urlscan.io logo urlscan.io
SecurityTrails logo

mkoghzd.xyz Open in urlscan Pro
45.32.60.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tdsyi.centuriontelcom.org/wt/o9662u
Effective URL: https://mkoghzd.xyz/2021/02/19/265.htm
Submission: On February 19 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 15 domains to perform 118 HTTP transactions. The main IP is 45.32.60.83, located in Heiwajima, Japan and belongs to AS-CHOOPA, US. The main domain is mkoghzd.xyz.
TLS certificate: Issued by R3 on January 14th 2021. Valid for: 3 months.
This is the only time mkoghzd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 95.179.238.243 20473 (AS-CHOOPA)
14 45.32.60.83 20473 (AS-CHOOPA)
38 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 153.120.49.75 7684 (SAKURA-A ...)
1 183.90.237.33 131965 (XSERVER X...)
2 218.94.207.228 4134 (CHINANET-...)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 173.194.76.156 15169 (GOOGLE)
1 2401:b180:200... 37963 (CNNIC-ALI...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 198.11.132.221 45102 (CNNIC-ALI...)
5 172.217.23.98 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 2 142.250.185.230 15169 (GOOGLE)
118 22
1    95.179.238.243 (London, United Kingdom)

ASN20473 (AS-CHOOPA, US)
PTR: 95.179.238.243.vultr.com
tdsyi.centuriontelcom.org
14    45.32.60.83 (Heiwajima, Japan)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.60.83.vultr.com
mkoghzd.xyz
38    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com
ade.googlesyndication.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    153.120.49.75 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
blog.with2.net
1    183.90.237.33 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv7192.xserver.jp
airw.net
2    218.94.207.228 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
s4.cnzz.com
c.cnzz.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
21    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2607:f8b0:4009:805::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
bid.g.doubleclick.net
1    2401:b180:2000:20::27 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z3.cnzz.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2a00:1450:4001:6e::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednsd.c.2mdn.net
1    198.11.132.221 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
cnzz.mmstat.com
5    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
Domain Requested by
21 tpc.googlesyndication.com mkoghzd.xyz
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
mkoghzd.xyz
googleads.g.doubleclick.net
www.googletagservices.com
17 pagead2.googlesyndication.com mkoghzd.xyz
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 mkoghzd.xyz mkoghzd.xyz
8 csi.gstatic.com imasdk.googleapis.com
7 ade.googlesyndication.com mkoghzd.xyz
6 fonts.gstatic.com fonts.googleapis.com
4 r2---sn-4g5ednsd.c.2mdn.net mkoghzd.xyz
4 imasdk.googleapis.com googleads.g.doubleclick.net
4 fonts.googleapis.com mkoghzd.xyz
googleads.g.doubleclick.net
tpc.googlesyndication.com
2 ad.doubleclick.net 1 redirects mkoghzd.xyz
2 gcdn.2mdn.net 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
1 googleads4.g.doubleclick.net mkoghzd.xyz
1 cnzz.mmstat.com mkoghzd.xyz
1 www.google.com 1 redirects
1 z3.cnzz.com mkoghzd.xyz
1 c.cnzz.com s4.cnzz.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.cnzz.com mkoghzd.xyz
1 airw.net mkoghzd.xyz
1 blog.with2.net mkoghzd.xyz
1 tdsyi.centuriontelcom.org 1 redirects
118 26

This site contains links to these domains. Also see Links.

Domain
blog.with2.net
airw.net
okane-antena.com
www.rizumu.net
www.cnzz.com
Subject Issuer Validity Valid
mkoghzd.xyz
R3		 2021-01-14 -
2021-04-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
blog.with2.net
JPRS Domain Validation Authority - G4		 2020-12-11 -
2021-12-31		 a year crt.sh
www.airw.net
R3		 2021-01-05 -
2021-04-05		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-01-05 -
2022-02-06		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-02-09 -
2021-04-20		 2 months crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-07-16 -
2021-07-17		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://mkoghzd.xyz/2021/02/19/265.htm
Frame ID: 5932B27A8A4C13C1EF5745A266B89BB9
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 67F78C0860E6861BD243A5403888916F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&adk=1812271804&adf=3025194257&lmt=1613741328&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613741326139&bpp=1899&bdt=50&idt=2162&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5625903351200&frm=20&pv=2&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2184
Frame ID: EA9F1D704B05C38B036224D82243B7CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Frame ID: B035880030C40B8027E5E6AA24E83AB9
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Frame ID: E2C0F0492A423402D12DC1A538AB9992
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Frame ID: E75BDD7F6C4820B939A6325D2AED022C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html
Frame ID: B561A418E27380B76D56A8FA4C8456B0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C8U2vEL0vYNvLGPK_1fAP_9WF8AOKmLuMYajq6MSpDNLh0uCyARABIOXprGNglYq4gsgHoAGA5eznAsgBCakCz6sH7KIfqj6oAwHIA0iqBNsBT9AYxUum2Kb56v-otuGJhyxVm031nABTjxDr7JoGQLhbk5Z_xgpAfNvJmpNDynT6oC0M5XYe9huMIZS0jWJvbOxNhFmh3OsruLiPCZpLkuwDq2QOR_YSbKj7IDYtrfVsZqfNexeajqc7fS3xVlNGxUqCoOhBBpoiSYQnyS0ZQnRsCoRpyD1cdK7dkEQii-kfq2tm1Zdi-wsK7wZhCLQZXTn632NpL96y3b90HZ3i3sUGJl-9OHMUgoZdKL8CqbopV6l3GflWe8wNUPpIsUajlTlbH-SqwbkTrQwhwASl4ICioAOgBi6AB-iak5gBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELOURNIICQiA4YAQEAEYH4AKAcgLAdgTA4gUAbIXGgoYCAASFHB1Yi00MzM0NTk4MzU5OTc0Nzc3&sigh=PyrHESARdNE&template_id=419&tpd=AGWhJmtpPSTwThaWqSeoNeStH4YI_IS17swijtFFM1jkl3sRxA
Frame ID: 0AFF1CF283E432558D981B0AC00EDB05
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A617046844C5E9B07E56111BE7887AEF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: BEC900F857D9D456A673DD75EE87D7E3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3DB92C7FD710C4694D68DEAC312D3B29
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 83C639136315959DB5440D8CDCF81F30
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tdsyi.centuriontelcom.org/wt/o9662u HTTP 301
    https://mkoghzd.xyz/2021/02/19/265.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

118
Requests

100 %
HTTPS

54 %
IPv6

15
Domains

26
Subdomains

22
IPs

5
Countries

2173 kB
Transfer

3936 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tdsyi.centuriontelcom.org/wt/o9662u HTTP 301
    https://mkoghzd.xyz/2021/02/19/265.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 75
  • https://gcdn.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6E8186F745F0E026A08FB90081A9DDDB54A93D88.9D26A799BCA71A697D55801619FF478DFD4CE6E0/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/35B68930FA9F9A3A8F9943CD8D8D40C01707C382.116DA2F2F8A6E3BB1557DBA8BB1EB9976D78208D/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
Request Chain 77
  • https://gcdn.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/86B3F772370563B72094A80F63C690AC038D8E21.4101C907C1E34C325C288452A577B3E29818A14A/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20FB3087ABA823E3524B6E640FBB77A1CDBA00D2.1EAC6E14365837341C060BE04F44AF4F2088F8E3/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
Request Chain 90
  • https://ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/B24926691.287528015;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/B24926691.287528015;dc_pre=CM6P0fWG9u4CFXjJuwgdc3MEeg;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 265.htm
mkoghzd.xyz/2021/02/19/
Redirect Chain
  • https://tdsyi.centuriontelcom.org/wt/o9662u
  • https://mkoghzd.xyz/2021/02/19/265.htm
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
919b3f420679f1c76fdbfd9596e1d1b52f40511221434796000f8971c318697c

Request headers

:method
GET
:authority
mkoghzd.xyz
:scheme
https
:path
/2021/02/19/265.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Fri, 19 Feb 2021 13:28:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://mkoghzd.xyz/xmlrpc.php
link
<https://mkoghzd.xyz/?p=265>; rel=shortlink
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 19 Feb 2021 13:28:43 GMT
content-type
text/html
content-length
162
location
https://mkoghzd.xyz/2021/02/19/265.htm
strict-transport-security
max-age=31536000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a7affd051cf063820cca6c53eba5a6127bd248d112bcb1500e6154cf6d8464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
48525
x-xss-protection
0
server
cafe
etag
13846652425973723064
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Feb 2021 13:28:46 GMT
style.css
mkoghzd.xyz/wp-content/themes/teller/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/style.css?ver=4.3.25
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
73f3ff9b6ec5a12735716ede1adba865262a64a96503c4292555af49d49302c6

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 10:40:43 GMT
server
nginx
etag
W/"5f5f48ab-6064"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 20 Feb 2021 01:28:46 GMT
css
fonts.googleapis.com/ 		6 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,300
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 12:00:16 GMT
server
ESF
date
Fri, 19 Feb 2021 13:28:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Feb 2021 13:28:46 GMT
font-awesome.css
mkoghzd.xyz/wp-content/themes/teller/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/css/font-awesome.css?ver=4.3.25
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
content-encoding
gzip
last-modified
Tue, 06 Mar 2018 14:47:58 GMT
server
nginx
etag
W/"5a9eaa1e-704b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 20 Feb 2021 01:28:46 GMT
public.css
mkoghzd.xyz/wp-content/plugins/recent-posts-widget-with-thumbnails/ 		473 B
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=6.5.1
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
63313604f88c1935ba43c48ab5678215d92432baff307ee2968306228bdd3e98

