aFmcZQoVcXbA5eM4jabgdMqUOtN77dm1wATSOM9Iw8W3y8xsY-JmjXOChHYWrSTq4FrRB9zf8twBVrJh72xlEMa-JsRWKMwEpE7vxxnnhzlWT7MXdqwI1ALqs4Pj6Ovwh68Rly_BpE42nh5TKJaOiLhlBpnS35KRynVN4oAADzOVZXE4f86kfSIslZmxcrcuWpEgKBVa4QwrTsTkRIfX3ynHREtcc8oY3Wh73ZDbV1zrJZyuqNDEgA2o80rkwxWUvSkf4Fj-3N5xPn2TPn5sQpzJosej7zeyWWxfxcYsCwZIaaeZ8g23OnrZcITfCU77SAnHILl9Ll_ckcYLCAIyxQzzrxaxr8EjLGXm8seq0yPgdnA8HYewuPHYDR1Ls5-SbxM5-WZkUgB1_K1GiBDCWr8y4rIf7siB1U2EmG0jjkZrApDPbCL7g3Rwg5KGiX6NBaMmG99hpr5UTyLVpR57M99x9huxYjo7CPOaQBVcPHcToQXFGv_bwnyLVmcSLEwkKtN49qW_WaCz3w2GUZpP5eYhnyMvwn8G9b8ubWjBaRHE2wfJviFX6VtRwIVQdl2upWkHY6vU2muAyaQH4uooHrJUfVVvmf6lJCXQwks_PyRNFAtl0HuIUg_4rVIh5eA2ZBINvGpNxklqG7SLcJhgYmlTfsHRDjZvPCxZnHO-y4MTaJ0b1iSxchew5aoloBeYZCP5Ebmvumuz5PcD5m2rJyOjqjm_OYyhKR1E5Ddfza9lb1rIGcwk4MypS9XCfZPv6DiNMnMdu9IGrTPcGH2oUaBwYun4rsFleIyw6kYNwExURt0kCx01y7IUdTAuMypHra2kt09btV38bsXAZu6rFNvCJwIwgjj40OPB2zxRJz5MnWDjwrAsw2qFAjTxRhqT88XnZfgYP8RzumgyZcpo6a_TpfkxbWvOhLOcQP-XqBR9V7d4jih8MHr9cat1uCHE_YB7OSy_kj4DSA49ff-0joVoI-fNM_evYO84A69RXpo5_a98Bkgs7FK1a8plzgsdtNYQcUGr3m9zY58lhxEPdhWzHCleSuz6Vo3sf4KVKHCRnVLkiHwluiiE8pebZuaCtjNyYutqi8WaDwyruG4cGN74IrOBMCyxLy-Etmh-FMNt0H1HCJb1KkM8JfE_LHcf8fhLZIE80kHAHO9JpsWmTg-LIt9Y_ot6tLQXCy6RXSIpdQE2ryAwGrL28Z_HfSGx_u_BreJV8rozBhEi_6wmdPRZgco2rFAmvUFo7x1McEB7dTx-PcsbLoog3C-w&cid=CAASBORoKio

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02a94215980e0a9b1534964bf8c1fe26b45710405f9e0c9ebfab99ee961bf84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 15787534883320419827
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 13:04:40 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 83B1 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8953
x-xss-protection: 0
server: cafe
etag: 10862945726693812791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 13:12:20 GMT

GET
DATA 200
OK truncated
/ Frame 3C1F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63c7d2c86efe633a9c57c690098698582b86d5b1884275ab714b0bd05fd2927f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B233 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 23:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136308
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 23:31:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5e6nez.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B233
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5e6nez.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

33ms
6ms

Fetch
video/mp4

2a00:1450:4001:29::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6nez.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3BC6EDC6DDA24E200570FB3B91FDA32D8E69ABA3.19AA87BC56157A492639CA5362F7DC25163EF9BF/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nez/ms/onc/mt/1613740824/mv/m/mvi/2/pl/41/file/file.mp4