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
last-modified
Fri, 12 Feb 2021 03:08:48 GMT
server
nginx
etag
"6025f140-1d9"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
473
expires
Sat, 20 Feb 2021 01:28:46 GMT
jquery.js
mkoghzd.xyz/wp-includes/js/jquery/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
content-encoding
gzip
last-modified
Sat, 27 Jun 2015 23:40:23 GMT
server
nginx
etag
W/"558f3467-176e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 20 Feb 2021 01:28:46 GMT
jquery-migrate.min.js
mkoghzd.xyz/wp-includes/js/jquery/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2013 15:28:25 GMT
server
nginx
etag
W/"51eea119-1c20"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 20 Feb 2021 01:28:46 GMT
custom.js
mkoghzd.xyz/wp-content/themes/teller/js/ 		145 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/js/custom.js?ver=18163975
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
cc759efe94fdebef6235c770f3b4231bf7891c505da42935f06fa1fb73de63c0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:46 GMT
last-modified
Tue, 06 Mar 2018 14:47:58 GMT
server
nginx
etag
"5a9eaa1e-91"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
145
expires
Sat, 20 Feb 2021 01:28:46 GMT
br_c_1531_1.gif
blog.with2.net/img/banner/c/banner_1/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.with2.net/img/banner/c/banner_1/br_c_1531_1.gif
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1dee05848e792b91d89bcb14b566f4789112d3752976856538eb0c6fa10d7f3b

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:28:49 GMT
Last-Modified
Wed, 11 Nov 2009 07:29:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"a2028a-967-478136316e840"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
2407
air_rank.gif
airw.net/img/kabu/img/2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airw.net/img/kabu/img/2/air_rank.gif
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.237.33 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv7192.xserver.jp
Software
nginx /
Resource Hash
46547a0dc2558600be24ee13a75bd1d389c39c1ec94a3f4f94ac7353541d133e

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Thu, 01 Apr 2010 02:12:20 GMT
server
nginx
etag
"8b2-48323647f4900"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
2226
expires
Fri, 26 Feb 2021 13:28:48 GMT
cropped-timg-5-300x75.jpg
mkoghzd.xyz/wp-content/uploads/2019/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkoghzd.xyz/wp-content/uploads/2019/06/cropped-timg-5-300x75.jpg
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
c536d43b70d61eb900141be6cafaaf2b1956c76b32b25ab3617e5e4a6737268e

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Sun, 30 Jun 2019 03:35:17 GMT
server
nginx
etag
"5d182df5-2bf2"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11250
expires
Sun, 21 Mar 2021 13:28:48 GMT
timg-1-150x150.jpg
mkoghzd.xyz/wp-content/uploads/2019/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkoghzd.xyz/wp-content/uploads/2019/06/timg-1-150x150.jpg
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
78e393d62ed44ea291fff2a29f94b13322fcc7c6cce6c34ffbece7ec475ed3a7

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Sun, 30 Jun 2019 03:14:42 GMT
server
nginx
etag
"5d182922-1b6e"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7022
expires
Sun, 21 Mar 2021 13:28:48 GMT
z_stat.php
s4.cnzz.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z_stat.php?id=1279085251&web_id=1279085251
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.94.207.228 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
fa180ca8c8ffe5b5dee2d80ac7965b06e7f0b4ecf5a1f2b2aa8e2aa8c63b918a

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:05:59 GMT
content-encoding
gzip
age
1369
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:13:29074991
x-swift-cachetime
5400
x-swift-savetime
Fri, 19 Feb 2021 13:05:59 GMT
content-length
4083
last-modified
Fri, 19 Feb 2021 13:05:59 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1613739959
content-type
application/javascript
via
cache47.l2cn1807[39,200-0,M], cache47.l2cn1807[40,0], cache21.cn2568[0,200-0,H], cache8.cn2568[1,0]
cache-control
max-age=5400,s-maxage=5400
timing-allow-origin
*
eagleid
da5ecf8a16137413286531643e
jquery.slicknav.js
mkoghzd.xyz/wp-content/themes/teller/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/js/jquery.slicknav.js?ver=95228275
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
d78af317c5d91360b382395f1e2dd0319d48281820f7c616115ed21da095ba51

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
last-modified
Tue, 06 Mar 2018 14:47:58 GMT
server
nginx
etag
W/"5a9eaa1e-51ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 20 Feb 2021 01:28:48 GMT
skip-link-focus-fix.js
mkoghzd.xyz/wp-content/themes/teller/js/ 		880 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Tue, 06 Mar 2018 14:47:58 GMT
server
nginx
etag
"5a9eaa1e-370"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
880
expires
Sat, 20 Feb 2021 01:28:48 GMT
comment-reply.min.js
mkoghzd.xyz/wp-includes/js/ 		757 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-includes/js/comment-reply.min.js?ver=4.3.25
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Fri, 15 Nov 2013 04:42:09 GMT
server
nginx
etag
"5285a621-2f5"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
757
expires
Sat, 20 Feb 2021 01:28:48 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f08daece0278f1d0abd27b0b20fa69cf0d5677d3340e3c786e2423bae4faba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87078
x-xss-protection
0
server
cafe
etag
13846652425973723064
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Feb 2021 13:28:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 67F7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210211/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Feb 2021 06:34:06 GMT
expires
Fri, 05 Mar 2021 06:34:06 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
cache-control
public, max-age=1209600
age
24882
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
search-icon.png
mkoghzd.xyz/wp-content/themes/teller/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/images/search-icon.png
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/wp-content/themes/teller/style.css?ver=4.3.25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
00691ea3935d37728cf216e29720e8e4ea81a3d24727062785ecc70283414aa5