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:29::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 13:23:25 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1171849
Last-Modified: Wed, 23 Dec 2020 17:38:57 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 19 Feb 2021 13:23:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
server: ClientMapServer
access-control-allow-origin: https://googleads.g.doubleclick.net
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5e6nez.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3BC6EDC6DDA24E200570FB3B91FDA32D8E69ABA3.19AA87BC56157A492639CA5362F7DC25163EF9BF/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nez/ms/onc/mt/1613740824/mv/m/mvi/2/pl/41/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3C1F 14 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:19:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 115411
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Fri, 18 Feb 2022 05:19:54 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3C1F 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 88004
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Fri, 18 Feb 2022 12:56:41 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E850 170 B
752 B 87ms
32ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E850
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1

43 B
1014 B

30ms
29ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 13:23:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Feb 2021 13:23:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E850
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YC.7za.9hotmt.eb6th1VgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1&google_hm=2

43 B
894 B

34ms
34ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYqueGlgEwAQ&v=APEucNXeqTXXKL9jFBzYVYNfFW2W9gl86ELysJGjZCv2LbdQl2H72KrJwiUCjPA32930-2TVGidmkO0_Tcd-DQDQNUycYFos4DKOa0f0H_DyoKHPhciEsMd-LDSMu56FL7D9VieD5DxotPbiibluNRJWJ-qu5GfHGKShSEsoFApT6riPUouSYBwp6zrZ_fakHDWl1kszCYA6eMLn-NVw3qWZzXJJcF3kPA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 13:23:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Feb 2021 13:23:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo7jAYykQwSnW21Jd0YB6Y&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 83B1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72652
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:12:33 GMT

GET
DATA 200
OK truncated
/ Frame 83B1 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ad09c09063c858b44add5dba6de5429baab5f28a236bf9410c87f520d6940f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame D420 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 106165
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:54:00 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/8006781/1605552983974/ Frame 205F 168 KB
23 KB 34ms
21ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8006781/1605552983974/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172bfd5921a11de0775ffe8301cae959f6a3ee034dad890e5e208912d956f763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8006781/1605552983974/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 23204
date: Fri, 19 Feb 2021 05:36:19 GMT
expires: Sat, 20 Feb 2021 05:36:19 GMT
last-modified: Mon, 16 Nov 2020 18:56:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 28026
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83B1 0
730 B 118ms
65ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPE2W7PNb2tE9vcidkLBX5aPXhjN94sVp86J0A6G7rlNpfQYHE19EDhaYu7jKtXppdLBwEHukfgfBsiByueTuL8EhwNvGb7fT-3hC45LZ_bkNex2SQvwErRV4P12n0P7dCpnkNFyXi81qJeyWhGk4dPjsbkBp5SuQ6Vadhlqk7Ij0q_1X57pyzN5NHTTZmAQKNSoOb8ztNAmy5wOnn3wHHi4jyRF1onS3kDQJrvqPSh7W5u0f1XNrGQ6NXG9Mq3Xb4_pdxrXasQ5WjMuhAzawhDk0gAjRrs9TLk-LvAB8QAKpx1Zcmyhw4t2hLDfeSU1fe7E60P4JgkpdJ0uKMCyr1Ek4kDxqqmSvi2XEyWjpQnDhLyp085nQfb-5mc3JZFWeVMnQHkIOGYPhtD7h7V508fQHa4v7OqD87Pt87PY2D6nct19qFH1qYZcRc7BlTED3dnbV67wGK7WV25NVTycdUmvK4sYrY559YYdT86fnfqGy0MylgN8hfQXBoZhcaGvx4ZbOyuiIICM6q7YFLoVbfiA0Ygnnl_ApkUObD1urBCTrbxdifBN7ylYtJ-j-x_uGCZicV-9yXHZb4MKS8fszg_W8d1eLo-p77JqCvd9lARFjjqofmhzeljb2THDz-lJS1ac97aHNdBBNMGDKSlJi__XfcMTQpJms42wVguBAAqA_hIfoNssf8ANIDXYGEMAOfUtWx7dYlVY2C0Vlk0x7UE9FchvBhOnW97eqCE_hZKO6sQ0DOHOK6WlsYkyuz1JgoI7JBMNu_gGlHt4RRlNssq1CGshIAp6W004xjXkKg3-_K05spYh0WCS6svazjmxMCBONtEBvTV5Dvd6LgBrTWfOy2fAGvQziGTz8XhR7uiv9TUW7PNonyPU8u34GbIirfUM4QXPQQq4amkAlIzkB5mTjD70j_KT_TDlcRUoOEqdmIhA4eKz0gb6VnyB85fRVU_lEeVvFVzxiQpaMjCMKmpYn_IDMOLy3ymUHsHoHO0WaJVz6bxMU8CH_w1lL8olozDcs7url186gMWW-vDEGK57KoNRF0q_ijDLyHrcufLsYqE3uyssT0yKEmV6yL9g6DeLXhhhWdyY9LgVB3fO3qJa557jor70m7GHP4ajHlMG1AGkjfllcPNzvP_1rWGr92Dt2oiqeMSDtZ3ZGf&sai=AMfl-YTKF1t6mReBvJBgxVoyeOfTmFyhEgO1cYvzv8mLBHHL0Vt89b5_-UFs9Tv-g58URmGI2N4PZSWcvlimd_NcTvkvFZWGIPGn0apt1phL7wAnbc_b-TUbHREoJwQSHxaENCNt8fZULyDYzMppHkuz5TsRvj0&sig=Cg0ArKJSzNIjcmgH3s62EAE&urlfix=1&omid=0&rm=1&ctpt=155&cbvp=1&cstd=152&cisv=r20210211.17532&adurl=