Request headers

Referer
https://mkoghzd.xyz/wp-content/themes/teller/style.css?ver=4.3.25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Tue, 06 Mar 2018 14:47:58 GMT
server
nginx
etag
"5a9eaa1e-4c9"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1225
expires
Sun, 21 Mar 2021 13:28:48 GMT
fontawesome-webfont.woff2
mkoghzd.xyz/wp-content/themes/teller/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mkoghzd.xyz/wp-content/themes/teller/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/wp-content/themes/teller/css/font-awesome.css?ver=4.3.25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.60.83 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.60.83.vultr.com
Software
nginx /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin
https://mkoghzd.xyz
Referer
https://mkoghzd.xyz/wp-content/themes/teller/css/font-awesome.css?ver=4.3.25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
last-modified
Tue, 06 Mar 2018 14:47:58 GMT
server
nginx
accept-ranges
bytes
etag
"5a9eaa1e-ddcc"
content-length
56780
content-type
font/woff2
cookie.js
partner.googleadservices.com/gampad/ 		201 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mkoghzd.xyz&callback=_gfp_s_&client=ca-pub-4334598359974777
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
2c4f966ea8937350071b80775805fdf77bd1a690a3d6b7044f1a922602d4d5a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mkoghzd.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mkoghzd.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EA9F 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&adk=1812271804&adf=3025194257&lmt=1613741328&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613741326139&bpp=1899&bdt=50&idt=2162&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5625903351200&frm=20&pv=2&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8df8e45d17a1be5d401772929a421398f7cb7d2991123bdbe0069f274a62f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&adk=1812271804&adf=3025194257&lmt=1613741328&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613741326139&bpp=1899&bdt=50&idt=2162&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5625903351200&frm=20&pv=2&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2184
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Feb 2021 13:28:48 GMT
server
cafe
content-length
795
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:43:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Feb 2021 13:28:48 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613565174175677"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28346
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:28:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B035 		51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9979ea17d5d2b6db6e6a3613887dbf2a59f94aca252f94a951fac0206b842cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Feb 2021 13:28:48 GMT
server
cafe
content-length
13597
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:43:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Feb 2021 13:28:48 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E2C0 		51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac74a8b4bd2627bf7f8d4d01d5801709ec1e65418d54ee6d8c93b7fe0da294b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Feb 2021 13:28:48 GMT
server
cafe
content-length
13499
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:43:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Feb 2021 13:28:48 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E75B 		106 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d85870b3640fca4bb3303fe88f2e78f4e7a5c90aea940adf288a262c4e6db97c
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuTjvWG9u4CFfJfFQgd_2oBPg&gqi=EL0vYM6TGOHvxgOv7rXQCg&layout=/sadbundle/%24csp%253Der3%24/8724262990166509940/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuTjvWG9u4CFfJfFQgd_2oBPg&gqi=EL0vYM6TGOHvxgOv7rXQCg&layout=/sadbundle/%24csp%253Der3%24/8724262990166509940/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Feb 2021 13:28:48 GMT
server
cafe
content-length
33245
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 13:43:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Feb 2021 13:28:48 GMT
cache-control
private
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/ Frame B561 		83 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28fa81aff2a92eefe784e54a14bc6c4c5b20ed26ebe1839e7eb70ef192ec66be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/8724262990166509940/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Wed, 17 Feb 2021 13:39:48 GMT
expires
Thu, 17 Feb 2022 13:39:48 GMT
last-modified
Mon, 26 Oct 2020 06:23:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
20015
age
172140
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 0AFF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8U2vEL0vYNvLGPK_1fAP_9WF8AOKmLuMYajq6MSpDNLh0uCyARABIOXprGNglYq4gsgHoAGA5eznAsgBCakCz6sH7KIfqj6oAwHIA0iqBNsBT9AYxUum2Kb56v-otuGJhyxVm031nABTjxDr7JoGQLhbk5Z_xgpAfNvJmpNDynT6oC0M5XYe9huMIZS0jWJvbOxNhFmh3OsruLiPCZpLkuwDq2QOR_YSbKj7IDYtrfVsZqfNexeajqc7fS3xVlNGxUqCoOhBBpoiSYQnyS0ZQnRsCoRpyD1cdK7dkEQii-kfq2tm1Zdi-wsK7wZhCLQZXTn632NpL96y3b90HZ3i3sUGJl-9OHMUgoZdKL8CqbopV6l3GflWe8wNUPpIsUajlTlbH-SqwbkTrQwhwASl4ICioAOgBi6AB-iak5gBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELOURNIICQiA4YAQEAEYH4AKAcgLAdgTA4gUAbIXGgoYCAASFHB1Yi00MzM0NTk4MzU5OTc0Nzc3&sigh=PyrHESARdNE&template_id=419&tpd=AGWhJmtpPSTwThaWqSeoNeStH4YI_IS17swijtFFM1jkl3sRxA
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Feb 2021 13:28:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:28:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 0AFF 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:36:50 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0AFF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:33:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0AFF 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613565156040306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33368
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:28:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0AFF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
15217341015479086142
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:34:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame E2C0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:36:50 GMT
css
fonts.googleapis.com/ Frame E2C0 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 12:57:14 GMT
server
ESF
date
Fri, 19 Feb 2021 13:28:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Feb 2021 13:28:48 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/ Frame E2C0 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 02:30:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39486
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 10 Feb 2021 20:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 02:30:42 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/ Frame E2C0 		358 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b29b371fe6f76fce7a682c0ca2ff6e1138d2ca192bb188766fcf7aa564bcd0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34818
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127892
x-xss-protection
0
last-modified