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 13:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5B11 23 KB
9 KB 13ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 16 Feb 2021 12:05:28 GMT
expires: Wed, 16 Feb 2022 12:05:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 263877
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9AEE 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 18 Feb 2021 17:22:44 GMT
expires: Fri, 18 Feb 2022 17:22:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72041
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83B1 0
46 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=Bs9TNzbsvYMDcGMatzAaTmYfQDAAAAAA4AeAEAg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 206 file.mp4
r2---sn-4g5e6nez.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277005/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B233 320 KB
0 15ms
8ms Media
video/mp4 2a00:1450:4001:29::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:29::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Feb 2021 13:23:25 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1171848/1171849
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1171849
expires: Fri, 19 Feb 2021 13:23:25 GMT
last-modified: Wed, 23 Dec 2020 17:38:57 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3-Q050 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 205F 28 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8006781/1605552983974/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26760
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Feb 2021 05:57:25 GMT

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B11 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 56695
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Fri, 18 Feb 2022 21:38:30 GMT

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AEE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 106165
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:54:00 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83B1 0
40 B 44ms
43ms Other
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 13:23:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Envia-250x250.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 2 KB
2 KB 9ms
6ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/Envia-250x250.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6013994f828686f043c253356d8acff89a84a2ecbcb7d231d90fb2896b67ec39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:41:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 13299
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
expires: Sat, 20 Feb 2021 09:41:46 GMT

GET
H3-Q050 200 LOGO2.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 12 KB
12 KB 10ms
6ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/LOGO2.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2b5ed54dd2fcd77093aff11a40bfd2c953b6074a94fead196f53d695ee28862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:36:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 28025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12398
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:36:20 GMT

GET
H3-Q050 200 tienda.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 8 KB
8 KB 11ms
7ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/tienda.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5604fb59b849cdede815eb90a6e65f4616f2d43cb997e0c17d24c28110eac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 06:57:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 23167
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8534
x-xss-protection: 0
expires: Sat, 20 Feb 2021 06:57:18 GMT