Wed, 10 Feb 2021 20:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 03:48:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame E2C0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
15217341015479086142
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:34:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame B035 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:36:50 GMT
css
fonts.googleapis.com/ Frame B035 		8 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 13:09:42 GMT
server
ESF
date
Fri, 19 Feb 2021 13:28:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Feb 2021 13:28:48 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/ Frame B035 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 02:30:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39486
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 10 Feb 2021 20:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 02:30:42 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/ Frame B035 		358 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b29b371fe6f76fce7a682c0ca2ff6e1138d2ca192bb188766fcf7aa564bcd0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34818
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127892
x-xss-protection
0
last-modified
Wed, 10 Feb 2021 20:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 03:48:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame B035 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 12:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
15217341015479086142
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 12:34:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A617 		143 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkVgvRW65wHdiwAlb7C3RVx2no9wb7XCuhiQUbHM2miifAbFhgFZsGcM5hc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Feb 2021 12:41:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2843
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame B561 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 13:08:15 GMT
server
ESF
date
Fri, 19 Feb 2021 13:28:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Feb 2021 13:28:48 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B561 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 15:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 19 Feb 2021 15:52:29 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B561 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 17:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 19 Feb 2021 17:30:56 GMT
truncated
/ Frame 0AFF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9797b8da5c2ec9a45fee00c0c0464bf434fc4924a5dcf7a669a87114b95b119b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame E2C0 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~klcbx6gm&c=7543326086978&slotId=3771663043489&qqid=CIfkjfWG9u4CFWxiFQgdG68LIQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408%2C447279544&nsei=44714510%2C75259405&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E2C0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
335003
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 15 Feb 2022 16:25:25 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E2C0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
34210
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 19 Feb 2022 03:58:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2C0 		0
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CPiASEL0vYIecGOzE1fAPm96uiALzwqyjYZaOh-b_DM3G_d8FEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE2QFP0JTlA98eoYDwu3_wvpCQKKkI8eoobUITJ8T6R4NtkOo0IIPjkdPQyjg0k8HI5ugay4S5d1k1Zyuisi5fizTTLujZCLsYsMX2wVs01QhjY4BKOIWfBORSd0AJnHYd-CBoxa1JRLQ5hDKn0NAxHMZkE8S-maCdDxYhkroZT4FaTWcQd7cbafO5kNLyRLE1ErOOYOb5VHkyftBhj72g_XvFRh3-D1AxotVxLW-V-sYAtBMkje23UClv7VIJGWeUvAdmi2ibejZzr4PplUn7jgwRB88cjfIyjPxswATBwN_7vgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&eventType=clickstring&clientTime=1613741328895&ai=CPiASEL0vYIecGOzE1fAPm96uiALzwqyjYZaOh-b_DM3G_d8FEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE2QFP0JTlA98eoYDwu3_wvpCQKKkI8eoobUITJ8T6R4NtkOo0IIPjkdPQyjg0k8HI5ugay4S5d1k1Zyuisi5fizTTLujZCLsYsMX2wVs01QhjY4BKOIWfBORSd0AJnHYd-CBoxa1JRLQ5hDKn0NAxHMZkE8S-maCdDxYhkroZT4FaTWcQd7cbafO5kNLyRLE1ErOOYOb5VHkyftBhj72g_XvFRh3-D1AxotVxLW-V-sYAtBMkje23UClv7VIJGWeUvAdmi2ibejZzr4PplUn7jgwRB88cjfIyjPxswATBwN_7vgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame E2C0 		25 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DzA9262_tak6fCACz-uXZIxY82KnwXJ5bZWqwP0utGet2KhDxBbYARfusGyy4OXMw4tVjbs0NC8610aA1AHzkCTc1tgg&cry=1&dbm_d=AKAmf-CG2cXl1ljVODnBvOkV7lyzfvZ__X4m8IkK5sHiPx7fcX30xmLCg-_oZGkCdQFH8GsRL1wGkzIdCVdOPJmtbyVtcApE_fxEfdXsMXoWmQvMoxz6UN-XEZMOFYr-QsbUZEvwnisaxpZKewtVbok1t-b0k8OmIgZ6Kf5knuhK0uGmF3Hu-rY1t1D7Tn6irCcuBJutKjItP8uzH0z8VkP_vNNzLtN8ipP3HWtsWB4ezfWxPA7gFHVOp3GbBl_7nWarR1mQfB2uuqj4nRFA7KKkZ09-ViXDLl69BIJccLAAzCp86sBRfFii52-XLgzfDJUZkm8m_SqJa3jXklzgH_0c6lrk7h4CS8KrNes_uc3WOSHvsBzeYNFUrvlJK0z0Zgvk9ePdD6snGGCW000rRnLxEDl00ICbvqxM3C6mwIZCCVnT5ktYmTXdzg4n0DL2aHPWzckiZ3lthzUd8Qx-W1A5Fmpqm0t6iU-4ukrikMglJYgeDkEb-XtMej7zPy1La-o4rMGfKv5YHMx-OR3k0b3tMqVLbbb70XrAztFwxQynRB1oiYlxCW2et7_4GIqv6HSL2Z-GUNUNzFm-pKAja5ecV_5v_gFREe2PCOyYK1z_c7m_eWvGvbPhyFrxe2ihSmc96Vb5kU0IRAu2rXOM_eAiOkHRY8cBDih3EgZGFlZoVWc3spd70ZxsEJVK2LbK1dQS77cXdtjX5JEGHrBVL6Yq0mjwuE4offjdyXaWdmuBbM5FqY5JDkOHM4u8-5HbMOHtDe2d_EInxzQPfJHQfLOyP6eaWHpJ-CEyt0tqKjOkPkeXOtAFimznKG_IdQMAvAiPrWKr_DsX-MxC_x5DzPCbbl29B7rYbiL5UWKezc3-PuhDOlew6agpg4WWTWOE_xH5cRFb1mvDWnzXe6Qs1gTn-qzhL_hvt65l7emuyn-WpFePrnV9mAzR0Jlvu8nGnZmeEa0e4VVGLhAo9e6hTjKlFXjhKsNDSduwl2oXGvZcoNpa9Uyx_klGXbFCKfawcAQnYrG90K6ILK7-kS_Th1JKPna0D1a6PRLwKgntkfpt8Sy8qyNc6hGy30HR2yo5bnkXCbzPpciQjH2f0pdXuEN5nm-JIrD3PjzW_PIqrYEqiAKIA1QgMiApblx-06m8lnbrKsYrtCd_lOqnr0AhJiAH9w81xE1hw1CxZXdmCBSalfP7UQOIa44hyJ0lqQb9SdMVsHGGSa2bIwmKTXNNhnSgU8G8ZsBeE0NPMuIOIUXHMulZxsjOUKV_0QokAha5wA0MG7SiU_vwiUKl50Sv5CYzxXTu3cMXGGFngED8T799-mpmLRbutfrHkDYjYywmJtK6b4qyZWleMd57ptxQOJVXySpA02cAraQCQnk6w_rnf11MEv3VHYKZklyl9N0Zy0_MQmJtVSIfe3qFSCgZRL-eOe4VZjkm70tYyamG_2lMGh_wqUL4m3CNhtt9kUmYcdsIv08WOmIkaj5MaOQ4I6zvhI5b58YpDWKb-G5do1z3jTKOw0VD1C-xs4fCbsz-iRzCRmzEfDqekJ3wpuv3_zUpIy3YcfqCgUbvz4OdYZU-D1iI76pRqY5UUC5lYDhBPtYjn2w5QCz--QwiKcwJppyhNj58TGeqdQR38C634QqOc_UPpeZhKm24SqUzUHAQC00W3t19xp4QXdrbdZTwFIdLjBEkCHWOQcDfY-XFciXuSF6Iihtx0Oi2YGlp5i6tgIJJl309eAgixvhE4DdNvWLzcSMP4EkJEo2L7k7zPgCTYUCGRVFSxiqg6EqVe_h7nZGapf7qfghjmclZLGMx--g0cGiBi5ZHipsiQpR3Q3hTiQRSCNWi9dMEMgEu3GKlb67QjZ4YzzVvB2XQSigO1CJY73bS3BTKXG0k8VPYnPEtC3zKgOrfPmOj-YrLtHrEoPxMrJIBNzg0NvODVOkAsY-agsPTjARg_8plTgYa9MUYF1Q62S6LlaBi4cRzGCYMakDh61vr1m_3JqnStbw90AHQmHNZeF0-2TGBZkV581JGk4MHgOM_0bVhYgEupIhTGNX4OK9ZuB6nkJiTXAC2LxyUVPnKYg5qpF10w6nn_9mMgShkncPXJmxT7nGdLTQoL0RjB5hmrsrSJiawEX_zoIEqEUOjrriZn_9FCCMV_dR3BlsKpu88ZZYKseF4L2dh6q7nvBt3S-Ij0a-RPOuFEkdhtIFCAxKB-HC1eWNEevldcPRnZvmRpTqS6ma5EANdrT9vHIf32K3YfnHorwxF5e2g20vDfLshFt1jiDaWGjCBcvutdS3roOpTEQoyyLgwMX-bS-6bOxMyMcD5greh67vp91V9i6WHWPmSrGvVXZNdMyaEd2Om9DaB6_ZN9imihLOKkYsipAZ873ZjdyUA23fNRT00lbH3NcWfJiqSjnatqhLR13sIJFpegvWra7HpSKQZeJyxY1ujdpBpvq1xcR39V3FSH1U0JTeKipAgqXlKdEggypNx1aeQJZMaZ2g6hFhPVpP6b6UhEXTkl6aR98TdzCuPxkNI2zQ2pp5CVZDtPRtvBvMMLIysVgC279Cwi4N4oNQR3cmOiwaws2Y8awxa37zQU4euQ8h9WAZYIOev51evAKQRQfgUB_6A2_5qsyeGe6kQOeZ6EyBcgXSIUAbwLAHMxJfPcRqO8AviueKXkiXD3ApCwHzj0jMxZLa1B2IYd1g1bQWIrq8rGc6y0N8apGN6N0smCz2TRbjuAV__FQPYfX-UXM35owKunAEGq5JkP87GiSyRLBoDJDVxmE2MV6VEhtefVvb0mD5WN2JXch-HhIHp3t5najv6W6vnjObN77mJiVo6A8VbhUE22TiBEoeXQ46hlI3KNOwEUQtsgf39j4CqZOHgUF-DlN6IwNaiBOHIOmCKhw6WBGTdv63Kp4_x5spkxBFQ9sqKi-cxbYXXEM2FW4kQynqX8OnrbC49l2Ew7BOieNwRUIs00qFo7kHfz23ZdpQciGj0LV4SXrw1UQGOTjwIhD-Z8UeftE6gwLoZSzlsSGwysr15kLxMwvCgzCMBdmf8oz9qIW7LpyQW3cq6H0OzRi1wo6jpS5ZHnScTrVRBFo4wHkYAhJtIAHclcBleO4-lSRWGlq34L_1aJXkiKuh71RzNQlgRj33yuX73LBcyZvp1KaDdmwm7y1wEp-kFNEWDjIQSuT38s4qzjy92v2gg2sDDJoDxuAPG-XUFzYsamLRHNSMP7rvgT21dTZN8nUbh7Zl726YQrPDZzUWz_aic8mHo-q_-I8mPAK0XXmSxX7f8v7zTq2XskagKQ9jSow&cid=CAASBORoyaM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
417c9000284ff49c6b10856fb21857cc18f054c17de32056d524b362bb995163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11890
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E2C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGa9rEL0vYIecGOzE1fAPm96uiALzwqyjYZaOh-b_DM3G_d8FEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE1gFP0JTlA98eoYDwu3_wvpCQKKkI8eoobUITJ8T6R4NtkOo0IIPjkdPQyjg0k8HI5ugay4S5d1k1Zyuisi5fizTTLujZCLsYsMX2wVs01QhjY4BKOIWfBORSd0AJnHYd-CBoxa1JRLQ5hDKn0NAxHMZkE8S-maCdDxYhkroZT4FaTWcQd7cbafO5kNLyRLE1ErOOYOb5VHkyftBhj72g_XvFRh3-D1AxotVxLW-V-sYAtBMkje23UClv7VJRGK1xL8UWGbVJhXOnUJ58HW1kBj6SoP2fAtUqwATBwN_7vgPgBAOIBZnh3cotkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeop9hrqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwkQ9FIYs6qSmgHSCAkIgOGAEBABGB-ACgHICwGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAGyFxoKGAgAEhRwdWItNDMzNDU5ODM1OTk3NDc3Nw&sigh=CYFr1W6PztY&cid=CAQSGwCNIrLM1Ihfxpst6gLVz07Zy13p5fRk0rVLgg&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Feb 2021 13:28:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame E2C0 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4bede1d0765553a727bf4e11dc6f57a19b35bb3811e4353340a02d2df68a48b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame B035 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~klcbx6hx&c=2039882716890&slotId=1019941358445&qqid=CLukjfWG9u4CFVWrcQodUIEMaQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408%2C447279544&nsei=44714510%2C75259405&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B035 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
335003
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 15 Feb 2022 16:25:25 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B035 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
34210
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 19 Feb 2022 03:58:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B035 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&eventType=clickstring&clientTime=1613741328937&ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame B035 		25 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CQ1dShqvfNe2Rds9nXLZp-QtgftqONO0AgAgC0x009AEBz5pEKZ1SSo3RykYm5-HrwWdDdYvNQ8PZR4p83UG1c4gBwTA&cry=1&dbm_d=AKAmf-ClsRDU5wo-ROlidLdRoilpl_QHgqlBODpHSoSCaGU03iZPggf6NbJdJNSf4MxnDWlr7g897uO3YyR5z1CE9x0vQ_2u4weC7Rj7UoW9hBT8m7vhqzIOQljP2-xUOGDVQ-YqbZ_dleb_idMxTzbXK0ZluJMU33a_GmPyOThlLM9YO_rxtzOMVvfiu8seVx8f9wLmPaDvq9ln5o3bGpfG9JdXPTuWZkDD9lIYZeRRgLKnybq_GXkFHP0lZkrC9sRA-gFSW1OAOaFAdY9HdmsKSQo-Pst25dl2R1DOfFfwt2oOLpHR9qDOgGldNT1vYq5p965DNlf7UB8rxavl506jwzYtGiAYfiMT4TagAhKzyXlv-vNFAtzjmpizMrvm191qJNYB1_22kml7B39YrDSDpVHG0_sjH3QoxPNr6D-Uj-6g_lFWe9n0sRl7UesajrSr-J6vhWvnIEbHrBtrJerwXkjGOm9-lxc9TqzfI1PNfTm46iYdYIv2k7XMk5Fvh1QSctAB667wCWHM_CR6R7AS7qc1FQY-mcxa4WnqrlQ5SzeIWen9AuM3qkP_WfpUmY9XR023_QNh37i3FDb5W8iomKeXYsL86qZ6a3CSg63oybS3sJebvfBWMYd2DomvhK7u9XEbp0H9ME4kT4Il89kRNPgX0Pf6CB7Am6MixeWje7IUsyabFhoTK0OOYs1H2vNB9yNA6j7hmXvWOx4rqbAv8zsr_zfgT_Z-G31eH6qYYMprpUgPlEzlZgcA_i4fAZSpqS5-G41lXPpe1xCO-6DE6zMpoAQFYrRSZHJmMmrcNkLIbV-7kEBzKxeMa68N9A6iitamXP_OKE_sCfnN4I6tgxO0UzEhBFuTuKGWPBspYc5zjrOUXw4wcEI4r7ioDow8sBl-hqWTqbsF0RiUofjTr1kFzaLtvKFirST5gVWvlpQFd1Hg7qjF0mrMZTdUdLlQWXuJ0zIDSir8xnAlWC5bbQBi4A044kOpUV0IBV4HzY_6SL_7i-NOp-ovoBLICxQXkaYCQnpq9xWUpxZxPIEUSKCHhpmyRGGV098x-38VasPfEzttoeuQZAJyaYYJ1kV3vr17XnOwpPCkAMsA53bt96P5mhUefrtEdiWrE6B8gaB5FGlvs8O3j9GI7fjnOPYM_0kWchjEIwjbtooOvT2hswk1k6iQ-qxC8_NwI-0z5w2jR9kGL3RCEwLOArbvqup-3GI1N1sC3O5piOzsTPOWlpm52San_Kf5JOSWHHowK3rGUAJI1pwLi_WdHwA0amV7DjWAhjwbmlJ5cjlZrbgib0bWpWzg_gM7ib9iEdGLjsT3Va80KGJq9j_2n1wD1mCL7uE5D49RY8_j5Le2vQOIp1PvgjRKffQvAbEi-QzlKtwHexCXw_-wpB__B_F4eZWNVshxYiBshJE5ZeV_blrd8aSPykWT_SoNyZq91yRCOfs2mmpO8Ixmk0h0SNjKR6VWJHrZuhaTb6m7Bahd6frY7Q3CDXgkff1ldfx4a9vgshHAMvnu83tj04V2WXAvL-yxhL_UmXzyJ5TT-1aj0Tf3H0SjycfLGrvjILYJxN_l8C1f4OMi4cBJiE353aBTqw4OojitPMeSyDNLUTFsrJglO_hvIPLu9FiC6E6uNSebmbV_kxhjFWFRTg8VwZ4n8T-z5LscAADcdhXGdDulxx_l4nKmrMtLHWUKvgkyTjXgXsDdCqsxHTggr3fUjgqQ805JOrPomrVJRzEzgrjJ2FcQ_zU8nYUk7vX3hvxK0_y0LOtKX1MHtUNuDUSGwdTC2cB5m1I1t9hJWcftc5s52hEJcL8ABIHuMtnqMlq-CnyELjl033SSybUSgJ8_UimSkGVFL3IgBivrVGLMgrXa-zdNmEJuvtyut92AI_VN0wcDU69KxCDZ25FMDVNnA079ZgnR89RxJWGrnmnLzquP1A7VroMBTAybgyBCpEbY-XcNg2P_yHPKM4s5GZEkiFYA8CDkqHSsH8MKa_66f4yrwEhWR8XvzAVTymmbv2xPfuh6aGTKagfmBH-lREvsbtdoPC2TunfYNLqbYKOljo3LgqPge69_gCJrGDAQuypHWyJDI3L5N9yyy8-UB9U3dtQ4CE5gEMfoh5L_bBz2PZ7QTnGOV3xhOyxd5YyZMJfAG2c7up5T_mEb878Y423LG4iuR7kMDKV0ieIn9Lsxn_iCkuqel1-0jHuWEzluN4rNWJaQsQE8yN6daWh7u9IbqBdzMwYxyrJ1eGAm74QPH9DxAlXYQQgZhE90umPS8TjXCPlmnBQ3oudtzDANafc7p40n4UOaYqeEgZrt6jtEpWADAi9RLAbhzzYj0Vcw8pAnQZ2ms2MFikcacEw2oDevPlPpoYhNdAmVhk806M97JTeptKTJzLXNtVw5Fbpmji0OnsXLQPZH92SwtedZQAGTeC78e8D5kXeT9-2sR_hlf-TphUrvNkTFjMMSpicm4W7oxbWbmkpGAAa8S1yZ87Rb9_rjdQeuACLfxHWSoX1rz7yee9A_vwneDGXxO9FrT9j2acNbNCnm54_KktjUraOU5HmC5dOIlFSHuWMPpxv_VPlvbq_uWIe7gaeXhzPcQZrQKBO0-NSlzuPucpPkMpvL0RiZwd9wpkKnYqhojObQA9K5irS5zHQzvERp7q8_6jFAN-R9_L8C2uahJjFv7iEBW2xhEtB6hLCJCJCSQ_Nmn-hGOihZW9o2RY7mdf0jYNfTDGgJaPLchBsKmKpnfjDE5ScswOzDEes4RFgh0inRXY7nFhJ_WJrcqCcjkdWNWxihHScUnNzpOMXNzceTx-GE0__FGnBd9vEBhc0Y-Pidr3MvNtE98RzLLC1p0Ni0DJYUZf0IvJjijYYhof6Vw_eWlNpL7daAzRzGKhlA7uofm2UVgR9hKefd3WP8jCc8iPSgPmO8btUt3e61mC-A8xCrht1de7kJeQS6v1HMMKL7i7fLUdQWQ935JfDJuyzfZioHOfQ5Tv7q6sUrIGyq4P6ScwklYZFEQ8KPUoPncuDYtOBSoKTxgtT5UeAH41MTpxMFNyWmq6IcgOLN_KrNj8JgdadhZCLqjEXy8_c1g3H-qBA8Mnb_JL2VhjRW5OAhPcrpOpuUisuGAPLrulqgnut__FqWdEG7AGLi0E1gV2E1xObPuqkJYwlD49WwfX23BGtUWwWWcehRjexDTXVHDqhB4hrh4-RRTGbG_Lkxu2MlWqEa_F2dchqaI_YATF2gQ9QlNEdPvCHcOTOtheS58x0NRjYdIumG5VYA9OBNJVbQ2GPru2ByPokR7XpAU6YXtshRvV4-J03FyfAGWt28GNEofKb8IFBwjN-MSTJtTGMYlG8NBOe1iMW0w1Af0ANZLCe6Y2q5f_dFHemOv-1JJ6fk1Y368-GMXJ6r_S1pAzg8ujk-x7liLFcwjUxQcQ&cid=CAASBORozhI&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
bbb95d42d0a0924507352fc715aad4e6c0f0c9a5a94fa754eb7efc464d11e9bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11922
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B035 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTd2cEL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3AFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH6cr2e5HT0Q6V8KhyhpYe4f7rlAa8DxBL8vrMJ6wASVocXSrgPgBAOIBZStpcktkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeop9hrqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwkQimAYs6qSmgHSCAkIgOGAEBABGB-ACgHICwGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAGyFxoKGAgAEhRwdWItNDMzNDU5ODM1OTk3NDc3Nw&sigh=EGFdWvzfozc&cid=CAQSGwCNIrLMPiD2bJzocu6u2004bxVwR2QWvQZ-tw&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Feb 2021 13:28:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame B035 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3315edeec72db6fc838150c6c3c887c4c260c905db7cd4a21ec78c9fd76b956