GET
H3-Q050 200 icone-money.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 4 KB
4 KB 11ms
7ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/icone-money.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e513c680aa12c32329453680f3dfff9381b9fd54ec04fdb3d38a3857f58df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:36:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 28025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3883
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:36:20 GMT

GET
H3-Q050 200 icone-banco.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 4 KB
4 KB 11ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/icone-banco.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae006bd86eaac0687d00531330d5392a47afc1394258d8a75b28a74d9c258406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:08:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 29719
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3585
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:08:06 GMT

GET
H3-Q050 200 banco.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 25 KB
25 KB 11ms
7ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/banco.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fdf37f809a4ee10a037d0192bfa0977351435ca3cf68dbe5a83585c80bff5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:08:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 29719
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26027
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:08:06 GMT

GET
H3-Q050 200 en-uno.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 3 KB
3 KB 13ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/en-uno.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab251a865c3dca168bda08e8d9314b2fd55458851ca83c1d18e577a8b10c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:36:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 28025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2855
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:36:20 GMT

GET
H3-Q050 200 02-250250.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 2 KB
2 KB 12ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/02-250250.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b652e0d335a124be4a39112f0c3662dca2d1fbf76f77285e8d748f6d836b8a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:36:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 28025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2085
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:36:20 GMT

GET
H3-Q050 200 logo.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 11 KB
11 KB 12ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/logo.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0f08fef4c40a9de782f5e04a28646446927ea72dabc92254a0e29679d00a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:36:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 28025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10840
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:36:20 GMT

GET
H3-Q050 200 mundo_1.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 35 KB
35 KB 14ms
11ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/mundo_1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1927f132faf6dc83e3de7f27b72af3e09867f435996599a55754d739a8ba430c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 21:24:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 57549
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35548
x-xss-protection: 0
expires: Fri, 19 Feb 2021 21:24:16 GMT

GET
H3-Q050 200 01-250250.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 6 KB
6 KB 13ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/01-250250.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e817f2ae04da1c130ce08b100d90adce8dd74c1dddea4c77ffc610a64ff082e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:22:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 10870
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Sat, 20 Feb 2021 10:22:15 GMT

GET
H3-Q050 200 nuvem.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 14 KB
14 KB 12ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/nuvem.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6343520cd46130b85e9a5a27dd5c43337e29469f077a903a370010266dc0a0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:36:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 28025
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14549
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:36:20 GMT

GET
H3-Q050 200 03-250250.png
s0.2mdn.net/8006781/1605552983974/ Frame 205F 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8006781/1605552983974/03-250250.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12c054d734bb872c31123cf9e3cb47b81df18304a3e9fa9ad965349f74c4ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8006781/1605552983974/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:08:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:56:24 GMT
server: sffe
age: 29719
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1710
x-xss-protection: 0
expires: Sat, 20 Feb 2021 05:08:06 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B11 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BgLrSzbsvYL-RGtHjzAbcnJK4AQAAAAA4AeAEAg&bg=!kZKlktHNAAXRs2QT0TsAKQB2-DxaF52BwjkvGArcplvyWXB7HpeyKligLqpnNfgmJ_81Ex6qkaymAgAAAMZSAAAAEWgBBwoAT7fJ2YuQpdM35KkgYj_5yG43eb2iMTi9a7QcljW65SlVpxb47n25RRAcjpTE7D5bmOeLZzUH1cNXlS3wjKyiNInJYgZ9RAr963FnvBm2x2-ZAjXLEwBxYBGgKw2vQhQaSFQt-jQheCDNf5T7iY2tFhiN9Z189YVf8khOfFB1Y8IqFq7XdizpKMMun8sNHU3m-1XrsUs7BrcO4OHCA0L8ZhT7oIR5Cudxl3WqmUk04OsOKzHJ0nBVnf9LkXIHGenBNBjy0vv4BijXkNprgFJ6CToh2W09hx7pGOo1KW2nyVQv7FEwVyRJiHTvnCYRW3NT9J2t9NdDsFt9ourRIYXEmtIqama-Q5ahL7W5j01N7W2vLeSkr1ty_5bJq8IekVHGaZweksYcZHk3O3ZmeRXh8FlXktTLlhOvAN9YBF_-wi4Oko5_MaJxWQ8eYV_3rgd7uof7pZ9jeiXaU85hhZe_HtqPbdkOHmdZtfQFXZ39a44d_LaZwmNeb59s-5TupX5DOoc9GShpkMgP8PwwATjM2R-Pp_GITdFm97XY_C4vXRFpORTOBiItDHBfMd2NKMwwMXCfUseJDosqEfx59rlXbn7qE_WpRZVEW1lLEMWGlOob5TR7ttcXMhpI0UP5IjQRMJuAtJeXwPYW7vIY6AoWT_S0MvLtHCMLoETzqDIdM3Brrw4jRfc5N-WvNqefkGu0fB3K52FlXeHJ4WmOpg3agSg3Jilp4PFgCUbb-aELF3EQJb7OI2qINfKDm0Z8RrwnUFIu1MZy5MSvjzm_mJbw9qDhGaWt6VcAtsTIQmuserWN5PjRoQGZpgI_MzlKVqaAuLIvxvM60-x3BGsm7dBRZBF_hS91Hs2N