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
core.php
c.cnzz.com/ 		969 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1279085251&t=z
Requested by
Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1279085251&web_id=1279085251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.94.207.228 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
964416c1b69f0de4d400b82a6a330191e0995779c50a8991ce22a6183560031f

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 19 Feb 2021 13:24:01 GMT
content-encoding
gzip
age
288
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-cachetime
854
x-swift-savetime
Fri, 19 Feb 2021 13:24:47 GMT
content-length
620
last-modified
Fri, 19 Feb 2021 13:24:01 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1613741041
content-type
application/javascript
via
cache32.l2cn1807[0,200-0,H], cache16.l2cn1807[1,0], cache7.cn2568[0,200-0,H], cache8.cn2568[0,0]
timing-allow-origin
*
eagleid
da5ecf8a16137413290904100e
expires
Fri, 19 Feb 2021 13:39:01 GMT
stat.htm
z3.cnzz.com/ 		2 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z3.cnzz.com/stat.htm?id=1279085251&r=&lg=en-us&ntime=none&cnzz_eid=2027183979-1613739959-&showp=1600x1200&p=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&t=%E5%9B%9B%E5%AD%A3%E5%A0%B1%E8%A8%98%E8%80%85%E3%81%8C%E9%81%B8%E3%82%93%E3%81%A02021%E5%B9%B4%E5%BA%A6%E5%A4%A7%E3%83%90%E3%82%B1%E6%9C%9F%E5%BE%85%E3%81%AE10%E9%8A%98%E6%9F%84(2%E6%9C%8819%E6%97%A5)%20%7C%20MK%E6%8A%95%E8%B3%87%E7%A0%94...&umuuid=177ba7a8a4172-00c57f8cd00d9e-1b396256-1d4c00-177ba7a8a42a65&h=1&rnd=1873500562
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:2000:20::27 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:50 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B561 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Roboto:regular,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
34210
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 19 Feb 2022 03:58:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B561 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Roboto:regular,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
335003
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 15 Feb 2022 16:25:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A617
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkVgvRW65wHdiwAlb7C3RVx2no9wb7XCuhiQUbHM2miifAbFhgFZsGcM5hc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 19 Feb 2021 13:28:49 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 19-Feb-2021 14:28:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Feb 2021 13:28:49 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 19 Feb 2021 13:28:49 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js
pagead2.googlesyndication.com/bg/ Frame B561 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 07:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
106489
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6187
x-xss-protection
0
expires
Fri, 18 Feb 2022 07:54:00 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/ Frame B561 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/logo.png
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a5803d6689efddb59c91e1b427378c86fc2b9f8f556958b3076093b2363bfd1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
75485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6199
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 06:23:58 GMT
server
sffe
date
Thu, 18 Feb 2021 16:30:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Feb 2022 16:30:44 GMT
btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/ Frame B561 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/btn.png
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
041695b5fb50118184c7f635d74b30026167090b9bf4559d457872a64bd87849
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
244221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3148
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 06:23:58 GMT
server
sffe
date
Tue, 16 Feb 2021 17:38:28 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Feb 2022 17:38:28 GMT
bg-layer-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/ Frame B561 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/bg-layer-2.png
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6170b9e582edc94e97836f0e430e8d72e08dcfe5a9945f6be6668687b3a31247
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
201
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6034
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 06:23:58 GMT
server
sffe
date
Fri, 19 Feb 2021 13:25:28 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Feb 2022 13:25:28 GMT
bg-layer-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/ Frame B561 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/bg-layer-1.png
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec4f95a0a6d7790fc3dcbe29f4a0886f9a14983785210f030bba75c0f1c69e3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
121094
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2966
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 06:23:58 GMT
server
sffe
date
Thu, 18 Feb 2021 03:50:35 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Feb 2022 03:50:35 GMT
background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/ Frame B561 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8724262990166509940/background.jpg
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c6ab7be431a7f388eb2104ec1ecfa4037c144e2db235f0045f35ba3bb0c80cf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
244221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73154
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 06:23:58 GMT
server
sffe
date
Tue, 16 Feb 2021 17:38:28 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Feb 2022 17:38:28 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame E2C0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136632
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Feb 2022 23:31:37 GMT
file.mp4
r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E2C0
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/35B68930FA9F9A3A8F9943CD8D8D40C01707C382.116DA2F2F8A6E3BB1557DBA8BB1EB9976D78208D/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:6e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:28:49 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1171849
Last-Modified
Wed, 23 Dec 2020 17:38:57 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 19 Feb 2021 13:28:49 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
server
ClientMapServer
access-control-allow-origin
https://googleads.g.doubleclick.net
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/35B68930FA9F9A3A8F9943CD8D8D40C01707C382.116DA2F2F8A6E3BB1557DBA8BB1EB9976D78208D/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame B035 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136632
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Feb 2022 23:31:37 GMT
file.mp4
r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B035
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20FB3087ABA823E3524B6E640FBB77A1CDBA00D2.1EAC6E14365837341C060BE04F44AF4F2088F8E3/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:6e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 13:28:49 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1171849
Last-Modified
Wed, 23 Dec 2020 17:38:57 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 19 Feb 2021 13:28:49 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
server
ClientMapServer
access-control-allow-origin
https://googleads.g.doubleclick.net
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20FB3087ABA823E3524B6E640FBB77A1CDBA00D2.1EAC6E14365837341C060BE04F44AF4F2088F8E3/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B035 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~klcbx6i2&c=2039882716890&slotId=1019941358445&qqid=CLukjfWG9u4CFVWrcQodUIEMaQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.kk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame BEC9 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 16 Feb 2021 12:05:28 GMT
expires
Wed, 16 Feb 2022 12:05:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
264201
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3DB9 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 16 Feb 2021 12:05:28 GMT
expires
Wed, 16 Feb 2022 12:05:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
264201
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js
pagead2.googlesyndication.com/bg/ Frame BEC9 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 21:38:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
57019
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6215
x-xss-protection
0
expires
Fri, 18 Feb 2022 21:38:30 GMT
d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js
pagead2.googlesyndication.com/bg/ Frame 3DB9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 21:38:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
57019
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6215
x-xss-protection
0
expires
Fri, 18 Feb 2022 21:38:30 GMT
file.mp4
r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E2C0 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/35B68930FA9F9A3A8F9943CD8D8D40C01707C382.116DA2F2F8A6E3BB1557DBA8BB1EB9976D78208D/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1171848/1171849
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1171849
expires
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 23 Dec 2020 17:38:57 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
file.mp4
r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B035 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/478f3e47958bb471/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1645277329/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20FB3087ABA823E3524B6E640FBB77A1CDBA00D2.1EAC6E14365837341C060BE04F44AF4F2088F8E3/key/cms1/cms_redirect/yes/mh/WQ/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1613741067/mv/m/mvi/2/pl/41/file/file.mp4
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
482afdb7aad714a640a1a1dbb1d0adfe94cba47a72e40c8c9bf078eca3f5c165
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1171848/1171849
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1171849
expires
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 23 Dec 2020 17:38:57 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame B035 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~klcbx6mq&c=2039882716890&slotId=1019941358445&qqid=CLukjfWG9u4CFVWrcQodUIEMaQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F478f3e47958bb471%252Fitag%252F347%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1645277329%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F86B3F772370563B72094A80F63C690AC038D8E21.4101C907C1E34C325C288452A577B3E29818A14A%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9.gif
cnzz.mmstat.com/ 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=1836422724
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.11.132.221 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D0%26nas%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D13056%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1613741329391;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B035 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&sigh=s9uBf_2A3t8&label=part2viewed&ad_mt=15&acvw=sv%3D888%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D13056%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1613741329391
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B035 		0
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstn37KL2JpbbVqizbj_R31SAy7xiIOiC_sAMQfrk1SUEJriw4i6bMWNVYUAA0wwu_WU7gtviv3TysrIh2zcTRwxOL8Hjp43eEosNPvrjnNtxTQst9VjUEA58u5_ZY7GxWYP9OHmuqqV6guq9Kaw70UsKHPuYqwdHKrRUman2vboEQESVg62nMMFOkGyb9gAMtgQYKKJ_egAu1BVgBMYO45BtLU0muw_gMrPahlj1sQ9n__C0wPr2VR9nrEZ5jS5nPd5MFAGDs9hTJ7tuC4r320G4isD1SNYhI0wC0Zw5YnylZmIcgwKjumjd1a2Hkezrhtz_x1hnxB33S3TzoM12DVXkfxqYLu_spSBQw7jOMtMg6ndhardAMg4CjAnyvWA608mV9qOlpfPUZo6UPKN8AFC94f2C7Ody0cQAdctimrpn_LebOir9FmDglrMUfVVR7Cc4HmAn3Ev8CyiOsXrMGf5I6S5XEZOiN2xqHFnQ37FIJlkzmUhJgM2d2VyzG6wxto5urwVxbXO0m5EreGjQ1i59bqDy1ZnAgHsTsQ_LhJ_-R1MG853p6IvkLU9f86A3qAAA-qI899eG91SCb6DMOUjSer0jafe7NLeABf7Zgi7FhOIxvzbC8gFL8R6m-f4t8Hg4rsPoKASQWKllO6mIcVjqiQMKPPz9e5Nm6BjYOxZ-epu8J3kwW3_eFixQWelS0vlMqB7QeIpKcb1KTcB5OTU5tX-bKXL9aOeU5WwwFL40VVbolj6CQCeLniQA23WIaI0pLefq091C6mnfWr628_TenTHenhTQnToajgtCVbBEjNSfBd08s4azDED49fi8OvtyhrosCZxvyu9IY43cuMccvq_sBMUsqtXjWPXXoozJdmN2G0IBC3Z1yB4R2ZwZqervSOFC5ZSadcPt0dkH3-0KzCcwIKS6PaXsiYiWrC7T0BCpU1kw9dRNg8ipT92BvvgvLFmQzWM7EHe1p2AvHuHwdY4Jmx3-OJxUvnc2y_YKTGsQ3_1EVobYoRcXrdkxH7lLPPd6FyAhY0-ZAe2lFgBUInx3GRzyN_xi1qAWR-PqgKHOrS9k-WLxXSrnl0rK_m3y7NeTAKz2fpTO3OreDTlBde23-798GrU&sai=AMfl-YTC7FFCL7m-OPZ5IDEUQWJ1krbXFT2qZMETgH8y-Nv2SvKMXLa8i78JC1e4r3SgRfMIwTFaMUhUVCDY6MOlXCOp8PKMaC7WCj5KgPRz59evz2qO67Q94qRUdV5e_RqxNR1Fx6XYU-31d1yGeg_2270pnB4&sig=Cg0ArKJSzBd1iBcAaq_QEAE&urlfix=1&adurl=
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Feb 2021 13:28:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
B24926691.287528015;dc_pre=CM6P0fWG9u4CFXjJuwgdc3MEeg;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/ Frame B035
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/B24926691.287528015;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
  • https://ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/B24926691.287528015;dc_pre=CM6P0fWG9u4CFXjJuwgdc3MEeg;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_r...
42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/B24926691.287528015;dc_pre=CM6P0fWG9u4CFXjJuwgdc3MEeg;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N6410.279382DBMCADREONARGENTINA-/B24926691.287528015;dc_pre=CM6P0fWG9u4CFXjJuwgdc3MEeg;dc_trk_aid=481211953;dc_trk_cid=140226436;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B035 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeIGhCX_XAYs6qSmgEgATAB&v=APEucNV2SpwL0cZG54uNJg8n4FWes3545aplA2wtAVDJ7KDEIU2YHekwH39T2qaAcE6lQkWKCxju9IgJXro_SNpJHNuBBN4zCw
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B035 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D15%26nas%3D1%2...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D13056%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1613741329391;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B035 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV6YVZup9hW6hHHWFhcnp32yz4V2b9gNJJyRYm8u_9ztQ_q6a5pRhwKcQxzgpqKaXqkyDvZ0U_qJNp1jOn967KmEGLtyZr8n_jJnzjIqB2xo0D&sai=AMfl-YQUoMbBukEkboON21lUOFlP7O5-NmZ1D07BVhEUovnSHxQl0_T02yVUlKiG53fKzjtuUKLAronXcz8o&sig=Cg0ArKJSzFFV0wgVorGBEAE&cid=CAASBORozhI&id=lidarv&acvw=sv%3D888%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D13056%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1613741329391&avm=1
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B035 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&sigh=s9uBf_2A3t8&label=vast_creativeview&ad_mt=15&acvw=sv%3D888%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D13056%26vmtime%3D15%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1613741329391
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B035 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~klcbx6pl&c=2039882716890&slotId=1019941358445&qqid=CLukjfWG9u4CFVWrcQodUIEMaQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&dm=13000&event_name=first_play&asset_bytes=203530&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.tb
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEC9 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BmES3Eb0vYIZ54oT1-A__n5i4BgAAAAA4AeAEAg&bg=!dXaldjXNAAXRs2QT0TsAKQB2-Dxa3GFKH0PoVoAol1qdmUriDzVoMr2Y4aq8165SnPuKRfBOcE4WAgAAAQ1SAAAAHWgBBwoAdUvPWQ-8bfQldU424KOR0WK9dU9ChKuShks78LaYbvp82JaY7z2zMA5bPJhsD24UaZ69qhGBrPnFAeynO3oTKwFW4WzchNZplOBFj-_zp6q-AMF_jtrvy7CzR9bT0LSpGI-z1hczstxZ1SI7XZjrVlA1VZWOQJkCV2hScYH0ny-GH12ChItyvAZXDOYXe0UhPEs7eYgcwKBb3gW2w1wLCSz-TolVIfltkgTT8i-VGEMTvSPapWhnkqw5IHktv5R3N5wjmpENpGjsGztv1CoVWiciQTtrpY3L7ghirz_5tWZU6XT_SDs1t7ArFE7-_Sz2DVdk274NY_Xy8TiGVPBZhP6uYAe-RwqNzJiCoIOispfPYeSdWEew8-_PD3Iu5hjVPwHL1Oj9UmrOeRfOWwqNKGsP9VYRImrpeH8ZaehL0hJMbKn1C4uPUgXl6v2S5ThV4W8YXjRD_FYUYD8BMQXk-S0QmWT9TVwKt7aPq-q48KTk2TUV8w64iRYjcCrX6XZDVN8EwopUJDD5WHUmbmjzJnjCtrQcuL4jO9p5PkUL6gFQQ_kUaWSX_4EknWPDDDA1UXFfRb_RSG5nwkAqDpX1VRFtSXQmfWgW6puZgZGGZ39z_6GDXXPASb29N_xP1b0Z2QPoT31cBVZ-kclioufMY-_ImS2lkAFcm12AW0DtbR06FSkjtwkirrS_7RGySmynfKkm2iHkg2LalfvrHH4Eu1bVO9-cGcouOWLvbefR1EmWZq6pWQF68_tLstbNLpdQqS82tDG1-AYebByasaVwBhf9jtqLxfdGWNQMds8yYY8L6ViR1MGhZMQAk_gBFFpiqBRiTGFZBqNNZV4T_ZL_YJjCeD7M358tyxh-SgPwP-tnbWDkf49XgMx5NXtsgX7hmjI-ddCT3cUvH3WDARsJwD1MPS_t1B3vEiMjR8fC8hPU9X2kI7Fa_yNvtt1HFws0
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB9 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BgEH8Eb0vYOaCAYOblgSNuJDYCAAAAAA4AeAEAg&bg=!np2lnd7NAAXRs2QT0TsAKQB2-DxaZf3-7Y_0lTuWcO64SmEqyVHFBbBKJcx00nddJkH-X1qU2PiIAgAAAQRSAAAAJGgBB5kCStYS4143oO7NvG97f-1mHcDRse4dRqoIOV9pSXNrUcbQejkcKiQd8MbJj3JvUutmCyuHrhX8OqJNTbkzibtNUYQA1D-JHWWozfKxBql0xp3_HkH2YHt81Wmd6WrCqSE2s5EwmPRxx33DhCZGrJc669bKNoh8_ZuiCum5HBqF6TZIm4Zq9ciI0Y8P9zOkFIqPWI4mdG35YzVPAsohTIqGAU8czl6d3QZB1W-mNb5UETTHnVi1ccSeyyzJNiyhHx78uwnttED8tH4bI-KSvGiUhHAK0nilKvJItrgb5NOee2r7IF7ukyeyV3-_T9eaQT93N9dd_M0VDBOwrCeeNPYw8-2FVRu368ejVb4Oc8EjvbFrNyom4erFn3E10bQB__p4VJd1rKvGQUC_m7Xzm6G42S0wDQX8rg8yNuvvKbSP1PCa5D0c4ztfvrvpJ3dslDqOQLHhMiE5fbMz2AuDyEljDOss_j8iR9VfGYPd9WVpTx1fJf26b9IBBx8yNZzal45syMb6eBjl9N89B5vr-qRavGzc33ypahpVAGXSRX4mG4BX-_a-qvgwVv5Eb6a069gs3w-hELXQrqAdIYpXT6_LdMMzotwjlpALsPr6dpTEl-lfMvEA9n5k3HD5Fd6XZ1TG0LlJNUePHyOkBfQKcC_jckGaIeX17XQ7QSRWi25SAtnlDNV7TdoL0ymytRxShCrwSMgTLI9GUiW9AgCqIDb4PjOKfra5OLuBsu7Upz2xW81gVCT0IsLo8NiqHMjLSXPcKsvDRFAoArUnrBM
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0AFF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIzM_EL0vYNvLGPK_1fAP_9WF8AOKmLuMYajq6MSpDNLh0uCyARABIOXprGNglYq4gsgHoAGA5eznAsgBCakCz6sH7KIfqj6oAwGqBNsBT9AYxUum2Kb56v-otuGJhyxVm031nABTjxDr7JoGQLhbk5Z_xgpAfNvJmpNDynT6oC0M5XYe9huMIZS0jWJvbOxNhFmh3OsruLiPCZpLkuwDq2QOR_YSbKj7IDYtrfVsZqfNexeajqc7fS3xVlNGxUqCoOhBBpoiSYQnyS0ZQnRsCoRpyD1cdK7dkEQii-kfq2tm1Zdi-wsK7wZhCLQZXTn632NpL96y3b90HZ3i3sUGJl-9OHMUgoZdKL8CqbopV6l3GflWe8wNUPpIsUajlTlbH-SqwbkTrQwhwASl4ICioAOgBi6AB-iak5gBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELOURNIICQiA4YAQEAEYH4AKAcgLAdgTA4gUAbIXGgoYCAASFHB1Yi00MzM0NTk4MzU5OTc0Nzc3&sigh=yUbYX-sfxMY&vt=1&template_id=419
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Feb 2021 13:28:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0AFF 		42 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss875BhQPH-hbsUrLeL01B0_JtyFJns1n-Sjk9vF-CFsuslLH0p6Ac-8skrKhxMAiutj9YCySR1qHyjs1z6ILeZvnm2pihJuL29xBj4tb2kH5rclPUbhL9ovX5wfQ&sai=AMfl-YRU890SckpbFLdHhZ96JZcqUBElVIrZFxRPh4axRHghLIRjUFveH5ps9jfdTr6ew2sBNLVbm6YTrbxr&sig=Cg0ArKJSzMpQiMh811AaEAE&id=osdim&mcvt=1002&p=1057,1053,1307,1353&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20210217&bin=7&avms=nio&bs=0,0&mc=0.57&if=1&app=0&itpl=2&adk=2441527113&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613741328381&dlt=279&rpt=34&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=250&slotname=6400979756&adk=2441527113&adf=1265514632&pi=t.ma~as.6400979756&w=335&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=335x250&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328272&bpp=1&bdt=2184&idt=105&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RwnstdfLJz&p=https%3A//mkoghzd.xyz&dtd=108
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E2C0 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~klcbx6gx&c=7543326086978&slotId=3771663043489&qqid=CIfkjfWG9u4CFWxiFQgdG68LIQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=3734629942&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328163&bpp=31&bdt=2074&idt=208&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C775x280&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zlLq8VeV5V&p=https%3A//mkoghzd.xyz&dtd=211
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D9%26nas%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2201%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D9%26pst%3D1%26dur%3D13056%26vmtime%3D2216%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2201%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2008;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B035 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV6YVZup9hW6hHHWFhcnp32yz4V2b9gNJJyRYm8u_9ztQ_q6a5pRhwKcQxzgpqKaXqkyDvZ0U_qJNp1jOn967KmEGLtyZr8n_jJnzjIqB2xo0D&sai=AMfl-YQUoMbBukEkboON21lUOFlP7O5-NmZ1D07BVhEUovnSHxQl0_T02yVUlKiG53fKzjtuUKLAronXcz8o&sig=Cg0ArKJSzFFV0wgVorGBEAE&cid=CAASBORozhI&id=lidarv&acvw=sv%3D888%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2201%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D9%26pst%3D1%26dur%3D13056%26vmtime%3D2216%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2201%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2008&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391
Requested by
Host: mkoghzd.xyz
URL: https://mkoghzd.xyz/2021/02/19/265.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6ddfec4d31c37549ca91e7fbdc18b0691e2ff1c7570a5004a2201376b6bc186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Feb 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6400
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102160101/show_ads_impl_with_ama_fy2019.js?bust=exp%3D31060009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 13:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Feb 2021 13:28:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 83C6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mkoghzd.xyz/2021/02/19/265.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mkoghzd.xyz/2021/02/19/265.htm