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AEE 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs9TNzbsvYMDcGMatzAaTmYfQDAAAAAA4AeAEAg&bg=!fX6lfj3NAAXRs2QT0TsAKQB2-DxadDROM5MNL9m_djGiORItZhtZ_IyXVbi4N4o8bh9cnxs-xLoyAgAAALtSAAAAGGgBBwoA4rFM71f0Z29VobGWq42qSBdPmU1qCCsFZssuBUnYfBoya6QOgMFD5r2jzM1Atgm1Yu-u02BKt5c2npjtw8FqKNtSyifdkSeTTbByMVTgvidjqZ8Pc1-HHnheR6nv-lQ3oOEs9EnCsReq527DBwL8iOXE5vacccJnunwlOb8nzySVPtLQJ13pD3nIe-eES6x4pY5JCbUYfoACLhhzeXWIXzacWJz9hjq5_hSrRGIo5E2RGgjcO6uRa-Hbsz43eJfbUW2-NAER8zbRK_6lt2FbTYLxfKbT86pYPnuiudlQdbIu5ueZAlidXQhhj-I8Y1u1b4IS9aF_GtMEdKVpSz7z4eIWxvpCdaobzNvRdFDnu5CIXQSokwvKUTCY0qRAvekr4hCcviEpHjWzeo9iVK6c_chlgnfgUmg14Y-FkPhssXnrGUZ6-ScNc5237BRcrC597_7zkGBQZvJFUNIfosSioSupNaFsDegVHYOy46WTHtxqgJ3na8v_qCxn-eKA66S2kKyt-52u2or1Dmb98j7Wa2bJpkgWcqxe5f5Sy2eEv4jhZne0VrZTTFhbrQeSdLpYF9jX3iHdmoQfpFrgLEoIJ3-2Qt78aNIZwFJnL7YndQ_ji4bmCCV3T8PTLEU42nE0ik8y8L5jy6kPesMCUcgWwssGNwJrU8yEOhCmmbSHYJ7vaqzOgjT9Q5Lzh8FdC3t3fHn2awf9buQ1iu3ya6egCMPOTys9dqrbBS8rQ90DF8tKG6k-n13-jRLRBYsDn9_kwoiM29bd0tM8wX4qoWlMDJFcted6BlpR8SCvJ6XdpD3_8yOLib0x2PHrBeHaTTim1f6K_-aKqCuZlmrFtx2MaMIBcfrwz6AdjO82YwaEkae_0ZX3C8-OhbH1Lx2gUiWq1ugTF8E8wNbXNS-DqjmkagTRKtpA_9TdoyJl8I_IHe9yvVaq9H1l-j_t6z4OfEVcMKgqVvyAIPoZx9ChKCe9JnmtDmgpDREPWfUywWzZVOAoSt2rzx2OQI0py_NhOhiPPNFqwhbkcSLgxTGj5ZRUOUZERsrD9jTA8koCwacBxWSFUQAyKPCx8MWrW6-wv2FKipGCelcKmbGrYXGDH5w

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame B233 0
318 B 771ms
258ms Other
image/gif 2800:3f0:4002:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~klcbq8sx&c=1194716834540&slotId=597358417270&qqid=COHC99qF9u4CFdpMFQgdFzsKgQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2800:3f0:4002:808::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004892&bpp=29&bdt=661&idt=153&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UcOsk1XP7J&p=https%3A//mkoghzd.xyz&dtd=156
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C1F 42 B
725 B 63ms
50ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshWN5TPpZTJlbc98cBnhmP4BBHgU_z7eJREs-pu_8Q340qOrViqsv5tnhvLERt8nuuSZquWV7_5DrzY9_HVPWkj7NYwFCiafavsv7ffuZg0JC1tTmIfNa-cZB5cA&sai=AMfl-YTngAQbDlq3uJDBcojvYj9HGVLSnQG64lANpnUrgM80ssPz18BF9-aiEQ_OhPuA7N538p5RZZ_z9P81&sig=Cg0ArKJSzHMPI3KlJ4ebEAE&id=osdim&mcvt=1002&p=278,230,558,1005&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210217&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3168900938&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613741005044&dlt=322&rpt=43&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004887&bpp=5&bdt=656&idt=146&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xwqT8EUXJP&p=https%3A//mkoghzd.xyz&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83B1 42 B
66 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNbDf9JHmCY_eQbKyVLriFrPb7efLfIZHkTdXRYIYe3G4UHV52vtEyinV02GX33NjsEnAncWQI5bvjuZC7eA5luLO-H1fm4r2Selx9NCxq49lC&sai=AMfl-YSnNunUM430lE3To_WPNRMk_Ga5MqQ6j74giJFXA-j7IgW5BkInoyD2IweWi_NXnV69A1s9G9SW68j-&sig=Cg0ArKJSzE55BkR6UwTsEAE&cid=CAASBORoKio&id=osdim&mcvt=1000&p=1057,1053,1307,1353&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210217&bin=7&avms=nio&bs=0,0&mc=0.57&if=1&app=0&itpl=20&adk=2441527113&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613741005058&dlt=327&rpt=38&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIgPeL24X27gIVxhbTCh2TzAHKEAAYACCkn7JDQhMIm_j32oX27gIV1WQVCB0sMwjs;met=1;&timestamp=1613741015832;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 83B1 42 B
254 B 58ms
56ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPeL24X27gIVxhbTCh2TzAHKEAAYACCkn7JDQhMIm_j32oX27gIV1WQVCB0sMwjs;met=1;&timestamp=1613741015832;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIgPeL24X27gIVxhbTCh2TzAHKEAAYACCkn7JDQhMIm_j32oX27gIV1WQVCB0sMwjs;met=1;&timestamp=1613741025832;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 83B1 42 B
107 B 57ms
57ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPeL24X27gIVxhbTCh2TzAHKEAAYACCkn7JDQhMIm_j32oX27gIV1WQVCB0sMwjs;met=1;&timestamp=1613741025832;eid1=2;ecn1=0;etm1=10;