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Feb 2021 12:30:16 GMT
expires
Sat, 19 Feb 2022 12:30:16 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3515
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js
pagead2.googlesyndication.com/bg/ Frame 83C6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 07:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
106491
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6187
x-xss-protection
0
expires
Fri, 18 Feb 2022 07:54:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=2986191558325568&bg=!jo2ljc7NAAXRs2QT0TsAKQB2-DxaeyZl-0JWehvvckoGQFqn1sUdV36qNzzU9kvp5baOL_1IUobTAgAAAFlSAAAADmgBBwoBR_YC0HSleQUxa7sw6YITNKFplSvUtGcAtM_1vxU8iQ2lFZBrhTVsNWPrPyludeFipw6y2ShsKOyrc_NZtVw_YCqaTt3vRA7WSSlCUfw3wDpj0zvAFhnjjw4bJMGA1eV_PKsopfTOtWjPlOvggc9q9o3yPR8z6c2PjyLZt0QcEMaa6IYVca81Ea7679eDuJL13kIDaNtKjVUKEkujViDrX0GBxmc5ZH1D_hzciBmXx_jVThyRfIAUnN1bkqyteSaK0n-R7iTZaEuaUtj40TMgfKK2BoaLoltforl6UrW_3IKAkhcd60s3dmXQN7ONRRwjzkV8bSk7yvnzwnOgreg23u0qaZhceBDJWxh3NANzVfbob7dcj3VUeBhAwaRf0tE_PgWMgRkGgSTF1yFyIjrVOVEyfXD5kDm0lCfBJZ7WoY1uMX73TNQ3iJkBwCEX4CJCgd1ssnJdjw7hC2dC5y8k_OfT1eSgbRsFuOtNtnOztPo7NY7PbvCdNqWjpEebeZ10wOpb6OFL2or5faWovnOhYU689vGCNK8jmn6OVpKl9eyDD7UZI5_h9dlNf5CC6L_xAhDzwLtiDmuYW2EPjAdGKxt7HlrAll9003AJJjQ4h_AJOsrhZX3unxOhQ-wJKPF88oQSKlQuhfqhhhLH4rfHSONcBnHqI5eEMPmKtEZ072SDXUnqo0hR-sNaf71xBoZFu7bGU7v-KjPtXL_VeMGD32JBMABwyXnUuWXs798slEmlwkh9q4jN3yzOAbsN5j_dgJVwJGMDBvK5ZUQdTZIOMwO4ictce0GlKEloN3WOUE_QMHOApWWKfgho8hRKRkPtjaFPQLddKztbMj-RCNwU7AsUfRLm3Tval04zUMdHwX-tGTmOi0-jRI7eYQq1bL7qZDmgpx0-nq_U7AxZyEytJfp6xjdeXz-GfzlOOZkcTX4NJyHx-dZyspcf7-cSo8fOmvbiKD71KtwnJ6NvWjQuYYPjoBXhoiVJkurd9wbBQcKCV0AMW9p8u6GPG3QyzKpcKHB1M-8ZlEnu0gE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkoghzd.xyz/2021/02/19/265.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D1%26nas%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D3217,0,0,0,0%26mtos%3D3217,3217,3217,3217,3217%26mcvt%3D3217%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3410%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D9%26pst%3D1%26dur%3D13056%26vmtime%3D3425%26dtos%3D1209%26dtoss%3D2%26dvs%3D1209%26dfvs%3D1209%26dvpt%3D1209%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3217,3217,3217,3217,3217%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3217;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391;ecn1=1;etm1=0;eid1=960584;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B035 		42 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&sigh=s9uBf_2A3t8&label=videoplaytime25&ad_mt=3425&acvw=sv%3D888%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D3217,0,0,0,0%26mtos%3D3217,3217,3217,3217,3217%26mcvt%3D3217%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3410%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D9%26pst%3D1%26dur%3D13056%26vmtime%3D3425%26dtos%3D1209%26dtoss%3D2%26dvs%3D1209%26dfvs%3D1209%26dvpt%3D1209%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3217,3217,3217,3217,3217%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3217&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D2%26nas%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D6467,0,0,0,0%26mtos%3D6467,6467,6467,6467,6467%26mcvt%3D6467%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6660%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D9%26pst%3D1%26dur%3D13056%26vmtime%3D6675%26dtos%3D3250%26dtoss%3D3%26dvs%3D3250%26dfvs%3D3250%26dvpt%3D3250%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3250,3250,3250,3250,3250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D127%26psv%3D126%26psfv%3D126%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,6467;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391;ecn1=1;etm1=0;eid1=18;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B035 		42 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&sigh=s9uBf_2A3t8&label=videoplaytime50&ad_mt=6675&acvw=sv%3D888%26cb%3Dj%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D6467,0,0,0,0%26mtos%3D6467,6467,6467,6467,6467%26mcvt%3D6467%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6660%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D9%26pst%3D1%26dur%3D13056%26vmtime%3D6675%26dtos%3D3250%26dtoss%3D3%26dvs%3D3250%26dfvs%3D3250%26dvpt%3D3250%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3250,3250,3250,3250,3250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D127%26psv%3D126%26psfv%3D126%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,6467&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B561 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=333.0000&a1=https&f1=layout_html&s1=0&d1=49.0000&i=475856975264&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F8724262990166509940%2Findex.html&gqi=EL0vYM6TGOHvxgOv7rXQCg&qqi=CNuTjvWG9u4CFfJfFQgd_2oBPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D3%26nas%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D9716,0,0,0,0%26mtos%3D9716,9716,9716,9716,9716%26mcvt%3D9716%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9909%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D11%26pst%3D1%26dur%3D13056%26vmtime%3D9925%26dtos%3D3249%26dtoss%3D4%26dvs%3D3249%26dfvs%3D3249%26dvpt%3D3249%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3249,3249,3249,3249,3249%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1023%26psv%3D1022%26psfv%3D1022%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,9716;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391;ecn1=1;etm1=0;eid1=960585;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B035 		42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&sigh=s9uBf_2A3t8&label=videoplaytime75&ad_mt=9925&acvw=sv%3D888%26cb%3Dj%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26tos%3D9716,0,0,0,0%26mtos%3D9716,9716,9716,9716,9716%26mcvt%3D9716%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9909%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D11%26pst%3D1%26dur%3D13056%26vmtime%3D9925%26dtos%3D3249%26dtoss%3D4%26dvs%3D3249%26dfvs%3D3249%26dvpt%3D3249%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3249,3249,3249,3249,3249%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D1023%26psv%3D1022%26psfv%3D1022%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,9716&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B035 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~klcbx6vi&c=2039882716890&slotId=1019941358445&qqid=CLukjfWG9u4CFVWrcQodUIEMaQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&dm=13000&met.4=5s.4s3~10s.8n0~2sbc.9er&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F478f3e47958bb471%252Fitag%252F347%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1645277329%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F86B3F772370563B72094A80F63C690AC038D8E21.4101C907C1E34C325C288452A577B3E29818A14A%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:29:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B035 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~klcbxgxc&c=2039882716890&slotId=1019941358445&qqid=CLukjfWG9u4CFVWrcQodUIEMaQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=521&mt=video%2Fmp4&vs=1024x536&dm=13000&event_name=first_pause&asset_bytes=1379354&video_bytes=1171876&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=25&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=13.06&video_muted=true&video_seconds_loaded=13.06&vqdf=1&vqtf=326&vqfr=25&endedMediaDiff=-56
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210210_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:29:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D4%26nas%3D1%26...
ade.googlesyndication.com/ddm/activity/ Frame B035 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIps-z9Yb27gIVg42FCh0NHASLEAAYACCkpMJEOhgI-8L3axCVocXSrgMYqdWzCSDNoOujgA1CEwi7pI31hvbuAhVVq3EKHVCBDGk;dc_rmcid=CAASBORozhI;eps=CIDhgBAQARgf;met=1;acvw=sv%3D888%26cb%3Dj%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26p0%3D0,0,0,0%26p1%3D7,134,273,642%26p2%3D7,134,273,642%26p3%3D7,134,273,642%26tos%3D12846,0,0,0,0%26mtos%3D12846,12846,12846,12846,12846%26mtos1%3D3217,0,0%26mtos2%3D3250,0,0%26mtos3%3D3249,0,0%26mcvt%3D12846%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13039%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D19%26pst%3D1%26dur%3D13056%26vmtime%3D13056%26dtos%3D3130%26dtoss%3D5%26dvs%3D3130%26dfvs%3D3130%26dvpt%3D3130%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3130,3130,3130,3130,3130%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D16383%26psv%3D16382%26psfv%3D16382%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,12846%26ss0%3D0%26ss1%3D0,0.07,0.07%26ss2%3D0.07%26ss3%3D0.07;gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391;ecn1=1;etm1=0;eid1=13;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:29:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B035 		42 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CE_w1EL0vYLvcF9XWxgPQgrLIBszOrKNhzaDro4ANx7fWx9IdEAEg5emsY2CViriCyAfIAQWpAg_gismDHUg-qAMByAObBKoE3wFP0M3FpzRgOFVDjFwo0cOSzKC87hHktQrUSFe1BF6JHt_AUHUt92GGF-f8E2tB_P4S_WKhhBWhzcYtIvtWLRAtrMKfA1OlrdqoWaRL47ipRfjgP2bRWk0vYUGH4cK2rJyadreB6moYDPirie0HiWYQr-XuBYRP4fJFk8dpxcMworyp9OYnhtoK3DuiXrUDnc2afbcFjS4ESQiGEiyxY1rXRWglcyjMWFRoq0wiDDrfYNQOsiFg6xRsx19irZtyUH7Erq1cjv9ge4LYeG29nqDFGc-QnOVujJuwDOViWbZNwASVocXSrgPgBAOQBgGgBnaAB6in2GuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE-Xn0wrIE6nVswnQEwDYEwqIFALYFAE&sigh=s9uBf_2A3t8&label=videoplaytime100&ad_mt=13056&acvw=sv%3D888%26cb%3Dj%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,134,273,642%26p0%3D0,0,0,0%26p1%3D7,134,273,642%26p2%3D7,134,273,642%26p3%3D7,134,273,642%26tos%3D12846,0,0,0,0%26mtos%3D12846,12846,12846,12846,12846%26mtos1%3D3217,0,0%26mtos2%3D3250,0,0%26mtos3%3D3249,0,0%26mcvt%3D12846%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13039%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D19%26pst%3D1%26dur%3D13056%26vmtime%3D13056%26dtos%3D3130%26dtoss%3D5%26dvs%3D3130%26dfvs%3D3130%26dvpt%3D3130%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3130,3130,3130,3130,3130%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D665224675%26psm%3D16383%26psv%3D16382%26psfv%3D16382%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,12846%26ss0%3D0%26ss1%3D0,0.07,0.07%26ss2%3D0.07%26ss3%3D0.07&gv=atos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1613741329391
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4334598359974777&output=html&h=280&slotname=6400979756&adk=3168900938&adf=1387507198&pi=t.ma~as.6400979756&w=775&fwrn=4&fwrnh=100&lmt=1613741328&rafmt=1&psa=0&format=775x280&url=https%3A%2F%2Fmkoghzd.xyz%2F2021%2F02%2F19%2F265.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613741328157&bpp=5&bdt=2068&idt=202&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5625903351200&frm=20&pv=1&ga_vid=461131982.1613741328&ga_sid=1613741328&ga_hid=1658068207&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068109%2C21068769%2C21068893%2C31060009%2C44734254%2C21065724&oid=3&pvsid=2986191558325568&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4jqMs4tK2w&p=https%3A//mkoghzd.xyz&dtd=209
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Feb 2021 13:29:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1279085251 object| cnzz_image_1581627713 object| cnzz_image_550237474 object| addComment object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
airw.net
bid.g.doubleclick.net
blog.with2.net
c.cnzz.com
cnzz.mmstat.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
mkoghzd.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5ednsd.c.2mdn.net
s4.cnzz.com
tdsyi.centuriontelcom.org
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
z3.cnzz.com
142.250.185.230
142.250.185.66
142.250.186.130
153.120.49.75
172.217.23.98
173.194.76.156
183.90.237.33
198.11.132.221
218.94.207.228
2401:b180:2000:20::27
2607:f8b0:4009:805::2003
2a00:1450:4001:6e::7
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
45.32.60.83
95.179.238.243
00691ea3935d37728cf216e29720e8e4ea81a3d24727062785ecc70283414aa5
041695b5fb50118184c7f635d74b30026167090b9bf4559d457872a64bd87849
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1dee05848e792b91d89bcb14b566f4789112d3752976856538eb0c6fa10d7f3b
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
28fa81aff2a92eefe784e54a14bc6c4c5b20ed26ebe1839e7eb70ef192ec66be
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2a5803d6689efddb59c91e1b427378c86fc2b9f8f556958b3076093b2363bfd1
2c4f966ea8937350071b80775805fdf77bd1a690a3d6b7044f1a922602d4d5a8
417c9000284ff49c6b10856fb21857cc18f054c17de32056d524b362bb995163
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46547a0dc2558600be24ee13a75bd1d389c39c1ec94a3f4f94ac7353541d133e
482afdb7aad714a640a1a1dbb1d0adfe94cba47a72e40c8c9bf078eca3f5c165
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
5c6ab7be431a7f388eb2104ec1ecfa4037c144e2db235f0045f35ba3bb0c80cf
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6170b9e582edc94e97836f0e430e8d72e08dcfe5a9945f6be6668687b3a31247
63313604f88c1935ba43c48ab5678215d92432baff307ee2968306228bdd3e98
6b29b371fe6f76fce7a682c0ca2ff6e1138d2ca192bb188766fcf7aa564bcd0a
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
73f3ff9b6ec5a12735716ede1adba865262a64a96503c4292555af49d49302c6
779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875
78e393d62ed44ea291fff2a29f94b13322fcc7c6cce6c34ffbece7ec475ed3a7
7ec4f95a0a6d7790fc3dcbe29f4a0886f9a14983785210f030bba75c0f1c69e3
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
919b3f420679f1c76fdbfd9596e1d1b52f40511221434796000f8971c318697c
964416c1b69f0de4d400b82a6a330191e0995779c50a8991ce22a6183560031f
9797b8da5c2ec9a45fee00c0c0464bf434fc4924a5dcf7a669a87114b95b119b
9979ea17d5d2b6db6e6a3613887dbf2a59f94aca252f94a951fac0206b842cf2
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac74a8b4bd2627bf7f8d4d01d5801709ec1e65418d54ee6d8c93b7fe0da294b4
ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
bbb95d42d0a0924507352fc715aad4e6c0f0c9a5a94fa754eb7efc464d11e9bb
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c3a7affd051cf063820cca6c53eba5a6127bd248d112bcb1500e6154cf6d8464
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c536d43b70d61eb900141be6cafaaf2b1956c76b32b25ab3617e5e4a6737268e
c8df8e45d17a1be5d401772929a421398f7cb7d2991123bdbe0069f274a62f71
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
cc759efe94fdebef6235c770f3b4231bf7891c505da42935f06fa1fb73de63c0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6ddfec4d31c37549ca91e7fbdc18b0691e2ff1c7570a5004a2201376b6bc186
d78af317c5d91360b382395f1e2dd0319d48281820f7c616115ed21da095ba51
d85870b3640fca4bb3303fe88f2e78f4e7a5c90aea940adf288a262c4e6db97c
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3315edeec72db6fc838150c6c3c887c4c260c905db7cd4a21ec78c9fd76b956
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bede1d0765553a727bf4e11dc6f57a19b35bb3811e4353340a02d2df68a48b
ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08daece0278f1d0abd27b0b20fa69cf0d5677d3340e3c786e2423bae4faba99
fa180ca8c8ffe5b5dee2d80ac7965b06e7f0b4ecf5a1f2b2aa8e2aa8c63b918a
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7