Requested by

Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741005&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741004985&bpp=1&bdt=754&idt=68&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=810153767010&frm=20&pv=1&ga_vid=58437577.1613741005&ga_sid=1613741005&ga_hid=1880246710&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068109%2C21068769%2C21068893%2C21068944%2C21069110%2C44734254&oid=3&pvsid=2783105680957579&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yzVQeGNKgP&p=https%3A//mkoghzd.xyz&dtd=71
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3fe59e39d8a9d3e8bffe6514385334c5ece01a9fe4e5dbcc9b74867b18502a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 13:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6414
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 13:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Feb 2021 13:23:48 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9979 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Feb 2021 12:30:16 GMT
expires: Sat, 19 Feb 2022 12:30:16 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3212
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 9979 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 106188
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:54:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=2783105680957579&bg=!5Oel56TNAAXRs2QT0TsAKQB2-DxagAcEVtoC5-gqyWT1WIHX9bv6Yx21HjIfcchV5zkrlZLcppINAgAAAFNSAAAAD2gBBwoAfmALXS_42hkVYqa7zQlbZpGO5Pi7uxvcmUvDf9mdKig65IZ_ieve19FUdA9_9HygRAHe9wrC3gSflfkQwsouai9b2zSbV0zbPuFfUDc6XkHk0r34eQW4le0NYOe260RJu5gR8zCu8AhfTAQIYuIyRjx7QKMABOoxNTc-Y5LkTpkB10NlQ_YmgqpEqCruZMA-hHV_nuq3IpLRRpNvetnupGh3hoPo_UGwShJwwh_J48qr-iZr1t2Sk0bLc-Rw1YZOTL-G-LujH5Df3TA6PdDK4edMi4XjUCrp3Qja4Ch5Grak3YsgtEIDckjicivNKt4KNLPdwQvdXF9Q9wp-4cc5Bom9vxz-8sHx6BtnobZsSdGJNp3cWHS_VAGw1qw4JiJqS7VynAYVSKcLBUnEHL4UGDOml69npwCkIZOr3us1_WJaswnPJipm3IH01qbXW06OtzZ_Jyt86sP6Ma5RB4vFml9R1LOYFN1lTjxscYmtcGaAT-U_1acftwut4I6XAkXLVJklg1v300osMmqrWDkU51d-fPWIFa5PLOZf4eZ-MweePhb4drf-X7FDKVuJ2dCLlryrhgDmj1hP64G51pJnwn1E9VY52XPL2C16gpHKp72ypNzbqyZlN_m6x6KEruY8J2qqzxcvbPhGfGxqRKaVBq8gHBXRG-5gpy617oxnu2vaZG_JC9gnLZ6iFxF19dYrgKMvE97bZL-YP7hTTClCyLzzjso-_jYWFPVaUiu7Sp0n8Ih5-h9Gxyq_weiBsnPeyyKiKyddFZHMhjmg2cI5iW5rcbOIk4gDjg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 13:23:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1279085251&web_id=1279085251

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
airw.net
bid.g.doubleclick.net
blog.with2.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
mkoghzd.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5e6nez.c.2mdn.net
s0.2mdn.net
s4.cnzz.com
tdsyi.centuriontelcom.org
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
s4.cnzz.com
142.250.185.226
142.250.186.130
142.251.5.156
153.120.49.87
183.90.237.33
216.58.212.162
23.218.208.246
2800:3f0:4002:808::2003
2a00:1450:4001:29::8
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
45.32.60.83
95.179.238.243
00691ea3935d37728cf216e29720e8e4ea81a3d24727062785ecc70283414aa5
02a94215980e0a9b1534964bf8c1fe26b45710405f9e0c9ebfab99ee961bf84e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b652e0d335a124be4a39112f0c3662dca2d1fbf76f77285e8d748f6d836b8a8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
172bfd5921a11de0775ffe8301cae959f6a3ee034dad890e5e208912d956f763
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1927f132faf6dc83e3de7f27b72af3e09867f435996599a55754d739a8ba430c
1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1dee05848e792b91d89bcb14b566f4789112d3752976856538eb0c6fa10d7f3b
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2027fcccfb252ec011d2e4f6d66cb26e633769657f512d0c587e92aedd4999de
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2ad09c09063c858b44add5dba6de5429baab5f28a236bf9410c87f520d6940f2
2c0f08fef4c40a9de782f5e04a28646446927ea72dabc92254a0e29679d00a78
46547a0dc2558600be24ee13a75bd1d389c39c1ec94a3f4f94ac7353541d133e
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073
4c010e7c28a5bd7a5a60ba2e97a90229c3f9953fe2e8827aa9eee4ce7e07ea60
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53846c7977d3e0b84b09cb8d5ad00dc72f2aeca1e571cead8afd02da3cdf5c01
557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52
6013994f828686f043c253356d8acff89a84a2ecbcb7d231d90fb2896b67ec39
63313604f88c1935ba43c48ab5678215d92432baff307ee2968306228bdd3e98
6343520cd46130b85e9a5a27dd5c43337e29469f077a903a370010266dc0a0e8
63c7d2c86efe633a9c57c690098698582b86d5b1884275ab714b0bd05fd2927f
6b29b371fe6f76fce7a682c0ca2ff6e1138d2ca192bb188766fcf7aa564bcd0a
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
73f3ff9b6ec5a12735716ede1adba865262a64a96503c4292555af49d49302c6
779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875
78e393d62ed44ea291fff2a29f94b13322fcc7c6cce6c34ffbece7ec475ed3a7
7e817f2ae04da1c130ce08b100d90adce8dd74c1dddea4c77ffc610a64ff082e
7fdf37f809a4ee10a037d0192bfa0977351435ca3cf68dbe5a83585c80bff5ba
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
916bc5e20412b6ac3436b53e5747a3760510076e64984a3cd13a44d6bd5ee056
9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f
a298a18616173be064d6c0ed93da22cbf5f24adef8e2868f72a9e1dbfc68fef1
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac93499d0c0749d12c09e1ee88a1efc64ff64c320690d133ffed23739d41f016
ae006bd86eaac0687d00531330d5392a47afc1394258d8a75b28a74d9c258406
ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
bbfa520b9c2d5ebed4312fc453b939276b4664e036c53d0f1f8af455ae56dc85
c12c054d734bb872c31123cf9e3cb47b81df18304a3e9fa9ad965349f74c4ec5
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c4e513c680aa12c32329453680f3dfff9381b9fd54ec04fdb3d38a3857f58df2
c536d43b70d61eb900141be6cafaaf2b1956c76b32b25ab3617e5e4a6737268e
c8df8e45d17a1be5d401772929a421398f7cb7d2991123bdbe0069f274a62f71
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
cc759efe94fdebef6235c770f3b4231bf7891c505da42935f06fa1fb73de63c0
ccb506c25fa20f53d4283003e7b33ca6e64aea32c419684bdb7d20a3ec2f7266
cf5604fb59b849cdede815eb90a6e65f4616f2d43cb997e0c17d24c28110eac0
d3fe59e39d8a9d3e8bffe6514385334c5ece01a9fe4e5dbcc9b74867b18502a8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d78af317c5d91360b382395f1e2dd0319d48281820f7c616115ed21da095ba51
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daab251a865c3dca168bda08e8d9314b2fd55458851ca83c1d18e577a8b10c0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f28db7a271d32d152deb794059743c93e9bc835e88f5bc0bcec65466204d94dc
f2b5ed54dd2fcd77093aff11a40bfd2c953b6074a94fead196f53d695ee28862
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

mkoghzd.xyz Open in urlscan Pro 45.32.60.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

99 %HTTPS

63 %IPv6

15 Domains

25 Subdomains

23 IPs

5 Countries

1032 kBTransfer

2745 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mkoghzd.xyz Open in urlscan Pro
45.32.60.83 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

99 %
HTTPS

63 %
IPv6

15
Domains

25
Subdomains

23
IPs

5
Countries

1032 kB
Transfer

2745 kB
Size

0
Cookies

102 HTTP transactions
4 data transactions